r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3044
Expires: Mon, 09 Jan 2023 07:50:41 GMT
Date: Mon, 09 Jan 2023 06:59:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e4bdd77c0369662aa71ce2d01fd3edab
0ab1c5857e200e7e7946424c2c844537bfbb9775
a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5988
Expires: Mon, 09 Jan 2023 08:39:45 GMT
Date: Mon, 09 Jan 2023 06:59:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 75f0037a1d53a9a5321a796206ec3e24
70d42c9bf1334f20e1cea4ce3c8212e0e780ee77
80ec1e61f9563e799c9f44ea31e616c37daea1b9670091fbbc6efc39ebafe3d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EC1E61F9563E799C9F44EA31E616C37DAEA1B9670091FBBC6EFC39EBAFE3D3"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9043
Expires: Mon, 09 Jan 2023 09:30:40 GMT
Date: Mon, 09 Jan 2023 06:59:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 09 Jan 2023 06:41:37 GMT
content-type: application/json
age: 1100
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PjToWM2jHER3QCJzN7qhHRfxXAobzFaj4A3ceV1hSvmzJ3CC3PRHhEdobw0ifHea8OspTul1hA0=
x-amz-request-id: 2696202AGPYTR9AE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 09 Jan 2023 06:01:08 GMT
age: 3529
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
seguro.comprasline.com/
301 Moved Permanently 134 B IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
Analyzer Verdict Alert openphish Mercado Libre
fortinet Phishing
GET / HTTP/1.1
Host: seguro.comprasline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 09 Jan 2023 06:59:57 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://seguro.comprasline.com:443/
X-GoCache-CacheStatus: BYPASS
Server: gocache
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 06:59:57 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 09 Jan 2023 06:17:22 GMT
age: 2555
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0cecae92c5ccbc835d8d29e10f969def
0e33ba3b5f06d1f0781cce05924c10d67983c4fd
455ca7c8a7b85a03cbad5f4974609ab6a9d3e5beeac5c30ef62c2ad579e8e946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "455CA7C8A7B85A03CBAD5F4974609AB6A9D3E5BEEAC5C30EF62C2AD579E8E946"
Last-Modified: Mon, 09 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 09 Jan 2023 12:59:57 GMT
Date: Mon, 09 Jan 2023 06:59:57 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 54ac41a005cad66e958c904071ea1d4f
66932889be57eb15ab99237a69d292b12090c68d
52545e144a7ca5c37c5369d5f5b566b4e5e820b1920ab7fe8e413e7fe022e21b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 347
Cache-Control: max-age=94360
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 06:59:57 GMT
Etag: "63ba87aa-1d7"
Expires: Tue, 10 Jan 2023 09:12:37 GMT
Last-Modified: Sun, 08 Jan 2023 09:06:50 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZTAgq7HSclJBH8ItdAQddg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 67NXR4PAAQi0b1liv8Thx5qhv6U=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ab3dba7adf91752d308ad3e92fb5cc6a
5e13bfaa9143b3db7576566d0db5d0cbed3c6b73
fba490271153050b3c1d46668ac9abf95e84b312e1e1e3905f43f407514001ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBA490271153050B3C1D46668AC9ABF95E84B312E1E1E3905F43F407514001EF"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20853
Expires: Mon, 09 Jan 2023 12:47:32 GMT
Date: Mon, 09 Jan 2023 06:59:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ab3dba7adf91752d308ad3e92fb5cc6a
5e13bfaa9143b3db7576566d0db5d0cbed3c6b73
fba490271153050b3c1d46668ac9abf95e84b312e1e1e3905f43f407514001ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBA490271153050B3C1D46668AC9ABF95E84B312E1E1E3905F43F407514001EF"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20853
Expires: Mon, 09 Jan 2023 12:47:32 GMT
Date: Mon, 09 Jan 2023 06:59:59 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ab3dba7adf91752d308ad3e92fb5cc6a
5e13bfaa9143b3db7576566d0db5d0cbed3c6b73
fba490271153050b3c1d46668ac9abf95e84b312e1e1e3905f43f407514001ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBA490271153050B3C1D46668AC9ABF95E84B312E1E1E3905F43F407514001EF"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20853
Expires: Mon, 09 Jan 2023 12:47:32 GMT
Date: Mon, 09 Jan 2023 06:59:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0473691ea0d4426c66441d3e049b139
2ba1b24cc0f903a534458642236adc8495d87519
5475d4935fea484eabbac57be8e5604952f59374e1ccf26392c3283d39b96a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 173c95c5-690c-4381-9cf1-cb31e4456f14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eQd8LF0YoAMFTUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b676b4-0b9191ab25e33cb436995203;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 07:05:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ugd6PvgcQYjFctkOjVM5zXz3muWfr3o-8qf2hLbu-B_orF1ruOiTGQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 08:02:04 GMT
age: 82675
etag: "2ba1b24cc0f903a534458642236adc8495d87519"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210f951bd43cd838048f3568adb84c8c
db87b6eeaad681f1232c104dd4d0a902a921ed6d
b0d21c80c6c53ba04c8b216f6428a0e8b8eff4ca16f44c31782857d4a2749c39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9407
x-amzn-requestid: 08f125d6-46ed-4a83-98bc-94f688def00c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eP6aMG3loAMFU5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b63dda-06f1fa975f43a24564b86524;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 03:02:50 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 9n51KAFwvuNqst4kr1NAzrt1YnxqueZK8i5toCmJRVWOEITb2ohKLQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 07:01:34 GMT
age: 86305
etag: "db87b6eeaad681f1232c104dd4d0a902a921ed6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334a9cec-5233-4d79-821a-adb923b9d115.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334a9cec-5233-4d79-821a-adb923b9d115.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9adc723b6823a4cf4ca3595febeccfa3
e20675c6a85a03fab85576b65892790058072377
0717e810d9e1908a206f12f54e77caa829426bbfe8c178db4566151f3562c177
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334a9cec-5233-4d79-821a-adb923b9d115.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6317
x-amzn-requestid: 144bd535-24b1-414d-94dc-8fc40838572c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecWFdH7GIAMFavA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb36ef-5a595f255fd3f929499d782b;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HvzCI2mKasNP1XSUHrsNGt8YVbtWcJQPtqs-Lu3Vnw3ERrrd4d2W1A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 21:42:06 GMT
age: 33473
etag: "e20675c6a85a03fab85576b65892790058072377"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: H3uGFYbyPSwFZQCvn99EtVQw1Xz9DBbTgrK2FmfoKYBcZXkj60CbuQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 13:24:11 GMT
age: 63348
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ffb256-d515-4bd7-8804-5c32e070765c.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ffb256-d515-4bd7-8804-5c32e070765c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0ac656cdf72279d8aab7e906f067ecb
fd70a88299221cbbf71242e572a507bcb1ee45d8
fc6e1e38162173b45ddf5bd0838495fe05a8c12ac50b7977fd66281ed0a7a1cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ffb256-d515-4bd7-8804-5c32e070765c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7842
x-amzn-requestid: 2fea5ef4-795f-4d81-ad13-1d9cb738524c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ7FYVoAMFURA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-6f87591428c52a1a0afc7dee;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f5ueDtbSD0P2iJlf5_dYEq0VRouB2RP5_R9SF9gs2jx-l3WIhmc5GA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 04:28:31 GMT
age: 9088
etag: "fd70a88299221cbbf71242e572a507bcb1ee45d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0defc5fd929d3ca7df12b102b551453
