r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7990
Expires: Sat, 28 Jan 2023 22:54:01 GMT
Date: Sat, 28 Jan 2023 20:40:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7206
Expires: Sat, 28 Jan 2023 22:40:57 GMT
Date: Sat, 28 Jan 2023 20:40:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 19:43:06 GMT
content-type: application/json
age: 3465
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2325
Expires: Sat, 28 Jan 2023 21:19:36 GMT
Date: Sat, 28 Jan 2023 20:40:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2wv2hrQJfmGMbdfRlqDvqhF3Hm7wjDMxZz3HK9w3HPYqpDwThdQN8hcKlWlxynxgXOvA21SH8T5B+lNfxd19CA==
x-amz-request-id: J4R32BVHMPZ7E61S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 19:50:02 GMT
age: 3049
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
seguro.newbotox.ml/checkout/payment?cart_token=37b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=544ac29e5477374e88758a965806ff0b48752541&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
170.82.174.30301 Moved Permanently 134 B URL HTTP/1.1 seguro.newbotox.ml/checkout/payment?cart_token=37b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=544ac29e5477374e88758a965806ff0b48752541&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
IP 170.82.174.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /checkout/payment?cart_token=37b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=544ac29e5477374e88758a965806ff0b48752541&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 28 Jan 2023 20:40:51 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://seguro.newbotox.ml:443/checkout/payment?cart_token=37b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=544ac29e5477374e88758a965806ff0b48752541&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
X-GoCache-CacheStatus: BYPASS
Server: gocache
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 20:40:52 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 19:49:03 GMT
age: 3109
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 14a9b6ac568ea29326443c0a20f1f31e
fc0951ea06f8ba2d42f9c0fda68ce9fb0ecf227a
7477bdc6eaf52d823d356721ae6cd63b661211b484ecc0871437bfe14ad536a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7477BDC6EAF52D823D356721AE6CD63B661211B484ECC0871437BFE14AD536A6"
Last-Modified: Thu, 26 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 29 Jan 2023 02:40:52 GMT
Date: Sat, 28 Jan 2023 20:40:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6690
Expires: Sat, 28 Jan 2023 22:32:22 GMT
Date: Sat, 28 Jan 2023 20:40:52 GMT
Connection: keep-alive
push.services.mozilla.com/
54.187.31.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.31.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YSlkKfWTBIK2bRNOL8nSHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1sFrVrplm4V1QKB/Jq7sl8b9+pE=
secure.mlstatic.com/sdk/javascript/v1/mercadopago.js
95.101.10.152200 OK 9.1 kB URL HTTP/1.1 secure.mlstatic.com/sdk/javascript/v1/mercadopago.js
IP 95.101.10.152:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (25829), with no line terminators
Hash 13e3cc8ff400bf1da09ba98065151e4a
05da8917634372f71cd2f851e42129fecfb2f45f
9fb8f6afd1ae3d95fbd299a8a9b63fb83e653410c7a9cd0e42fbb75b4faf1c36
GET /sdk/javascript/v1/mercadopago.js HTTP/1.1
Host: secure.mlstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 9065
Server: Tengine
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "810759-9065-1647036440000"
Last-Modified: Fri, 11 Mar 2022 22:07:20 GMT
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.openplatform-sdk-javascript.melifrontends.com
X-Request-Id: 7ed89847-67cf-43cc-978b-8953a1b3c905
X-Request-Device-Id: 7ed89847-67cf-43cc-978b-8953a1b3c905
X-D2id: 7ed89847-67cf-43cc-978b-8953a1b3c905
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Cache-Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Date: Sat, 28 Jan 2023 20:40:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1eb0a2928a5a6445ea2403546c917632
c3174e2243b998ea5850bed5f26f124253a59ea4
6f6125f352a6f2271ac69946dc5985aeef83d623cd7e90bb48bb3d3a62b4bdb3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4933
Cache-Control: max-age=108044
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Etag: "63d4781c-1d7"
Expires: Mon, 30 Jan 2023 02:41:37 GMT
Last-Modified: Sat, 28 Jan 2023 01:19:24 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cf27377db382380cc800fa17df83721f
4c3759d24d0e980575a70208917814c799b13bd9
687742c0c93fb8f6cb441ea7296d9dd9e8885639d9f7bf2d569e3dd19eb7f693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5061
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Last-Modified: Sat, 28 Jan 2023 19:16:32 GMT
Server: ECS (amb/6B94)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC
142.250.74.132200 OK 586 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC
IP 142.250.74.132:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 9209866a4051c1a5a169b9f6ca2d5d69
c1561a92f66c11e4fef89fd3fd359bbda76a304a
f0a5a0f1ce8b494947bf336db830d604be27826ce7961f5118b352d9718ff188
GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 28 Jan 2023 20:40:53 GMT
date: Sat, 28 Jan 2023 20:40:53 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-N6QHJQM