f44e4ac4a10991e12994e3b5d6f3cc1b1658967a
f551a1c156ec30405668d66bff9e1359805b773457602e44748be80cbb1f8a23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4687
x-amzn-requestid: 18bf71d4-030e-4a08-ae18-48fe037e6e0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ7GzXIAMFnFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-710f414a2d1b239f6d59d73a;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wkKw4Bgb_vxuY641mGDczUNQUfGXiozbOtpFwfK6aThfJj_q5T_IDg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:49:53 GMT
age: 11406
etag: "f44e4ac4a10991e12994e3b5d6f3cc1b1658967a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 06:59:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8b33ebf66adf8ea748d256ed5248639a
54f661bd5cdfe8ec55371d0d7d63437abc1d54b7
d7b4bf07bc0c94009920239a1136dfdafa898ac2efab9d4131e68682f826e76b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 06:59:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 08b43664026af0215a56eabe43eb9a2a
e28b615a1608878bdc4383260fd6941c541d32f9
4186fe4b1f618e29ee58fabeff3237055cd392c48a544b8e69be8bc75c2d2f9f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 308
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 06:59:59 GMT
Last-Modified: Mon, 09 Jan 2023 06:54:51 GMT
Server: ECS (amb/6B9B)
X-Cache: HIT
Content-Length: 279
www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC
200 OK 583 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC
IP
File type ASCII text, with very long lines (884), with no line terminators
Hash 542397b1e30fd8c4425758c7d66459f9
5fac71ef87c619224355937d247ff0b7e8cecb78
0ce6976e4fcaa990e82cce5fa991452374c5329afae09c8c25849040e55945cb
GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 09 Jan 2023 06:59:59 GMT
date: Mon, 09 Jan 2023 06:59:59 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 2e27586a437cf39b51f8a3ac41d8fd22
f783692e64030ce52ce5128fc83fa7335719562e
e39604c1a5d8da89dacd261e83887ae0074fac64c5c22c13f08007edf3ef629f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1576
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 06:59:59 GMT
Last-Modified: Mon, 09 Jan 2023 06:33:43 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 06:59:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 53e4963971e19408d4cf264bd653599d
271fa6d9b5843b97d579a713fbb48b388c61eba0
c3245e3793f7aab542ba2b4b719f5145a45ba29d536456ad629a364ab2df400b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 06:59:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.dooki.com.br/fa/4.7.0/fa.css
200 OK 7.4 kB URL HTTP/2 fonts.dooki.com.br/fa/4.7.0/fa.css
IP
Hash 95a3b5417167e240910cd15e72304ec9
62dc5525762c14057bef1606d6b06b2fc880b67a
549a2d48347e8369689361a776f4b32c8aec247ee6aada1d46972dc8abd65e72
GET /fa/4.7.0/fa.css HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 06:59:59 GMT
content-type: text/css
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: HIT
expires: Tue, 17 Jan 2023 06:59:59 GMT
cache-control: public, max-age=691200
set-cookie: __cf_bm=Xa2DuAZS.oikXDl6l9PLbiXnQl.kaRX6CRIoDsXXP3E-1673247599-0-AYMGATM+x+Hhi218O3iywTQxo/qDYLrDJwEQh2PK4Bsv+WJjDkQ1g+ocbJoYdudgeOSCaA4JHsL0uprOL6kHQ3s=; path=/; expires=Mon, 09-Jan-23 07:29:59 GMT; domain=.dooki.com.br; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 786b4b1a49f4b50f-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash be701e7d3a8eebfa05b30d316a8e347c
676e6899eddb51841300833cedcfd42f4dfef904
2c3c9f6c6df33d7d24901675da308987cef4f2245b50c720d30e082f1fa6c0bf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=138292
Date: Mon, 09 Jan 2023 07:00:00 GMT
Etag: "63bb1f7d-1d7"
Expires: Tue, 10 Jan 2023 21:24:52 GMT
Last-Modified: Sun, 08 Jan 2023 19:54:37 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9QZ9wrL5GhkVOqoZ3uBixGgVXhkGRSGWoowqBwiojQFW5A9u2IM0fg==
Age: 5415
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 67efa309cd1a12359fd7a5f70e366655
85ee5c0f2d9deeacbfe1a38bd18eb724138f066c
6872e796d42a65959b21ea56670a5c11643aa3bc06d51275b68dd3b23b0e1844
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:00:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:00:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 278 B IP
Hash c75568bf62c9e756cdd655ca2d83fff3
9b37e31b35fce019484447789380a8ca4460d20e
8815608c643f080fa02fc4359fa3fb2d1b05ec54c07022517148fe11f69c44d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 366
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:00:00 GMT
Last-Modified: Mon, 09 Jan 2023 06:53:54 GMT
Server: ECS (amb/6B8B)
X-Cache: HIT
Content-Length: 278
www.googletagmanager.com/gtm.js?id=GTM-MM9Z3VK
200 OK 55 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MM9Z3VK
IP
File type ASCII text, with very long lines (1759)
Hash d2866fb893f78e89f53e06aea78ba239
b630bd628ccfd2b9e8e82a2e3a0fcb6203331dd6
bd4f36f58547960fee07d944bc7de2c107ec051d90fead7ce4f04ca1c4c7b688
GET /gtm.js?id=GTM-MM9Z3VK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 09 Jan 2023 07:00:00 GMT
expires: Mon, 09 Jan 2023 07:00:00 GMT
cache-control: private, max-age=900
last-modified: Mon, 09 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 55316
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 67efa309cd1a12359fd7a5f70e366655
85ee5c0f2d9deeacbfe1a38bd18eb724138f066c
6872e796d42a65959b21ea56670a5c11643aa3bc06d51275b68dd3b23b0e1844
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:00:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.yampi.io/ana/ana.min.js?t=1673308800000
200 OK 3.1 kB URL HTTP/2 cdn.yampi.io/ana/ana.min.js?t=1673308800000
IP
Hash dbceeb15d348862eca0629e02960cdcf
ceba7711371e1848f1c5166085eddab2c98488c0
8fa71046ba98e4a2c8cdec4bc6abd1e3a2af8da90a5bf3e381ae02a40c664f56
GET /ana/ana.min.js?t=1673308800000 HTTP/1.1
Host: cdn.yampi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:00:00 GMT
content-type: application/javascript
x-amz-id-2: 5fGrGP4wgGoRASFYvybQqTyXemAZ+wTmH/2YZhPaXS0kXW9TB//nLT8KJYW6iwsUe5ufmYGkWZ0=
x-amz-request-id: ZSB3QK6SNN8QCRRG
last-modified: Sun, 26 Jun 2022 23:28:17 GMT
x-amz-version-id: QVByH4DoJS5uOcK0PZ6NhcCV1oJEdR5U
etag: W/"e7cabc20ce5d56c20d8c4577a36e2525"
cf-cache-status: HIT
age: 3928
expires: Tue, 09 Jan 2024 07:00:00 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 786b4b1e4eba0b59-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:00:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 9625a56c15d31a321d400863834cc44d
225554c2e40a5a4e2376b2bb61f575d9f75299cc
c6bb729a2d0e923116964c2b2b0eab9c428338458fd5e1cc5db991e0eb3608fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5045
Cache-Control: max-age=162069
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:00:00 GMT
Etag: "63bb7dd0-1d7"
Expires: Wed, 11 Jan 2023 04:01:09 GMT
Last-Modified: Mon, 09 Jan 2023 02:37:04 GMT
Server: ECS (amb/6B9B)
X-Cache: HIT
Content-Length: 471
www.mercadopago.com/v2/security.js
200 OK 2.1 kB URL HTTP/2 www.mercadopago.com/v2/security.js
IP
Hash 25ab461b7a092789106ba92947735cc1
a9d0688b9c8145b4b11d154582b2a522eee795fa
95b61c75707992e37e3f35910fd61044749eb6c8da59fa55f6f6cedf41790f9e
GET /v2/security.js HTTP/1.1
Host: www.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 09 Jan 2023 07:00:00 GMT
set-cookie: _d2id=1709430f-5748-480c-8f35-467e3cd15900-n; Path=/; Domain=.mercadopago.com; Expires=Tue, 09 Jan 2024 07:00:00 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: get_off_widget
content-encoding: gzip
x-request-id: 1709430f-5748-480c-8f35-467e3cd15900
x-request-device-id: 1709430f-5748-480c-8f35-467e3cd15900
x-d2id: 1709430f-5748-480c-8f35-467e3cd15900
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0Vxog7CVlpsJXUFGSoRumfcKaX0RFk2sxLv6mkKWempoQdqjo1efGg==
X-Firefox-Spdy: h2
api.siteblindado.com/v1/seal/aw/www.cea.com.br/seal.png
200 OK 3.3 kB URL HTTP/2 api.siteblindado.com/v1/seal/aw/www.cea.com.br/seal.png
IP
ASN #20940 Akamai International B.V.