142.250.74.78200 OK 43 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-N6QHJQM
IP 142.250.74.78:0
File type ASCII text, with very long lines (1759)
Hash 89417149a41f416cbf7d6e16ad20d7a6
fd05d917bcf2f029f4ae1c57898a147f039b42ea
5377e669260350ccbae2bcd1fde2dc6ee3eece06cb8ead9c070c28e96f8ebd66
GET /optimize.js?id=OPT-N6QHJQM HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 20:40:53 GMT
expires: Sat, 28 Jan 2023 20:40:53 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43400
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
images.yampi.me/assets/stores/pangeialoja2/uploads/testimonies/638919683f09f.jpg
104.26.2.88200 OK 7.2 kB URL HTTP/2 images.yampi.me/assets/stores/pangeialoja2/uploads/testimonies/638919683f09f.jpg
IP 104.26.2.88:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 150x150, components 3\012- data
Hash 38e82d9099a4148088b47887f071893a
553686b33cbcde22b644dab21a97b9d7e6ac3140
43c11ca529e414e6e07cf8b9ad31398b3e213648f6adda916ae9edbac01e51e2
GET /assets/stores/pangeialoja2/uploads/testimonies/638919683f09f.jpg HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: image/jpeg
content-length: 7246
x-amz-id-2: 4KGo3qlzEVrKMJ9sc6ZKGIghvzjET4HvBZgEtFoJc856KxiKScBADH5tbX5xE0wBZu2NbEqsVeg=
x-amz-request-id: 272W22SHC8DJ8PBM
last-modified: Tue, 20 Dec 2022 13:10:25 GMT
x-amz-version-id: YlMNMRMZq7XUVnD8WuDBZStyOaQGaB.o
etag: "38e82d9099a4148088b47887f071893a"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dubbUvijWu9z8j0nONxAiwJVfRA%2FQ1uzNHBUNInq7vuI98X2PrG8LlPt4x805yP%2BxIVD57eVa5le29ajE5UBFFs2eQ0R4HxG1vJwUn9PkyH5E2b4dXJMYe6TdFCF49x0TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c8bb5bc89b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.dooki.com.br/fa/4.7.0/fa.css
104.18.1.53200 OK 7.4 kB URL HTTP/2 fonts.dooki.com.br/fa/4.7.0/fa.css
IP 104.18.1.53:0
Hash 57c745f3ecbe41ba7c59412ffa4833e0
4afe5425a7daf47949b1979059a517ec9dec574d
93a2e0aa10569768417f61c55322853670a5e46be00afc5cb1b876a7dada442e
GET /fa/4.7.0/fa.css HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: text/css
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: HIT
age: 0
expires: Sun, 05 Feb 2023 20:40:53 GMT
cache-control: public, max-age=691200
set-cookie: __cf_bm=zQz8WvkgO77hBeaWhX36ge7.f5qufCb0vvzOdtPl5As-1674938453-0-AQP/RL7jAAN6VObkoWgBdjmhonZ2VuBRFcc4fgAVxz2Si7UsDbPL9S1/7C7RHIIJYHKLDFO2OPP0yNZQ34YXKHs=; path=/; expires=Sat, 28-Jan-23 21:10:53 GMT; domain=.dooki.com.br; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c8bb64fe0b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9df6f457d1cca5dba95b8f04622c5e
27ae6e401db6f83b812f9fca85bd890795b11ece
c0ad68d3477a53d59c7e80ffb8a5ffa239f723e15b3bd2f02bafc7893d22f3af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Etag: "63d43fc7-1d7"
Server: ECS (amb/6B90)
Content-Length: 471
images.yampi.me/assets/stores/pangeialoja2/uploads/images/serum-anti-idade-volte-10-anos-amostra-gratis-63a6265211d7f-thumb.png
104.26.2.88200 OK 55 kB URL HTTP/2 images.yampi.me/assets/stores/pangeialoja2/uploads/images/serum-anti-idade-volte-10-anos-amostra-gratis-63a6265211d7f-thumb.png
IP 104.26.2.88:0
File type PNG image data, 290 x 342, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b8f57e76ffd71c14255be77ebb91c44
85a487e2b956a1e2581f192a7be17934022c2671
319f8a6d73b52514e01d448f16a74f3e766b87e67f172d77e9204b3527943099
GET /assets/stores/pangeialoja2/uploads/images/serum-anti-idade-volte-10-anos-amostra-gratis-63a6265211d7f-thumb.png HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: image/png
content-length: 54677
x-amz-id-2: nelhHaW54R1+KmCVpK+TU3WhkxEOJtGReorKNnqabQWi6H0ZnJB0+rk8fOrERz6VF5CvcCuVoMU=
x-amz-request-id: 272Q43FJTCV62ZWT
last-modified: Fri, 23 Dec 2022 22:06:14 GMT
x-amz-version-id: NFuHNgScgQiWZ_cf3lgMMHXaj7Vu9tfs
etag: "0b8f57e76ffd71c14255be77ebb91c44"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ls%2BJnlr1A8IIyR%2FsQz2krg6%2BayN3N0vNcEzpzVa1ZJPDMPniMDwX%2Fulg8UnDF0sl7IyCCNMg1gsJmhDMPay1pHCqYTMIBjPdS3OmQoFXKXJa0G2Wu9E%2B%2BTI3EVfeLMw%2BRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c8bb5cca7b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.yampi.me/assets/stores/pangeialoja2/uploads/testimonies/638919822b364.jpg
104.26.2.88200 OK 9.5 kB URL HTTP/2 images.yampi.me/assets/stores/pangeialoja2/uploads/testimonies/638919822b364.jpg
IP 104.26.2.88:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash 8d1a1c91706ee90431352edba28c7934
043095657ab78af32f10dcd4e8786b34c7064afa
4831bb0006a859409e9055cbe057e880975ceb35c51088159a163b8579507d12
GET /assets/stores/pangeialoja2/uploads/testimonies/638919822b364.jpg HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: image/jpeg
content-length: 9453
cf-bgj: imgq:100,h2pri
cf-polished: origSize=10158, status=webp_bigger
etag: "cea17f429bef289d237b40f983c3f021"
last-modified: Tue, 20 Dec 2022 13:10:25 GMT
x-amz-id-2: R/xfml0bj8LY++U5bTNRH/7yMlNWVDjgPCoTXa+YL5MT3Gl5CxEeV/Nvdnq7IaFxQw9w2Qj63qc=
x-amz-request-id: 272J299D8TBEXHYZ
x-amz-version-id: X8VvJS3YUR.jtYhjhd1CKpzFL5CVTyHe
cache-control: max-age=31536000
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQkHoD%2FCA%2BH6An557KAIQs03pHayJ6u%2BHdUEe9E3tFPkI7fLYL81GCCSs6JszWX33ko%2BdtylKDkzVhDCiIxGDNn5aTUK%2BsnUJVDppmeOLkqC4OiYI5eEkZ3hpgDUfO2gfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c8bb5bc87b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.yampi.me/assets/stores/pangeialoja2/uploads/testimonies/638919738f80e.jpg
104.26.2.88200 OK 7.7 kB URL HTTP/2 images.yampi.me/assets/stores/pangeialoja2/uploads/testimonies/638919738f80e.jpg
IP 104.26.2.88:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Hash 545f1490fe0f92efa0e3791be0e2ae2f
7db9758d414732fc9070511750abf69de536e875
f67174c14df63ed1bd57b3c7033a2fcd0e28715f45d0c6a34ffdbbc48831241a
GET /assets/stores/pangeialoja2/uploads/testimonies/638919738f80e.jpg HTTP/1.1
Host: images.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: image/jpeg
content-length: 7698
cf-bgj: imgq:100,h2pri
cf-polished: origSize=8240, status=webp_bigger
etag: "9566576447645e9430aa87e815a23928"
last-modified: Tue, 20 Dec 2022 13:10:24 GMT
x-amz-id-2: oDx8XkZzxhXKat6BuwKNdtVcPolHe1w5t+Fe+v0UpZMDdQb1EdMfJ5a1jtUDwY8uSVojo9LjdiI=
x-amz-request-id: 272MM4V02NF7HSDG
x-amz-version-id: dA9NkZQBrwFrPOZY6D_vI4utHkw4HDSu
cache-control: max-age=31536000
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPciwaVVkcJC5wTCVVZCE%2F8tSgdtaHSyYLVOkm3owkbQn0L4F%2FYme%2BmBxdI8rJQxp58Bj6MUWXjUsKpr%2Bf%2F4FIPweo610mBB0wM6bKyvgUpgZg1zXPA8hdns3mtWNb%2BQhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c8bb5bc8bb4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2403
Expires: Sat, 28 Jan 2023 21:20:57 GMT
Date: Sat, 28 Jan 2023 20:40:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2403
Expires: Sat, 28 Jan 2023 21:20:57 GMT
Date: Sat, 28 Jan 2023 20:40:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2403
Expires: Sat, 28 Jan 2023 21:20:57 GMT
Date: Sat, 28 Jan 2023 20:40:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f185f0b4f90d06dbb397b44ed9c73dbe
a48e2c369a048447e0e25e4791eb603859391c1c
b466060fc132cc8d23fcb83001206606e2d5502118c65e9f55795b5adbff2fa6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9364
x-amzn-requestid: e556be7b-567a-4c9a-931e-ff6fee42d3a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T8GbFoAMFySg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-6f4476e9388c77a057153277;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LPkLrx7l9Qf_GKdtJq_77RUkvgnKZlCaDN34xsB5bEO8c9VQEJPAew==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:38 GMT
etag: "a48e2c369a048447e0e25e4791eb603859391c1c"
content-type: image/jpeg
age: 81856
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c982569d070f24dba1259603091c22e3
0f93acb5bee53670cc4ef486922f7333d96a2f4e
9a5a2d8a181a763ee6f60c27b396a0e3d7b1527e5177b2aff8d511db250753ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4975
x-amzn-requestid: 633350b7-4686-40d5-8c9d-3c097f8e2d34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-EBGuaoAMFbSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b3-4201212c1a0eb2a65d3f494c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: M4VR-I89SGD0-FLzHhZ88PJJJmdWTEi0UrBnAmCBCQAdjRsssqnSzw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:49:06 GMT
age: 82308
etag: "0f93acb5bee53670cc4ef486922f7333d96a2f4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 23:03:41 GMT
age: 77833
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K9YWM9eaEc1DQ6wtEEuADnG1U-ahRBXDaiHIAm20dkWMOxPWBlJidw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:46:13 GMT
age: 78881
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
seguro.newbotox.ml/checkout/payment?cart_token=37b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=544ac29e5477374e88758a965806ff0b48752541&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
170.82.173.30200 OK 53 kB URL HTTP/2 seguro.newbotox.ml/checkout/payment?cart_token=37b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=544ac29e5477374e88758a965806ff0b48752541&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash 70b30700c3e58c5c3e3bec280554dcb0
60376424c11e560fb3a0e6b6a5c5e90e05f2ec84
17595badbf6c2f4add7c4779d2722420df5f64bbb4534c85f35ae7a68529cd93
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /checkout/payment?cart_token=37b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=544ac29e5477374e88758a965806ff0b48752541&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:52 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; expires=Sat, 28-Jan-2023 23:40:52 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:52 GMT; Max-Age=10800; path=/; httponly
pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; expires=Thu, 02-Feb-2023 20:40:52 GMT; Max-Age=432000; path=/; httponly
cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D; expires=Sat, 28-Jan-2023 20:50:52 GMT; Max-Age=600; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57b73886cbbb719eda5f733c018eedfb
b84ed40973f8a0d3c10529e34f9466746cfdaf0c
4ba11c23e0bbd2aed53b04ad0b3d22161af1971ddcfb75ae55734de9a49af207
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: c1743fed-205a-431b-8648-474facde6d09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwFtboAMF9rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-5b94864c707c42fc36fbc63a;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7LUa_R8g8Rlv7JJA0_okht-vGe-xBSyZ5TPJTFakAHlncQPZKEdULQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:48:58 GMT