File type PNG image data, 115 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ab5ad5a965569d1018ab9f9733bd7904
17b702276a8801af01196d186c0035616c869b23
cb7260ecb38e337ff262d9c0a3e3e5c535b876ffb12083fa454316b0d98c774f
GET /v1/seal/aw/www.cea.com.br/seal.png HTTP/1.1
Host: api.siteblindado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 3304
x-amzn-requestid: 623969c2-f83d-4c1d-889a-069e484bb878
x-amzn-remapped-content-length: 3304
x-amz-apigw-id: ec_RfFPToAMFjlg=
x-amzn-trace-id: Root=1-63bb78d6-7ef346707823e557548af94f
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: vycxEcyhc_ocq-BrWC76guhxdGOYTHONBKd87yP7LHqM5afjXTLhNw==
expires: Mon, 09 Jan 2023 07:00:00 GMT
date: Mon, 09 Jan 2023 07:00:00 GMT
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
api.mercadopago.com/v1/device_sessions/web_device
200 OK 0 B URL HTTP/2 api.mercadopago.com/v1/device_sessions/web_device
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.comprasline.com/
Origin: https://seguro.comprasline.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:00:00 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: https://seguro.comprasline.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: 2f235b2a-30d7-4282-890b-a583cf1f7f45
x-trace-digest-86: CssuXSrYhztJkankujVuq7wgfIobrxAoARYio2KvPAcrVMDLpFW1XeZg04gU+wZ1
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-86,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 715fde6c90f047ef
x-b3-traceid: 715fde6c90f047ef
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/61f6f5fd1e209/61f6f5fd1e210.png
200 OK 38 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/61f6f5fd1e209/61f6f5fd1e210.png
IP
File type PNG image data, 371 x 109, 8-bit/color RGBA, non-interlaced\012- data
Hash f238011fd11694cd1514f752c7c883d3
377d40f84f54f6ad60b1f9fac08f81a4a3a9860d
ed76f7d6dfbec1b4bc4b20cae4fb9de8a17ded9c94275d773e16f8e11d74acf8
GET /king-assets.yampi.me/dooki/61f6f5fd1e209/61f6f5fd1e210.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: +m9wMZiIOePGwEbesCwQXq25vh3c0m1ANUJjTIIMa56T/Bho9edqHKqEJv9Kb7B6tLEtlggQMcc=
x-amz-request-id: FKYGVG5EKZTGQ8AM
Date: Mon, 09 Jan 2023 07:00:01 GMT
Last-Modified: Sun, 30 Jan 2022 20:33:02 GMT
ETag: "f238011fd11694cd1514f752c7c883d3"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 37588
ocsp.digicert.com/
200 OK 471 B IP
Hash 826d11723a9433383ea51213b7028fb6
54d410f01a0fdeeb01801e76f2a0e52593451b0f
e3e3e309324799d76d4edb746eba71628bca18c080f1d628e1ba1eac871cbecd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5890
Cache-Control: max-age=131945
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:00:00 GMT
Etag: "63bb04d7-1d7"
Expires: Tue, 10 Jan 2023 19:39:05 GMT
Last-Modified: Sun, 08 Jan 2023 18:00:55 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 09 Jan 2023 06:41:08 GMT
expires: Mon, 09 Jan 2023 08:41:08 GMT
cache-control: public, max-age=7200
age: 1133
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 27d78738a9609be605b9885f7a5f90e1
cc0794b5d6eff980221081c785662ffa3f770f13
388060a0450ea600c005936f51fbb7e7779ab49eb33044141926cfdb2cf01be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:00:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 4aa5723e20bb937995d58baee63ccef3
4f4451ce70e0f1174447f509b9ecfae0030d69b8
a442ce52f0330fe4e1d6e25a76d9cf569cf7e649416caf201d0570a1cadf7de8
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: xkjnvH9N6L1EtHdcanBqDswnC3eC8qTw1omdI3Appwgkijs6xmDFfvWaXaEKQZUrjdc//2I47+7krSTaTbykRw==
priority: u=3,i
content-length: 27613
x-fb-trip-id: 1904183273
date: Mon, 09 Jan 2023 07:00:00 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10847061191/?random=1673247587649&cv=11&fst=1673247587649&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fseguro.comprasline.com%2Fcart&tiba=Carrinho%20-%20ComprasLine&rfmt=3&fmt=4
200 OK 868 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10847061191/?random=1673247587649&cv=11&fst=1673247587649&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fseguro.comprasline.com%2Fcart&tiba=Carrinho%20-%20ComprasLine&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (1815), with no line terminators
Hash b4615c181874b450c976097af06136e0
82972fcfa63ae85000381a3647c65049538987d6
9e38a38fff5a77963d6864f6ddf957346859cb2a5097f456babb433f381c97fd
GET /pagead/viewthroughconversion/10847061191/?random=1673247587649&cv=11&fst=1673247587649&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fseguro.comprasline.com%2Fcart&tiba=Carrinho%20-%20ComprasLine&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:00:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 868
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Jan-2023 07:15:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 826d11723a9433383ea51213b7028fb6
54d410f01a0fdeeb01801e76f2a0e52593451b0f
e3e3e309324799d76d4edb746eba71628bca18c080f1d628e1ba1eac871cbecd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5277
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:00:01 GMT
Last-Modified: Mon, 09 Jan 2023 05:32:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/plugins/ua/ecommerce.js
200 OK 738 B URL HTTP/2 www.google-analytics.com/plugins/ua/ecommerce.js
IP
File type ASCII text, with very long lines (745)
Hash f804aa0b574b678d24df5281ed71a61d
2fc02211b273e1ab4d362df05d592f2d822c2add
1d2d8c7f3502f4459478fe8c7495a27464d6f178b1d564333a107d310c0ea74d
GET /plugins/ua/ecommerce.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 738
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 06:50:44 GMT
expires: Mon, 09 Jan 2023 07:50:44 GMT
cache-control: public, max-age=3600
age: 557
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
script.hotjar.com/modules.b4ac87d27a338f616dd7.js
200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.b4ac87d27a338f616dd7.js
IP
File type Unicode text, UTF-8 text, with very long lines (48638)
Hash 1af6d1b4202cd7568a42d42e427f4e4f
a58920bba80580f6e2042513642e7425b7d41073
86ce7f3a1599d843b55e78ce294697c6fd84d4271cf4d49130ad0708a48a2340
GET /modules.b4ac87d27a338f616dd7.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68846
date: Fri, 06 Jan 2023 10:13:59 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "1af6d1b4202cd7568a42d42e427f4e4f"
last-modified: Fri, 06 Jan 2023 10:13:14 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6sd9aavlnpsKuKG3kApfMeUJ1CjiZ8C19y9_loqkU3wSBC8XML49hQ==
age: 247561
X-Firefox-Spdy: h2
awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=79a52674e85b42e3bb0e8477b136e3e4
200 OK 27 kB URL HTTP/2 awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=79a52674e85b42e3bb0e8477b136e3e4
IP
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 25db9ed72454609ded938c3b41f6f36a