age: 82316
etag: "b84ed40973f8a0d3c10529e34f9466746cfdaf0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a8d40bb9e7e93b625f79d49644230c25
5b31a34ebf7797aa7c7bb326be6ba97e61de74bf
5603b38d1028274c5503becd64496e19694a89f3e4852cf0f3a1eb56e5476ce4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1948
Cache-Control: max-age=109725
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:54 GMT
Etag: "63d48a57-1d7"
Expires: Mon, 30 Jan 2023 03:09:39 GMT
Last-Modified: Sat, 28 Jan 2023 02:37:11 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a8d40bb9e7e93b625f79d49644230c25
5b31a34ebf7797aa7c7bb326be6ba97e61de74bf
5603b38d1028274c5503becd64496e19694a89f3e4852cf0f3a1eb56e5476ce4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3841
Cache-Control: max-age=111618
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:54 GMT
Etag: "63d48a57-1d7"
Expires: Mon, 30 Jan 2023 03:41:12 GMT
Last-Modified: Sat, 28 Jan 2023 02:37:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
stc.pagseguro.uol.com.br/pagseguro/api/v2/checkout/pagseguro.directpayment.js
152.199.20.248200 OK 2.3 kB URL HTTP/2 stc.pagseguro.uol.com.br/pagseguro/api/v2/checkout/pagseguro.directpayment.js
IP 152.199.20.248:0
File type ASCII text, with very long lines (8220), with no line terminators
Hash d155846e9d2bba207ed4e4f326b470f3
2e8544830a2b548da372350352a9d04372cb84c3
5be2051bfd2d4c73af54a685ce1c1628d4909edf7307c67521852747875db6ca
GET /pagseguro/api/v2/checkout/pagseguro.directpayment.js HTTP/1.1
Host: stc.pagseguro.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript
date: Sat, 28 Jan 2023 20:40:54 GMT
ec-rule-version: 20230120-01
last-modified: Thu, 19 Jan 2023 20:52:53 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
content-length: 2275
X-Firefox-Spdy: h2
cdn.yampi.me/jquery/jquery.js
104.26.2.88200 OK 35 kB URL HTTP/2 cdn.yampi.me/jquery/jquery.js
IP 104.26.2.88:0
File type ASCII text, with very long lines (32060)
Hash 4f1fcaab7d16d7566f5649660cf9915a
c0ff2de963cb37b1ff553cd7741fa26efe6baf98
7827d38ced6d22d8151a86823f9183c8ab5652f4a64e76d12dde6fc06a5ab10b
GET /jquery/jquery.js HTTP/1.1
Host: cdn.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: application/javascript
x-amz-id-2: cvnt6Bg7zbti5Bm8Lp0rAGY7y345bRB4T32MulxMxGJI1GHuapNQjUTBRTBFSQUT3nXc9o650NA=
x-amz-request-id: TP7GXVJKXZ65D2ZZ
last-modified: Tue, 24 Sep 2019 11:23:34 GMT
x-amz-version-id: 6XhfNvj9UGB1eWzPJf8PFJnclFrAQqDF
etag: W/"9f7c65c84c8e8c3e317945e8fd89899b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJjX0KHLR%2BkqOyLt0XxCNG%2BedMjKSXHC8goBhFl7pNd%2BgWgo5FDZPiADyDcDSujEa3VGoKBGwrq8nF9ICbRhtOlzSLIEHDSV897O%2FzpY1O9JcGhy1MQYlXsPqK7ALQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c8bb5bc84b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a36d09eb1f86aec609c457316f0d3c2a
0ebe8259086aea731a61a3dc7553ebff431ca29a
ed813153f14242a3bb1fd29c3842f1140f34804bd2fafacdee87059bd35c157b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:54 GMT
Last-Modified: Sat, 28 Jan 2023 20:40:53 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.newbotox.ml
52.55.160.178200 OK 6 B URL HTTP/2 api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.newbotox.ml
IP 52.55.160.178:0
File type ASCII text, with no line terminators
Hash 3c3f2943d4337318cf737f45d5b564cd
941d39154464c20d99b5248f5a5647709745cbfa
f9bafc82ba5f8fb02b25020d66f396860604f496ca919480147fa525cb505d88
OPTIONS /v1/devices/widgets?referer=https%3A//seguro.newbotox.ml HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.newbotox.ml/
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: application/json
content-length: 6
x-request-id: 2089c897-03a4-4891-b079-0ed379c965f2
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-16,x-trace-digest-keys,x-trace-existing-keys, x-source-ip,x-trace-source,x-request-id,x-trace-digest-16,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154, 91.90.42.154
x-b3-spanid: e0bf04adab518cee, e0bf04adab518cee
x-b3-traceid: e0bf04adab518cee, e0bf04adab518cee
x-trace-source: fury_app, fury_app
x-b3-sampled: 0, 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid, x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-16: LgYFFawRBipFul7S7mfUVbGPJEkTAplFYSCZ8oXTxtMJbX4AgT+4xeF9aGxbha+w, LgYFFawRBipFul7S7mfUVbGPJEkTAplFYSCZ8oXTxtMJbX4AgT+4xeF9aGxbha+w
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://seguro.newbotox.ml
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: content-type
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2
www.mercadopago.com/v2/security.js
54.230.111.103200 OK 1.7 kB URL HTTP/2 www.mercadopago.com/v2/security.js
IP 54.230.111.103:0
File type ASCII text, with very long lines (4206), with no line terminators
Hash 8b34452a0f2e361a4480c92c0c8cbb97
291cbebabf3c1bf91473cdaa5b791fe04539fb65
259de1151758a77314de838e448bc0bfc7a8371d9f6f5fcf9d5ea3cac725993e
GET /v2/security.js HTTP/1.1
Host: www.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 28 Jan 2023 20:40:54 GMT
set-cookie: _d2id=14283fb3-3fee-4003-8d4c-42c4c6e7b8c1-n; Path=/; Domain=.mercadopago.com; Expires=Sun, 28 Jan 2024 20:40:54 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: get_off_widget
content-encoding: gzip
x-request-id: 14283fb3-3fee-4003-8d4c-42c4c6e7b8c1
x-request-device-id: 14283fb3-3fee-4003-8d4c-42c4c6e7b8c1
x-d2id: 14283fb3-3fee-4003-8d4c-42c4c6e7b8c1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iesbvHBEu_T1OK9nZ84ESx4jXd8tEj1NMUMKhfKhlUNbpWCWK6dUyA==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 44b4889eff0e48a4fc2a36487e8119c6
d2eb4541016be80c325190e56943a72e530313a6
8be6d0c11e884bb526c43759ec37c91851720a34e9707e9362ac4512a85dab4c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:54 GMT
Server: ECS (amb/6B81)
Content-Length: 279
www.googletagmanager.com/gtm.js?id=GTM-PSBDR7P
142.250.74.168200 OK 40 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PSBDR7P
IP 142.250.74.168:0
File type ASCII text, with very long lines (8901)
Hash 632efb144f2b1a65c8c25c8af91fd50e
99258a036844229efb82ce80ae82d9c0f2e6bcaf
8ec42e8d5ae817b7a3a1b8185b0f73165dadd1e310708a0d050fa26ecc4cb17f
GET /gtm.js?id=GTM-PSBDR7P HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 20:40:54 GMT
expires: Sat, 28 Jan 2023 20:40:54 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 39781
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a36d09eb1f86aec609c457316f0d3c2a
0ebe8259086aea731a61a3dc7553ebff431ca29a
ed813153f14242a3bb1fd29c3842f1140f34804bd2fafacdee87059bd35c157b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=158530
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:54 GMT
Etag: "63d55098-117"
Expires: Mon, 30 Jan 2023 16:43:04 GMT
Last-Modified: Sat, 28 Jan 2023 16:43:04 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 17fa98c621a1f5f54de9cc535739e6a3
89b712e71fd8f4660b1dbaa684459fbf8bd7b01e
57a7cdf4f688c7e4007ff06f6183cb611c0380765435196e301fd9b75d46d9c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:54 GMT
Etag: "63d404a4-1d7"
Server: ECS (amb/6B7F)
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a36d09eb1f86aec609c457316f0d3c2a
0ebe8259086aea731a61a3dc7553ebff431ca29a
ed813153f14242a3bb1fd29c3842f1140f34804bd2fafacdee87059bd35c157b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=158530
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:54 GMT
Etag: "63d55098-117"
Expires: Mon, 30 Jan 2023 16:43:04 GMT
Last-Modified: Sat, 28 Jan 2023 16:43:04 GMT
Server: nginx
Content-Length: 279
fonts.dooki.com.br/fa/4.7.0/fa.woff2?v=4.7.0
104.18.1.53200 OK 77 kB URL HTTP/2 fonts.dooki.com.br/fa/4.7.0/fa.woff2?v=4.7.0
IP 104.18.1.53:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /fa/4.7.0/fa.woff2?v=4.7.0 HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://fonts.dooki.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: binary/octet-stream
content-length: 77160
x-amz-id-2: MWitW1fJ1pHXOV3jvftrj+jO1CIUcKdbmEFE2Xetp/4nZJHz2nMQeDfSNcIwYnE56Om1UaXJgrM=
x-amz-request-id: QYRQCMRE5VZMV05S
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 1800
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 10 Nov 2018 14:21:40 GMT
x-amz-version-id: null
etag: "af7ae505a9eed503f8b8e6982036873e"
cf-cache-status: HIT
age: 0
expires: Sun, 05 Feb 2023 20:40:54 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
set-cookie: __cf_bm=JnxeT9aJUJyi06cI7VfBi6MijeuyMG8JQuSCxcBMngQ-1674938454-0-AfD0VjVxYiT41rj9npbgMpVdzzRdgys7YEURts3MktUdLskmGRhGqldRzdoO/7VHgr5cU0/Ejfb/4c0HD7W1958=; path=/; expires=Sat, 28-Jan-23 21:10:54 GMT; domain=.dooki.com.br; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 790c8bbe2ae00b49-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a36d09eb1f86aec609c457316f0d3c2a
0ebe8259086aea731a61a3dc7553ebff431ca29a
ed813153f14242a3bb1fd29c3842f1140f34804bd2fafacdee87059bd35c157b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=158530
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:54 GMT
Etag: "63d55098-117"
Expires: Mon, 30 Jan 2023 16:43:04 GMT
Last-Modified: Sat, 28 Jan 2023 16:43:04 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
github.bubbstore.com/svg/card-visa.svg
104.21.29.224200 OK 36 kB URL HTTP/2 github.bubbstore.com/svg/card-visa.svg
IP 104.21.29.224:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1343)
Hash fd30d57a924e5ea027aafa4920daa08d
c625073059f055f77774c8e710763cff0ceaa103
c8994a86154a559d99c328f9674dc13dc3c644255997a6b3b840018b8f697d90
GET /svg/card-visa.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-1288"
expires: Sat, 28 Jan 2023 20:50:53 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: DB9E:CF3F:E3AFF5:EC260A:63C930C9
via: 1.1 varnish
age: 0
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674129609.085268,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: f718f8968a6d102e06af5658dd63adf7f854d93d
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfBsZOanYTp3QDoLg8aLnnR6YUoK7g%2F1yus1LEF8ka0e84dHt3dW1qHPDx0w4Pf7bW2V%2FRDi954YqJdFYlzzMQHqGy7et7srSA8wwkDcHNK5kLjK3DzTQejzuRCgQeGRaperleMCBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c8bbc8a15b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=0d8d6a92e9fa66c414d78f3353e643b0
104.26.2.88200 OK 89 kB URL HTTP/2 awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=0d8d6a92e9fa66c414d78f3353e643b0
IP 104.26.2.88:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7b59a5875c1d6fa9cb75c7aace2056ed
a158916101d8a1f8ef6160a21c07901dea4177d6
3b7ea5d74c20448d8ef2c7d6321383e198c7c9f5eccdc76af1321ea2f3489104