af4d1b712a89dee52efd3b56ff5b5fe3f548b8be
9f3b77ec2a725bee7feb93d4c0a64c70227b8bbae34772d5d59daeb4f9e9dcbb
GET /checkout/build/mix/assets/css/app.css?id=79a52674e85b42e3bb0e8477b136e3e4 HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:00:00 GMT
content-type: text/css
x-amz-id-2: wJ4bH/bf0pw9b3NRlDhEWKyZWu5RXCwPl0eolVgF60dfTrtOcW7vKenFEUxxuVbhKJpYP6JZeL8=
x-amz-request-id: 3ASRM84P44CEBSSN
last-modified: Fri, 06 Jan 2023 12:17:09 GMT
x-amz-version-id: dLTrK6q6GkbP4ZoqutsPWbG6K0Edx6rr
etag: W/"79a52674e85b42e3bb0e8477b136e3e4"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXB17wYprjofiCq4yrQ%2FfiY%2BwV2huPx7QVvBm9YaTwbh6xtzvuSgc7FdMW2Zq9xfMokA8l%2BM7Xh6TvpwQSinLt6dznt44DXPLwRQ2%2BS%2FXdYlmOVnBZQDywUJDrR6R3%2FDvXJ8LFX6zX%2Fu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 786b4b1a2f2cb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8fd95f99c767ca2559dfa76e78fa1ddd
1bcfa611a72225e6cd9cfedf6d03a43aa525946f
01595b34ecb16f26e964615a0b43bc3a886e2c15a027314af991d4ccd56e64cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:00:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/10847061191/?random=1673247587649&cv=11&fst=1673244000000&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fseguro.comprasline.com%2Fcart&tiba=Carrinho%20-%20ComprasLine&fmt=3&is_vtc=1&random=2390519618&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10847061191/?random=1673247587649&cv=11&fst=1673244000000&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fseguro.comprasline.com%2Fcart&tiba=Carrinho%20-%20ComprasLine&fmt=3&is_vtc=1&random=2390519618&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10847061191/?random=1673247587649&cv=11&fst=1673244000000&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fseguro.comprasline.com%2Fcart&tiba=Carrinho%20-%20ComprasLine&fmt=3&is_vtc=1&random=2390519618&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 07:00:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
seguro.comprasline.com/cart/recomm
200 OK 1.0 kB URL HTTP/2 seguro.comprasline.com/cart/recomm
IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
Analyzer Verdict Alert openphish Mercado Libre
fortinet Phishing
GET /cart/recomm HTTP/1.1
Host: seguro.comprasline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImVmOWIyM2EwYjhjMDY4ZmIiLCJ0ciI6IjRjNmFhMjlhZjlkNjliMTNmNmQ1ZDA3YzU2YTljN2MwIiwidGkiOjE2NzMyNDc1ODc1MTJ9fQ==
traceparent: 00-4c6aa29af9d69b13f6d5d07c56a9c7c0-ef9b23a0b8c068fb-01
tracestate: 2935249@nr=0-1-2935249-1134170823-ef9b23a0b8c068fb----1673247587512
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://seguro.comprasline.com/cart
Cookie: XSRF-TOKEN=eyJpdiI6IkpIXC9VZmk4YThza2w5SjQzaGF0cld3PT0iLCJ2YWx1ZSI6IkNyOEIwbGJUWEE3Z3l5ZWJBRlBrTHRIcHZENmV5VWlpK1hQa1FqNlZIczB4SUZvOEdTeFFkYzhHcXhtQlJHdjkwS1ZjWkFrU1htKzJJMDBQWlBMZUhnPT0iLCJtYWMiOiI1MTYxZTVhNTI1NzZmNDgzZTU5YWEwNTNjODc4NWQxY2FhMTFkOWI3MDIzMjNhNmVjOGJkMmJlNWJmNzJjZDc2In0%3D; bubbstore_checkout=eyJpdiI6IlpnTnRpS2crQ09mMkdwUUQzK3k5dEE9PSIsInZhbHVlIjoiajFMTFBCWElybUtkWUVmbnNNcm1Jb2o3Z0JMaXlxQ0NGNmo3R0xvM2RLQ24zYWRXa2ZaRWxGQkFSbHRjQVNXUGRMQ2hUMUNJZWk2cWMxdm53MW1EUVE9PSIsIm1hYyI6IjM2ODgxOGM1YWY5Y2ZhZmZhMzFhOWQ2MTAzNzc1NTAzOGRmZGRjZWQyYmIxYWMzNTcxMWFjNDJjZDQ2YzUwNjcifQ%3D%3D; comprasline_cart=eyJpdiI6IjgzMVVFODl0YklKSXdRR3hjbmxsY3c9PSIsInZhbHVlIjoiRmdnWHVtNTZhS0QzWWxZaFQ4MVd6XC9iM0tXRGpGa0F3TmR4VDdRN1M0aE1tdXBDUmh6OXZBS05FYzEzOXRvNDlFa0pmZGJ3RXpFYXlLd05BOE9vYU9BPT0iLCJtYWMiOiI0NGZhZTIzYWU4ODhhYzNhMTJjYWJmNTFmYzEyZjc2NjI4MGU3YjkwNzgzYjdlM2ZiZmI5YjdmMjEwZWJhMTM5In0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:00:00 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6ImxoeFhWRWlYcmhPXC96cGZOY2hGcmVnPT0iLCJ2YWx1ZSI6IjBsVis2U3hNcGJZWHFER2Q5K3RVNFwvQkN3SG4rUFB0Mmp4bk9cL0xiellVRm42R1pZYm12b3VSc2hHcEtQWWdKRXo4VkFNRklteTBGUnNKblwvY0VsUlRRPT0iLCJtYWMiOiI1MmEzNDI1NzcwYzU5YTU1Y2ZiN2I0MmQ1M2E0ZmU3ZjY5N2NkNWNhZjQwMDU0MGMyNTRmMzlmMzBmYmFhOWZlIn0%3D; expires=Mon, 09-Jan-2023 10:00:00 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Ik91SFBzU20yMHZ0Tnp4SGwxT21KTEE9PSIsInZhbHVlIjoiMVl6MGltZTdzZWtaRXpBc2gzS2FSdDNQVEk1WElBM1BIRTJxd0hKSUlnRERwVVluUlh2ZVptZlBBWUZlXC9tUHdDaW9oSTJ5OW50a3EwQXN5YU9CcE1nPT0iLCJtYWMiOiIyNDZhNjI1NjU3ZGVkMGIxZjQ2MjFiM2JhMzExYjVjOTg3ZDUyZGY3M2IxNzYxM2UwNzdiNGFmMTEyZDMxMGQ3In0%3D; expires=Mon, 09-Jan-2023 10:00:00 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPEFJSWAsJExoDTFZTUgBSFFIWCAYCBVQVTABNEQEAUwVUAgYOUAIBVgEEVQJESFdXXxEDPg==
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8fd95f99c767ca2559dfa76e78fa1ddd
1bcfa611a72225e6cd9cfedf6d03a43aa525946f
01595b34ecb16f26e964615a0b43bc3a886e2c15a027314af991d4ccd56e64cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:00:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-219054498-1&cid=1239928174.1673247588&jid=695503655&gjid=1049249769&_gid=1718550245.1673247588&_u=KGBAAEASQAAAACAAI~&z=62772609
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-219054498-1&cid=1239928174.1673247588&jid=695503655&gjid=1049249769&_gid=1718550245.1673247588&_u=KGBAAEASQAAAACAAI~&z=62772609
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-219054498-1&cid=1239928174.1673247588&jid=695503655&gjid=1049249769&_gid=1718550245.1673247588&_u=KGBAAEASQAAAACAAI~&z=62772609 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.comprasline.com
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://seguro.comprasline.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 09 Jan 2023 07:00:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45745009-5&cid=1239928174.1673247588&jid=73549992&gjid=1265876103&_gid=1718550245.1673247588&_u=KGHAAEATQAAAACAAI~&z=186940756
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45745009-5&cid=1239928174.1673247588&jid=73549992&gjid=1265876103&_gid=1718550245.1673247588&_u=KGHAAEATQAAAACAAI~&z=186940756
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45745009-5&cid=1239928174.1673247588&jid=73549992&gjid=1265876103&_gid=1718550245.1673247588&_u=KGHAAEATQAAAACAAI~&z=186940756 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.comprasline.com
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://seguro.comprasline.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 09 Jan 2023 07:00:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background/etid
200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/etid
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jms/lgz/background/etid HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.comprasline.com
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Mon, 09 Jan 2023 07:00:01 GMT
server: Tengine