GET /checkout/build/mix/assets/js/app.js?id=0d8d6a92e9fa66c414d78f3353e643b0 HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: application/javascript
x-amz-id-2: K/EHESlWLCGW8A6AtF0eaAijovlrup0iAHA/fPCp0ecLP2tZz7wKHGpBroxP6KWxhBEq5pzLzVE=
x-amz-request-id: J8VQTHGTKRCQ91B5
last-modified: Tue, 24 Jan 2023 14:06:10 GMT
x-amz-version-id: cO0VOLTwBag23Dv2NpGr6QTaJJ_IZSsG
etag: W/"7be8a84c592823cabbcc6eba398f4b22"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkzVJVogX9sKOfLOo1VLHJnNJqWbPvjFcQ94ODgb6bgZhzJqx39rjYNndnYonXKuZe0Lu%2FXteaYt7MMPEnuhK9fdYxyE3HNZT02NhoLc3zTrsMF8sFxFNQiVUDmMyOuWJa30dbrr4kAM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c8bb5ac59b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a36d09eb1f86aec609c457316f0d3c2a
0ebe8259086aea731a61a3dc7553ebff431ca29a
ed813153f14242a3bb1fd29c3842f1140f34804bd2fafacdee87059bd35c157b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:54 GMT
Etag: "63d2ad93-116"
Server: ECS (amb/6B79)
Content-Length: 279
api.mercadopago.com/v1/device_sessions/web_device
52.55.160.178200 OK 13 kB URL HTTP/2 api.mercadopago.com/v1/device_sessions/web_device
IP 52.55.160.178:0
Hash d7e23c2c01669ef879de1e90cadc377e
a71b16dd9f94b2fac004c94254f8c60dad596ea8
cdf0e7d6078766b9f437149f810b6232f56b211f18085ceb0ff75e040c6682b7
POST /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 48
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://seguro.newbotox.ml
x-request-id: 85f2eb12-9188-4990-be67-ed67eb5d9449
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-38,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 0625671e9e9bca55
x-b3-traceid: 0625671e9e9bca55
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-38: 76qHZ3EUxs9rEKiQjOdrnes/yWG/08zebR5l4jiAxs9Xvr8V/l7zz0Pks1Q3hJL4
access-control-allow-credentials: true
vary: Accept-Encoding, Accept,Accept-Encoding
cache-control: max-age=0
set-cookie: profile=1674938454639;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b49e1e578e00d7006ece637e6c225369
4a7f0eafa423fe5717467967f641058dc3fd17b8
edac1cda42af0db8c67065210d7d6647bd01d08007a4fd3a057c1a314cb03ab5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:55 GMT
Server: ECS (amb/6B7F)
Content-Length: 471
ana.yampi.io/v1/hits?id=checkout&uid=1-oldaghd1-ldgf4295&ev=checkout-add-payment-info&ed=%7B%22screen_resolution%22%3A%221280x1024%22%2C%22store_id%22%3A89507%2C%22store_profile%22%3A%22store_v2%22%2C%22content_ids%22%3A%5B%2288406875%22%5D%2C%22content_type%22%3A%22sku%22%2C%22session_id%22%3A%2237b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811%22%2C%22customer_id%22%3A131105562%7D&v=1&dl=https%3A%2F%2Fseguro.newbotox.ml%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3Da0d68910-9f36-11ed-a8bb-554269e8944c&rl=&ts=1674938458986&load_time=3119&de=UTF-8&sr=1280x1024&vp=1280x939&cd=24&dt=Finalizar%20compra%20-%20New%20Botox%20-%20Sem%20Rugas%20e%20Manchas&bn=Firefox%20105&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&tz=0&utm_source=SMS&utm_medium=&utm_term=&utm_content=&utm_campaign=Carrinho%20Abandonado%201&utm_source_platform=&utm_creative_format=&utm_marketing_tactic=
104.18.15.227204 No Content 0 B URL HTTP/2 ana.yampi.io/v1/hits?id=checkout&uid=1-oldaghd1-ldgf4295&ev=checkout-add-payment-info&ed=%7B%22screen_resolution%22%3A%221280x1024%22%2C%22store_id%22%3A89507%2C%22store_profile%22%3A%22store_v2%22%2C%22content_ids%22%3A%5B%2288406875%22%5D%2C%22content_type%22%3A%22sku%22%2C%22session_id%22%3A%2237b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811%22%2C%22customer_id%22%3A131105562%7D&v=1&dl=https%3A%2F%2Fseguro.newbotox.ml%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3Da0d68910-9f36-11ed-a8bb-554269e8944c&rl=&ts=1674938458986&load_time=3119&de=UTF-8&sr=1280x1024&vp=1280x939&cd=24&dt=Finalizar%20compra%20-%20New%20Botox%20-%20Sem%20Rugas%20e%20Manchas&bn=Firefox%20105&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&tz=0&utm_source=SMS&utm_medium=&utm_term=&utm_content=&utm_campaign=Carrinho%20Abandonado%201&utm_source_platform=&utm_creative_format=&utm_marketing_tactic=
IP 104.18.15.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/hits?id=checkout&uid=1-oldaghd1-ldgf4295&ev=checkout-add-payment-info&ed=%7B%22screen_resolution%22%3A%221280x1024%22%2C%22store_id%22%3A89507%2C%22store_profile%22%3A%22store_v2%22%2C%22content_ids%22%3A%5B%2288406875%22%5D%2C%22content_type%22%3A%22sku%22%2C%22session_id%22%3A%2237b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811%22%2C%22customer_id%22%3A131105562%7D&v=1&dl=https%3A%2F%2Fseguro.newbotox.ml%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3Da0d68910-9f36-11ed-a8bb-554269e8944c&rl=&ts=1674938458986&load_time=3119&de=UTF-8&sr=1280x1024&vp=1280x939&cd=24&dt=Finalizar%20compra%20-%20New%20Botox%20-%20Sem%20Rugas%20e%20Manchas&bn=Firefox%20105&md=false&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&tz=0&utm_source=SMS&utm_medium=&utm_term=&utm_content=&utm_campaign=Carrinho%20Abandonado%201&utm_source_platform=&utm_creative_format=&utm_marketing_tactic= HTTP/1.1
Host: ana.yampi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 46dcd2d2-0316-4aed-950d-c605dc549360
x-ratelimit-remaining: 57