set-cookie: _d2id=e9485d04-87e3-4e33-9cd2-61475052ae7c-n; Path=/; Domain=.mercadolibre.com; Expires=Tue, 09 Jan 2024 07:00:01 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: 161136f6-e32a-4b3c-a83b-302bb260b3ea-1673247601564
cache-control: private, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 5
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: e9485d04-87e3-4e33-9cd2-61475052ae7c
x-request-device-id: e9485d04-87e3-4e33-9cd2-61475052ae7c
x-d2id: e9485d04-87e3-4e33-9cd2-61475052ae7c
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0_iPFddD9_OIlGiOkej3yFCYhL3lTmErDvUS_QB0loAm04kMhy0EZQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f1f6da1c087bab740a0e1a8e3c6f8183
69a7fda93f860bef1f83762bb65d639ee756d6b4
adb042adf90611bcac74c2693303e75a9e93cfa2c436e167966ec41a68d1ec83
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:00:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 394 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash 51969c36a0feb689936417c534fc16d2
9e700083d9b219f90f44197778d9680007e418da
2d578239548f3b216ab10d77fb538503b3be6babc1ed8bd043495949a42e5fdc
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 09 Jan 2023 07:00:01 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-402168753%3A1673247601681879&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh6Gjl33R-2_OIWHCTtsoE0nzlELAXVpCrpMYWf2KTjbGb9zmE0dLLC7PYOB84pZml9bCpnmtw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-zFQt6IoRMhUqOgA1eimuWA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:tb8ngMz0Cs-Wv-ys1Nowv-f2A5Ek0A:Z0eScsiEQUZnnEBL;Path=/;Expires=Wed, 08-Jan-2025 07:00:01 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js-agent.newrelic.com/552.2d6a2503-1220.js
200 OK 5.9 kB URL HTTP/2 js-agent.newrelic.com/552.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (21423)
Hash 097ef34c5f5d635a147bca3721bd605b
3b31ef3cfb1d62d9884d631ec2467b9d6b0d46e2
3e05d4e42c1e87b516b525574b20d2570dccc50d1bd1b2956d6421699aa19914
GET /552.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Lx7LUNyC193WWpSv5hW/L7UEeNSlDwufm33KpA2sv5a1ht8efI/6s62/R2OVbNZKkoG/gUHXaFI=
x-amz-request-id: VK0V8BCV38T7WVVS
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 09 Jan 2023 07:00:01 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 3926
x-timer: S1673247602.790000,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 6b057e0e844a99b083a4bc68c468a9f2
e1199c3722fc7bf1dfe12de5f58c745978ab0ede
73d03ce9fbc2cbeca1d4e0c79d38b5015e75b144f5c2697c20674dc4387a9294
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4076
Cache-Control: max-age=142366
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:00:02 GMT
Etag: "63bb34a4-1d7"
Expires: Tue, 10 Jan 2023 22:32:48 GMT
Last-Modified: Sun, 08 Jan 2023 21:24:52 GMT
Server: ECS (amb/6B8B)
X-Cache: HIT
Content-Length: 471
www.mercadolibre.com/jms/lgz/background/session/armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15?background=armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D
200 OK 3.5 kB URL HTTP/2 www.mercadolibre.com/jms/lgz/background/session/armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15?background=armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (8622)
Hash 4db014f0e0f7f9e266a1bb022fac99a2
928c90408d8c27639f2bafae3a6308e22710bc12
6468d2151d1dc001fa46fb1ffa314b2fb91ffd4675127b8f05ab6627aadb6028
GET /jms/lgz/background/session/armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15?background=armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 09 Jan 2023 07:00:02 GMT
server: Tengine
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
set-cookie: _d2id=d20d0761-986d-4721-a404-b85621945442-n; Path=/; Domain=.mercadolibre.com; Expires=Tue, 09 Jan 2024 07:00:02 GMT
dsid=481d82f7-7551-4d9f-9db7-a91e93e18f72-1673247602038;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
edsid=ead180d1-e283-4055-ae92-8941f45b89b0-1673247602038;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 16
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: d20d0761-986d-4721-a404-b85621945442
x-request-device-id: d20d0761-986d-4721-a404-b85621945442
x-d2id: d20d0761-986d-4721-a404-b85621945442
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: J6_FUfRIuSCzNcziw4foNecbbNdaF3oj72Vj6z1i8fJzbIfUidBABw==
X-Firefox-Spdy: h2
js-agent.newrelic.com/368.2d6a2503-1220.js
200 OK 1.4 kB URL HTTP/2 js-agent.newrelic.com/368.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (3382)
Hash fa50a55750d1d0978fca32be5dbc3988
a7f447621d48b3ecf7fc0192b515d506d3d1ad18
c621038fb07e536af8a1ec6d260853dfe69055dc2fb526700919c53b3b7e5f20
GET /368.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: kwoAxcBtx2IMbi3IHVdur3TxF/StXF2YgQ/J5F/J0LqxQRcevbbS10v8PBtCq89jFlCdbzEZt0Y=
x-amz-request-id: VK0S7FDBAB0EX9VY
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "16b4f3676c3859e1378a2ccdebbad675"
x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 09 Jan 2023 07:00:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 3922
x-timer: S1673247602.204748,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1443
X-Firefox-Spdy: h2
js-agent.newrelic.com/768.2d6a2503-1220.js
200 OK 2.2 kB URL HTTP/2 js-agent.newrelic.com/768.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (5523)
Hash 98a96a3306b7723c0b8c4bff074cdd9f
e9070da7daa34fa2d8ac2e4ec00e3c499ea37516
a6079d50fa4c72b521fd865e67be080b5b21c336a71dbf7a1800a12ad42384f7
GET /768.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: YghQGw//W98CcE+uLEc2bIpyY1zfBy1cvSl3ZbHItGIBbBbjBYrgjjDhKdNnyagoNGaVfLpI2xM=
x-amz-request-id: VK0XNZM280HMN60Q
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "d6cc8b42eda6fd7734014b03b87b5787"
x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 09 Jan 2023 07:00:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 3912
x-timer: S1673247602.205027,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2225
X-Firefox-Spdy: h2
js-agent.newrelic.com/775.2d6a2503-1220.js
200 OK 632 B URL HTTP/2 js-agent.newrelic.com/775.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (1169)
Hash 661520fd0dfebb919d68a69b60ca426f
b85ef80a0e0d95bf4904f9ce4fad56c49ae035be
ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7
GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: n5W3M8HU3EdwDhPARC2iiAf1as95kdLfrN2+qdL0W35SMVzIqjIlMR9W7ck8oTAzeIw6lrJi5fM=
x-amz-request-id: VK0MRM6MJ78HXF3Y
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 09 Jan 2023 07:00:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 3914
x-timer: S1673247602.205208,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2
js-agent.newrelic.com/39.2d6a2503-1220.js
200 OK 2.8 kB URL HTTP/2 js-agent.newrelic.com/39.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (7169)
Hash a0a406e7bdf3e14f047e46bcea27640c
c1fbc88d260f16a092c1b7b0e58e4291401478e8
2309d4e82574d5402ec3454a76051987336fe3b4e4d546f6565a3a443c6d4049
GET /39.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: YVIhZ0s+kfqfyw3/OOPaabzaoXb/XwD4VELrgCLiMtI8cGCxgyDD6Y3bdLzWtK9lY7b2Y9dtVwM=
x-amz-request-id: VK0GJZ5NDAT42H61
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "0448380a8f2cd0426bbdf04dd45b5408"
x-amz-version-id: rKoZQfJFmGD6aC9Xn3l7.fk4j9L96MM_
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 09 Jan 2023 07:00:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 2206
x-timer: S1673247602.205423,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2755
X-Firefox-Spdy: h2
js-agent.newrelic.com/0.2d6a2503-1220.js
200 OK 2.3 kB URL HTTP/2 js-agent.newrelic.com/0.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (5198)
Hash 852267b16c136b977ccd94900c6c6308
e013e1b2c6de5b625ebbfe2e7cf3cfb09cee6c16
9bb09a133a1b33e9cecb06aa44e1ea67b3ad4ea74df5c6a89b1580064364cced
GET /0.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: yaLgSlI/o1YgPR64REKW7tJGngFFiymXOCq3qvC8FibvMh/NPjIov1s2Y43sA3Nk7dOb/Jeu8n0=
x-amz-request-id: VK0HGZZCMTDZKH5X
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 09 Jan 2023 07:00:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 2202
x-timer: S1673247602.205617,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2349
X-Firefox-Spdy: h2
js-agent.newrelic.com/571.2d6a2503-1220.js
200 OK 1.1 kB URL HTTP/2 js-agent.newrelic.com/571.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (2412)
Hash d392a55faa7a0a2a43781a495891c9aa
1998ba6f85354606c186fa1a29285676f0b596f0
33b4cb21373961aa88430ff72406d46e95ceddf50afc086598ea5bdc3a311815
GET /571.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Yb3onr5wgE7GyebmH4WnkKwnI2MQKfjQMqMso3BN0Y71/Vtt12keZBjkbAuB5UJTI/GRzVXSccI=
x-amz-request-id: VK0WTM9PM29FXD43
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "04b00905b32fd8d29459545bc125cff6"
x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 09 Jan 2023 07:00:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 2184
x-timer: S1673247602.205804,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1108
X-Firefox-Spdy: h2
js-agent.newrelic.com/820.2d6a2503-1220.js
200 OK 3.0 kB URL HTTP/2 js-agent.newrelic.com/820.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (7460)
Hash 7d1295a839190615b34d5a62acceee4f
eef26f5c6d2ae14cb81b3a9b669da224faceacd0
4d59d58f31b6638fbc3792a0b5fddca6e8eafc19a0c9e9aabadb5ad4d9197198
GET /820.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: FgITvf3WklEMWkZwakon8gl0N9aTQ94pdNptn966xzqmGm/5HblQmQGcNcywcu4tvf5sbwoyl9E=
x-amz-request-id: VK0ZG74SYEQQ4TER
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "897a1a72a47e4f4a24c05aec49af638f"
x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 09 Jan 2023 07:00:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 2200
x-timer: S1673247602.205986,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2979
X-Firefox-Spdy: h2
js-agent.newrelic.com/790.2d6a2503-1220.js
200 OK 6.1 kB URL HTTP/2 js-agent.newrelic.com/790.2d6a2503-1220.js
IP
File type ASCII text, with very long lines (17591)
Hash b3193d37837e2f200e10db13deff83a9
d8577b8a972583e81cfd8e31436dcd039aa049b2
5ba2e421fa78af3094294f4f8e30ba63225537da3ad68e35fbab63b2d22a0288
GET /790.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: veWtlyFq4FXZZ3C91QZ1ydEfJVdBNkWk12lPeQHXsOtJd4oL/94W2O+vIrequr5Q4TsFmN49oJA=
x-amz-request-id: VK0VJC72617ZJQFB
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "af8c077a247e90dff929d7af81c94f57"
x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 09 Jan 2023 07:00:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1620-BMA
x-cache: HIT
x-cache-hits: 1647
x-timer: S1673247602.206209,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 6064
X-Firefox-Spdy: h2
bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=5354&ck=0&s=1d335db456d18038&ref=https://seguro.comprasline.com/cart&ap=34&be=2667&fe=2159&dc=738&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1673247584098,%22n%22:0,%22f%22:1712,%22dn%22:1712,%22dne%22:1712,%22c%22:1712,%22s%22:1712,%22ce%22:1712,%22rq%22:1714,%22rp%22:2640,%22rpe%22:2640,%22dl%22:2646,%22di%22:3385,%22ds%22:3405,%22de%22:3422,%22dc%22:4826,%22l%22:4826,%22le%22:5033%7D,%22navigation%22:%7B%7D%7D&fcp=3377&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken
200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=5354&ck=0&s=1d335db456d18038&ref=https://seguro.comprasline.com/cart&ap=34&be=2667&fe=2159&dc=738&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1673247584098,%22n%22:0,%22f%22:1712,%22dn%22:1712,%22dne%22:1712,%22c%22:1712,%22s%22:1712,%22ce%22:1712,%22rq%22:1714,%22rp%22:2640,%22rpe%22:2640,%22dl%22:2646,%22di%22:3385,%22ds%22:3405,%22de%22:3422,%22dc%22:4826,%22l%22:4826,%22le%22:5033%7D,%22navigation%22:%7B%7D%7D&fcp=3377&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken
IP
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=5354&ck=0&s=1d335db456d18038&ref=https://seguro.comprasline.com/cart&ap=34&be=2667&fe=2159&dc=738&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1673247584098,%22n%22:0,%22f%22:1712,%22dn%22:1712,%22dne%22:1712,%22c%22:1712,%22s%22:1712,%22ce%22:1712,%22rq%22:1714,%22rp%22:2640,%22rpe%22:2640,%22dl%22:2646,%22di%22:3385,%22ds%22:3405,%22de%22:3422,%22dc%22:4826,%22l%22:4826,%22le%22:5033%7D,%22navigation%22:%7B%7D%7D&fcp=3377&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:00:02 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 786b4b2aec580b4d-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=5747&ck=0&s=1d335db456d18038&ref=https://seguro.comprasline.com/cart
200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=5747&ck=0&s=1d335db456d18038&ref=https://seguro.comprasline.com/cart
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1220.PROD&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZSQkJPWAhRVUs%3D&rst=5747&ck=0&s=1d335db456d18038&ref=https://seguro.comprasline.com/cart HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 732
Origin: https://seguro.comprasline.com
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:00:03 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 786b4b2cad800b4d-OSL
Access-Control-Allow-Origin: https://seguro.comprasline.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
www.mercadolibre.com/jms/lgz/background?dps=armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15
200 OK 3.1 kB URL HTTP/2 www.mercadolibre.com/jms/lgz/background?dps=armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (716)
Hash b165d6520df5ba272e84f5e2a4205a1d
2366661f2fb5570beea01a99e846a629d3fc9116