x-amz-apigw-id: feI9qHnjIAMFVCA=
cache-control: no-cache, private
x-ratelimit-limit: 60
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
x-amzn-trace-id: Root=1-63d58857-2a7058c329c13f201d5c724d;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 20:40:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 790c8bbe9a48b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background/etid
54.230.111.112200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/etid
IP 54.230.111.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jms/lgz/background/etid HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Sat, 28 Jan 2023 20:40:55 GMT
server: Tengine
set-cookie: _d2id=b1afb5f2-1eef-4d5a-b1ac-932398dbfd24-n; Path=/; Domain=.mercadolibre.com; Expires=Sun, 28 Jan 2024 20:40:55 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: d51a8861-5329-48aa-a2a4-19724675f73c-1674938455332
cache-control: private, must-revalidate, proxy-revalidate
x-request-id: b1afb5f2-1eef-4d5a-b1ac-932398dbfd24
x-trace-digest-62: cj0fTwEnpVtgHc0688BtyarHp6EUPntFrbrlU84Q/hFrRUJtzNzDGz7DN0o8uKt+, cj0fTwEnpVtgHc0688BtyarHp6EUPntFrbrlU84Q/hFrRUJtzNzDGz7DN0o8uKt+
x-trace-digest-keys: x-source-ip,x-request-device-id,x-meli-trace-bu,x-meli-trace-site,x-meli-trace-platform,x-trace-source,x-request-id,x-trace-digest-62,x-trace-digest-keys,x-trace-existing-keys, x-source-ip,x-request-device-id,x-meli-trace-bu,x-meli-trace-site,x-meli-trace-platform,x-trace-source,x-request-id,x-trace-digest-62,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154, 91.90.42.154
x-trace-source: fury_app, fury_app
x-b3-sampled: 0, 0
x-request-device-id: b1afb5f2-1eef-4d5a-b1ac-932398dbfd24
x-meli-trace-bu: mercadolibre, mercadolibre
x-b3-spanid: e365ddf9d81fd3de, e365ddf9d81fd3de
x-b3-traceid: e365ddf9d81fd3de, e365ddf9d81fd3de
x-meli-trace-platform: /web/desktop, /web/desktop
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid, x-b3-sampled,x-b3-spanid,x-b3-traceid
x-meli-trace-site: UNKNOWN, UNKNOWN
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-d2id: b1afb5f2-1eef-4d5a-b1ac-932398dbfd24
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y07UFaomCSNUtdb5Y4eXs7frqWyupTTH0S74meCAxyECKIKJHbeAgw==
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background/etid
54.230.111.112200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/etid
IP 54.230.111.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jms/lgz/background/etid HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Sat, 28 Jan 2023 20:40:55 GMT
server: Tengine
set-cookie: _d2id=6734035d-8547-4601-9d7f-1b77efee5d47-n; Path=/; Domain=.mercadolibre.com; Expires=Sun, 28 Jan 2024 20:40:55 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: a89b6f0c-587a-4e79-8004-f197cd959f4f-1674938455413
cache-control: private, must-revalidate, proxy-revalidate
x-request-id: 6734035d-8547-4601-9d7f-1b77efee5d47
x-trace-digest-keys: x-source-ip,x-request-device-id,x-meli-trace-bu,x-meli-trace-site,x-meli-trace-platform,x-trace-source,x-request-id,x-trace-digest-39,x-trace-digest-keys,x-trace-existing-keys, x-source-ip,x-request-device-id,x-meli-trace-bu,x-meli-trace-site,x-meli-trace-platform,x-trace-source,x-request-id,x-trace-digest-39,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154, 91.90.42.154
x-trace-source: fury_app, fury_app
x-b3-sampled: 0, 0
x-request-device-id: 6734035d-8547-4601-9d7f-1b77efee5d47
x-meli-trace-bu: mercadolibre, mercadolibre
x-b3-spanid: fe2db4658d13dc99, fe2db4658d13dc99
x-b3-traceid: fe2db4658d13dc99, fe2db4658d13dc99
x-meli-trace-platform: /web/desktop, /web/desktop
x-trace-digest-39: DQJ26Fbad37kH0jBjODHEdhOX+CD8pFbyq9SEk/CpEnO4pJfT8ury4E8C1LsPkDT, DQJ26Fbad37kH0jBjODHEdhOX+CD8pFbyq9SEk/CpEnO4pJfT8ury4E8C1LsPkDT
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid, x-b3-sampled,x-b3-spanid,x-b3-traceid
x-meli-trace-site: UNKNOWN, UNKNOWN
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-d2id: 6734035d-8547-4601-9d7f-1b77efee5d47
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5eEDc85REYSgP03otctNORivcs7bFfHoOz1EniXLfF5oEEW49_AL-A==
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/63aeda621b554/63aeda621b55a.jpg
16.12.2.32200 OK 26 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/63aeda621b554/63aeda621b55a.jpg
IP 16.12.2.32:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:12:30 09:31:57], progressive, precision 8, 300x90, components 3\012- data
Hash 7c0ac45d06bdb610d0b7601435ddb263
b8aad5fee0e2ddd4fda79d45b66188b055440663
d506b10928075cdb74f091d98814612fb288cf273aa16722f72856d502ddc73b
GET /king-assets.yampi.me/dooki/63aeda621b554/63aeda621b55a.jpg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: liVYCUyaJP4SgAnn5a9h5kEMewzv3XHhKRCZHF6negfyJEREmzYBRi07S1iNXbzFwteh2uSlMxQ=
x-amz-request-id: AK5WTAX62S4E2X01
Date: Sat, 28 Jan 2023 20:40:56 GMT
Last-Modified: Fri, 30 Dec 2022 12:32:35 GMT
ETag: "7c0ac45d06bdb610d0b7601435ddb263"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 25459
http2.mlstatic.com/frontend-assets/ui-navigation/5.14.4/mercadopago/logo__large.png
23.36.76.179200 OK 1.6 kB URL HTTP/2 http2.mlstatic.com/frontend-assets/ui-navigation/5.14.4/mercadopago/logo__large.png
IP 23.36.76.179:0
ASN #20940 Akamai International B.V.