baf214e9443dfc8eaef01b89cf710ca6ffa5f2cd78ad21db06b4a9df6069eb73
GET /jms/lgz/background?dps=armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15 HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
date: Mon, 09 Jan 2023 07:00:02 GMT
server: Tengine
set-cookie: _d2id=22cdd4ab-e404-40ab-9800-684d8c883e0a-n; Path=/; Domain=.mercadolibre.com; Expires=Tue, 09 Jan 2024 07:00:02 GMT
access-control-allow-origin: *
x-transaction-name: cross_domain_profiler
content-encoding: gzip
x-envoy-upstream-service-time: 5
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 22cdd4ab-e404-40ab-9800-684d8c883e0a
x-request-device-id: 22cdd4ab-e404-40ab-9800-684d8c883e0a
x-d2id: 22cdd4ab-e404-40ab-9800-684d8c883e0a
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wKXDtjTpZViyPRAbmFmX-fKCH8Rj5mG3kL0CjNry5H0ldU0a1hqp7g==
X-Firefox-Spdy: h2
api.mercadopago.com/v1/device_sessions/anonymous_device_session
200 OK 337 B URL HTTP/2 api.mercadopago.com/v1/device_sessions/anonymous_device_session
IP
File type JSON data\012- , ASCII text, with very long lines (337), with no line terminators
Hash eedda1ea738dfe41b89735bda41bc957
48345ed3ba5b00e937943da5bf5d9a39690ebad0
e7e637a39bbc7da6196aa3e3f01dcc090cf586722c2b435a81aa425898a64ed2
POST /v1/device_sessions/anonymous_device_session HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 98
Origin: https://seguro.comprasline.com
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:00:04 GMT
content-type: application/json; charset=utf-8
content-length: 337
access-control-allow-origin: https://seguro.comprasline.com
x-request-id: 9f1b6c36-56bb-424c-a543-c894426d6d20
x-trace-digest-86: GvUM3TE7CQ5Cp6XV3snkW+1C5DgKMbbQjQI9MzvNW2wwlE0ZzkmN/4B9cRNY7MNV
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-86,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 6e6930d99b41099e
x-b3-traceid: 6e6930d99b41099e
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2
seguro.comprasline.com/cart
200 OK 0 B URL HTTP/2 seguro.comprasline.com/cart
IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Analyzer Verdict Alert openphish Mercado Libre
fortinet Phishing
GET /cart HTTP/1.1
Host: seguro.comprasline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IklmSlwvM1VWYk5HeENBYnpHUFVuWU13PT0iLCJ2YWx1ZSI6Imo2NFFYQ3pzS1wvaEYrblA3NWVLRnpNYitiM09vRlIzbkZoOWFRR2w1TnRnajViZEFqdmtGSXpiU1huMzNtVElJTWpJWmhEWHZWakpxT3RSMExxTnJQZz09IiwibWFjIjoiYmMzY2E1NWUyY2I3Y2U4OTM0NjViNTMzNmRkNzA4ZGNiMjEzZjRiMDJjZTkxZjU4MDk1OTY1ZTBkOWI0NmE1NiJ9; bubbstore_checkout=eyJpdiI6IkV2bWJ3MTYwT2JQWEFuMmplRjBEYWc9PSIsInZhbHVlIjoiamg0VEpJR1VvNjRubk5BcGF2QXg3T3VrT0R6cjB6T0Z2M3JQSG13dWxsVmR0bkV0azRCcXZPUGsxKzlyd0M5Z1htZkhlM3dYOW5NbEV1TFdyN0oxK1E9PSIsIm1hYyI6IjgzYzE0MjE1MTVhN2EyYmU0NDM4MWQ4MWZmYTIzYzBhMWEyOGMxY2FhNDI5ODYwMDg0YzkzMzBhMGI2MzgzYTcifQ%3D%3D; comprasline_cart=eyJpdiI6IjgzMVVFODl0YklKSXdRR3hjbmxsY3c9PSIsInZhbHVlIjoiRmdnWHVtNTZhS0QzWWxZaFQ4MVd6XC9iM0tXRGpGa0F3TmR4VDdRN1M0aE1tdXBDUmh6OXZBS05FYzEzOXRvNDlFa0pmZGJ3RXpFYXlLd05BOE9vYU9BPT0iLCJtYWMiOiI0NGZhZTIzYWU4ODhhYzNhMTJjYWJmNTFmYzEyZjc2NjI4MGU3YjkwNzgzYjdlM2ZiZmI5YjdmMjEwZWJhMTM5In0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 06:59:59 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IkpIXC9VZmk4YThza2w5SjQzaGF0cld3PT0iLCJ2YWx1ZSI6IkNyOEIwbGJUWEE3Z3l5ZWJBRlBrTHRIcHZENmV5VWlpK1hQa1FqNlZIczB4SUZvOEdTeFFkYzhHcXhtQlJHdjkwS1ZjWkFrU1htKzJJMDBQWlBMZUhnPT0iLCJtYWMiOiI1MTYxZTVhNTI1NzZmNDgzZTU5YWEwNTNjODc4NWQxY2FhMTFkOWI3MDIzMjNhNmVjOGJkMmJlNWJmNzJjZDc2In0%3D; expires=Mon, 09-Jan-2023 09:59:59 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IlpnTnRpS2crQ09mMkdwUUQzK3k5dEE9PSIsInZhbHVlIjoiajFMTFBCWElybUtkWUVmbnNNcm1Jb2o3Z0JMaXlxQ0NGNmo3R0xvM2RLQ24zYWRXa2ZaRWxGQkFSbHRjQVNXUGRMQ2hUMUNJZWk2cWMxdm53MW1EUVE9PSIsIm1hYyI6IjM2ODgxOGM1YWY5Y2ZhZmZhMzFhOWQ2MTAzNzc1NTAzOGRmZGRjZWQyYmIxYWMzNTcxMWFjNDJjZDQ2YzUwNjcifQ%3D%3D; expires=Mon, 09-Jan-2023 09:59:59 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.yampi.me/jquery/jquery.js
200 OK 0 B URL HTTP/2 cdn.yampi.me/jquery/jquery.js
IP
GET /jquery/jquery.js HTTP/1.1
Host: cdn.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 06:59:59 GMT
content-type: application/javascript
x-amz-id-2: lGLFjrK86Cx9T4ONdurq/gXBG4l63/mYQENMpR9HNL0fNMqc2R4v2jwiGweIlf/IB9cQTMPmI5Q=
x-amz-request-id: 0NQZYAP7MHA1R19E
last-modified: Tue, 24 Sep 2019 11:23:34 GMT
x-amz-version-id: 6XhfNvj9UGB1eWzPJf8PFJnclFrAQqDF
etag: W/"9f7c65c84c8e8c3e317945e8fd89899b"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qV%2FjjN2gdEc78fKiwxibVbEvquMCT%2BFK%2FGjXRkC8ZvCG4ce269t4cTqZ009iSMrUZPptnjVR2E4pDcqVueytWh4PsnMjrm32mCoMZk0QhEpefn3vOdtPo1hWeuefQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 786b4b1a1f24b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
200 OK 0 B URL HTTP/2 www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
IP
GET /recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.comprasline.com
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164706
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 05:56:49 GMT
expires: Mon, 08 Jan 2024 05:56:49 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
content-type: text/javascript
age: 90191
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-3285671.js?sv=6
200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-3285671.js?sv=6
IP
GET /c/hotjar-3285671.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Mon, 09 Jan 2023 07:00:01 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/e3c0cad1ea7d24cfee4e4248284be72b
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: y4F0VltZvinrgf_T9gkH0CK054DMuj9egFUDY4UWdKQRDYs0TOni_Q==
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background/session/armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI2OGYwN2NjMy1iNDU0LTQ4ZjUtOTBhNC1iNWI0MGE4MDYwYmMtMTY3MzI0NzYwMjMzMiIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiZjZiNjE0ZGQtYjEyMi00ZTY3LThlYzQtMDdhMjkzYjQ3OWE4LTE2NzMyNDc2MDIzMzIifQ%3D%3D%22%7D&callback=dp_jsonp.process
200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/session/armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI2OGYwN2NjMy1iNDU0LTQ4ZjUtOTBhNC1iNWI0MGE4MDYwYmMtMTY3MzI0NzYwMjMzMiIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiZjZiNjE0ZGQtYjEyMi00ZTY3LThlYzQtMDdhMjkzYjQ3OWE4LTE2NzMyNDc2MDIzMzIifQ%3D%3D%22%7D&callback=dp_jsonp.process
IP
GET /jms/lgz/background/session/armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15/cross_domain/jsonp?_method=PUT&_body=%7B%22msg%22%3A%22eyJqc3V1aWQiOiI2OGYwN2NjMy1iNDU0LTQ4ZjUtOTBhNC1iNWI0MGE4MDYwYmMtMTY3MzI0NzYwMjMzMiIsInN1cHBvcnRfaWRiIjp0cnVlLCJpZGJ1dWlkIjoiZjZiNjE0ZGQtYjEyMi00ZTY3LThlYzQtMDdhMjkzYjQ3OWE4LTE2NzMyNDc2MDIzMzIifQ%3D%3D%22%7D&callback=dp_jsonp.process HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mercadolibre.com/jms/lgz/background?dps=armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15
Connection: keep-alive
Cookie: dsid=481d82f7-7551-4d9f-9db7-a91e93e18f72-1673247602038; edsid=ead180d1-e283-4055-ae92-8941f45b89b0-1673247602038
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
date: Mon, 09 Jan 2023 07:00:02 GMT
server: Tengine
set-cookie: _d2id=fa8de924-1f7c-4040-86de-420672060447-n; Path=/; Domain=.mercadolibre.com; Expires=Tue, 09 Jan 2024 07:00:02 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_cross_domain_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: fa8de924-1f7c-4040-86de-420672060447
x-request-device-id: fa8de924-1f7c-4040-86de-420672060447
x-d2id: fa8de924-1f7c-4040-86de-420672060447
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9x1s4kFi8BlmVfqqtg9PQtFVaWQZk9UL7mrGCYzk74TUYypkjvwYcg==
X-Firefox-Spdy: h2
seguro.comprasline.com/
302 Found 0 B IP
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Analyzer Verdict Alert openphish Mercado Libre
fortinet Phishing
GET / HTTP/1.1
Host: seguro.comprasline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 09 Jan 2023 06:59:58 GMT
content-type: text/html; charset=UTF-8
location: https://seguro.comprasline.com/cart
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IklmSlwvM1VWYk5HeENBYnpHUFVuWU13PT0iLCJ2YWx1ZSI6Imo2NFFYQ3pzS1wvaEYrblA3NWVLRnpNYitiM09vRlIzbkZoOWFRR2w1TnRnajViZEFqdmtGSXpiU1huMzNtVElJTWpJWmhEWHZWakpxT3RSMExxTnJQZz09IiwibWFjIjoiYmMzY2E1NWUyY2I3Y2U4OTM0NjViNTMzNmRkNzA4ZGNiMjEzZjRiMDJjZTkxZjU4MDk1OTY1ZTBkOWI0NmE1NiJ9; expires=Mon, 09-Jan-2023 09:59:58 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IkV2bWJ3MTYwT2JQWEFuMmplRjBEYWc9PSIsInZhbHVlIjoiamg0VEpJR1VvNjRubk5BcGF2QXg3T3VrT0R6cjB6T0Z2M3JQSG13dWxsVmR0bkV0azRCcXZPUGsxKzlyd0M5Z1htZkhlM3dYOW5NbEV1TFdyN0oxK1E9PSIsIm1hYyI6IjgzYzE0MjE1MTVhN2EyYmU0NDM4MWQ4MWZmYTIzYzBhMWEyOGMxY2FhNDI5ODYwMDg0YzkzMzBhMGI2MzgzYTcifQ%3D%3D; expires=Mon, 09-Jan-2023 09:59:58 GMT; Max-Age=10800; path=/; httponly
comprasline_cart=eyJpdiI6IjgzMVVFODl0YklKSXdRR3hjbmxsY3c9PSIsInZhbHVlIjoiRmdnWHVtNTZhS0QzWWxZaFQ4MVd6XC9iM0tXRGpGa0F3TmR4VDdRN1M0aE1tdXBDUmh6OXZBS05FYzEzOXRvNDlFa0pmZGJ3RXpFYXlLd05BOE9vYU9BPT0iLCJtYWMiOiI0NGZhZTIzYWU4ODhhYzNhMTJjYWJmNTFmYzEyZjc2NjI4MGU3YjkwNzgzYjdlM2ZiZmI5YjdmMjEwZWJhMTM5In0%3D; expires=Sat, 14-Jan-2023 06:59:58 GMT; Max-Age=432000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2
awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=eee3ae04004489b9d64a2bad710b8e76
200 OK 0 B URL HTTP/2 awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=eee3ae04004489b9d64a2bad710b8e76
IP
GET /checkout/build/mix/assets/js/app.js?id=eee3ae04004489b9d64a2bad710b8e76 HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:00:00 GMT
content-type: application/javascript
x-amz-id-2: B1N4ZaqETEUEwzjQW2lyOzyts5wk8M4IX0hcWbj4WzG184oq8+YbyN3Nh239Vo9F5egZf8zJbK0=
x-amz-request-id: 906404727CBSAH6H
last-modified: Fri, 16 Dec 2022 11:59:07 GMT
x-amz-version-id: KlezKtZwEKRqvJfetYlE0cWdL_UzUxRL
etag: W/"01ce3e150b050a34f6e0c2ac56327250"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYYmDfJ%2F5KWtRASsJpMTt5xBshnk2ONPInNeNEi1REFRuRwIFIHqbuQGydRrc%2BoUNG%2F%2BXoBW8jQv2UB267xRwCIXRa%2BMYBJWJTpVqjZBlBYVvwgavS7%2BVRV8Y6kwtmdCaVqeiDyb5rgN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 786b4b1a2f2eb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-402168753%3A1673247601681879&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh6Gjl33R-2_OIWHCTtsoE0nzlELAXVpCrpMYWf2KTjbGb9zmE0dLLC7PYOB84pZml9bCpnmtw
403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-402168753%3A1673247601681879&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh6Gjl33R-2_OIWHCTtsoE0nzlELAXVpCrpMYWf2KTjbGb9zmE0dLLC7PYOB84pZml9bCpnmtw
IP
GET /v3/signin/identifier?dsh=S-402168753%3A1673247601681879&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh6Gjl33R-2_OIWHCTtsoE0nzlELAXVpCrpMYWf2KTjbGb9zmE0dLLC7PYOB84pZml9bCpnmtw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://seguro.comprasline.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 09 Jan 2023 07:00:01 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-iNujjJwqaz0Ejs3yP9xowA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mercadolivre.com/jms/mlb/lgz/background/session/armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15?background=armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjE2MTEzNmY2LWUzMmEtNGIzYy1hODNiLTMwMmJiMjYwYjNlYS0xNjczMjQ3NjAxNTY0IiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM5LCJ3ZWJnbCI6MywidXNlcmZvbnRzIjo4MSwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1MiwiaGFzaCI6MTk5LCJ0b3RhbCI6MTk5fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D
200 OK 0 B URL HTTP/2 www.mercadolivre.com/jms/mlb/lgz/background/session/armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15?background=armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjE2MTEzNmY2LWUzMmEtNGIzYy1hODNiLTMwMmJiMjYwYjNlYS0xNjczMjQ3NjAxNTY0IiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM5LCJ3ZWJnbCI6MywidXNlcmZvbnRzIjo4MSwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1MiwiaGFzaCI6MTk5LCJ0b3RhbCI6MTk5fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D
IP
GET /jms/mlb/lgz/background/session/armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15?background=armor.19e2444d5738689cb42b3be5ca25771d25a58074b3628a2b5f5d4d3afef4fbdc8d3e767d62c75025268be0a5c0cc9b81e0bc14140b57286c78c700bfc7930f4bcd605b95ae379368c20660a3d38e3ba3814e89ecaf17b13caa622461dbe57be2.754722717cb3ccc0c7b0082d19714a15&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6IjE2MTEzNmY2LWUzMmEtNGIzYy1hODNiLTMwMmJiMjYwYjNlYS0xNjczMjQ3NjAxNTY0IiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM5LCJ3ZWJnbCI6MywidXNlcmZvbnRzIjo4MSwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1MiwiaGFzaCI6MTk5LCJ0b3RhbCI6MTk5fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D HTTP/1.1
Host: www.mercadolivre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.comprasline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 09 Jan 2023 07:00:02 GMT
server: Tengine
set-cookie: _d2id=715ad48c-6ccb-483d-98a4-6dce9e83d81d-n; Path=/; Domain=.mercadolivre.com; Expires=Tue, 09 Jan 2024 07:00:02 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 715ad48c-6ccb-483d-98a4-6dce9e83d81d
x-request-device-id: 715ad48c-6ccb-483d-98a4-6dce9e83d81d
x-d2id: 715ad48c-6ccb-483d-98a4-6dce9e83d81d
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kLrIx-SmVJEe0SlBOp5feCgJ7143C5TiFhM6FpGOvgCizO6PDuhAjQ==
X-Firefox-Spdy: h2
170.82.174.30
35.241.9.150
23.36.79.27
93.184.220.29
104.18.0.53
31.13.72.12