File type PNG image data, 142 x 37, 8-bit colormap, non-interlaced\012- data
Hash 9d1b14c7293241736af26e6e987b4ea9
a35b4aa54637619fe2e1875ffef50229b45304d2
f859d77523d9f7180c7907e63a79be9ac761672070f0dda7ca61b04526d31ded
GET /frontend-assets/ui-navigation/5.14.4/mercadopago/logo__large.png HTTP/1.1
Host: http2.mlstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1636
server: Tengine
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
accept-ch: device-memory, dpr, viewport-width, rtt, downlink, ect, save-data
accept-ch-lifetime: 60
cache-control: public, max-age=31536000, immutable
etag: "664-o1tKpUY3YZ/i4Ydf/vUCKbRTBNI"
x-envoy-upstream-service-time: 66
x-envoy-decorator-operation: prod.imageoptim.melifrontends.com
x-request-id: fad0eb57-bb68-4ba0-98cb-e537603c2ac2
x-request-device-id: fad0eb57-bb68-4ba0-98cb-e537603c2ac2
x-d2id: fad0eb57-bb68-4ba0-98cb-e537603c2ac2
access-control-allow-origin: *
timing-allow-origin: *
date: Sat, 28 Jan 2023 20:40:55 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-cdn: a
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 491 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash c4d3661f558686ad6c597a9eda5f59db
a0de82b0125d20eaac36358887d5329df5e6e277
5fb2b8f3e7ffef255531dcf73fab89832adeadd1b81cf6eca2103fefb0c02c28
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjNhMWNhYmNhMDFmZTRmNWYiLCJ0ciI6IjU3OTc1MGM4MGFiNTc2ZTRiZTRhZGI2NjRiMDU3NWIwIiwidGkiOjE2NzQ5Mzg0NTg4Mjh9fQ==
traceparent: 00-579750c80ab576e4be4adb664b0575b0-3a1cabca01fe4f5f-01
tracestate: 2935249@nr=0-1-2935249-1134170823-3a1cabca01fe4f5f----1674938458828
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6ImJjS1JBT1dSR1JKakVaTVpPbG9oblE9PSIsInZhbHVlIjoiTURjM2xoWjRcL2gyendwd0FzajhSbmhmT3pKUElMQ2tZS1JIXC9xZmNKTVhpSFloaGxsQzNVRkU4dDRXSlwvQTU2T1o3bWg0XC9lUWpFdnpZTHRONTZ2aE9BPT0iLCJtYWMiOiI0ZmYyMjk2ZmEzOTgxZjE3MjFlMGJhMmRjODQ0NjUzMjIyZTdmMDE4MzdmMzVlNjQ3M2RiZmVjMWEzMDlhNjk3In0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImkrcEdFZmVKbkNRSlYxbjJidzZCZlE9PSIsInZhbHVlIjoiZURvSk5ZNzFjSDFreVVxeFFLS2liTTMrWUc4SUlTUnFKcjNhZDM2a2lyZmpJUlwvdEI5enI4b2hKem5LR0hDNVlXU0V0WUVrZUgwNjNKVm15V3hFbDlRPT0iLCJtYWMiOiI3NDM1OTMwODQyOWMxYzA1Y2UyMDVmZjJiZjkzMGZkMjFhNzI5MTA3Njc2YmIxMWJiYTg4NjQ0N2MyOWExY2JjIn0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRC09UWxVKRURSAQ0KDFdAFFIWCAQCA1UVUR9QB1JVDxtMV08aAwEFV1UHUwZUBVQCBwBSUUAcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-3285671.js?sv=6
54.230.111.39200 OK 4.0 kB URL HTTP/2 static.hotjar.com/c/hotjar-3285671.js?sv=6
IP 54.230.111.39:0
File type ASCII text, with very long lines (7535)
Hash 39931cf21900040035061661e4d060a0
9236f48122465ae559e56f1cc08e5fde00cdfccc
9e7591130e50f9f2d513328334ea0bf7be27bdb462149b0fb339bdaf50627a8a
GET /c/hotjar-3285671.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Sat, 28 Jan 2023 20:40:55 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/c2ec3a67393be57cad3cd51893fe6e8e
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qPzwqzkT8TzNhzK9so74WAiilH_am358RwheEV5PJiFfVa8kw7le2Q==
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 20 kB URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type ASCII text, with very long lines (1490)
Hash 87b176cb4efd6756bddb2d76d458f591
9522d7196cdaf257ebf61c5dcce3055fb417a1f3
7502ec0ec1283c393f94b6ec8da7f7bb103a75e2d066f1a7469b92066c57b1e8
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjJjYTdhNTMwYWMyZjIxN2UiLCJ0ciI6ImZjNjgyYWU0ZTQ1ZGVmNmM3NTFiZWE2ZjlmY2M4YTIwIiwidGkiOjE2NzQ5Mzg0NTg3ODh9fQ==
traceparent: 00-fc682ae4e45def6c751bea6f9fcc8a20-2ca7a530ac2f217e-01
tracestate: 2935249@nr=0-1-2935249-1134170823-2ca7a530ac2f217e----1674938458788
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Ik4xcUhhZzB4Y1Y1NnRseWZyRmpBV1E9PSIsInZhbHVlIjoiNWliOG15WlpCWmFKdWVlZmJpbE95amxsZGFNbis1RUlvQ3FcLzlBU2lmNHBKYmZONWM0bXFMcGZueWVwMmlUT01aUkZIWXZzQ2thRXFwakpuY0J1eVN3PT0iLCJtYWMiOiI4OGMyNDkwZDA4MjdlM2NiZDVjMzVjYjEyYWVhNGIzYzk2ZjZmZjU1NmU2NmQyNDE2NjA5ODY0OTI4NzYwODNmIn0%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IitZaUJLeHBiYmxvZGVoZmlOZmY5cFE9PSIsInZhbHVlIjoid2hqelltYkRhelpMaUZRT1kxanlrMW85MVN2WHZSMUJrWlwvK0lDTDRFM0tpRzZKMW5NeU5jckQyeHpRM1FoMEROWGVaXC83Q2JKeHd1ZlJibEd0am1hdz09IiwibWFjIjoiMGViMWUzMWM1NWY2MjU1YzU5MDY3ZjkzZTMwNmYwMDcxYTczMGMwNTU2MmE0ZTMwNGNlNTY3ZmJmOTYyMTVkMiJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 2.3 kB URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash a76334f8da9e47faa7c18b3969376891
8869e1820b33e33042301d1b69d7c21f71a66d85
cae45bcbefd7a1633aaf0c6d81ba9a2e0549240526e34994b48b67da94adc9f1
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjgxY2RjMTA3M2Q2ZDczNjUiLCJ0ciI6IjliYzJjMTlhMWEzNTZjYmIyNDRkM2ZmN2Y2ZjlkZjkwIiwidGkiOjE2NzQ5Mzg0NTg3ODF9fQ==
traceparent: 00-9bc2c19a1a356cbb244d3ff7f6f9df90-81cdc1073d6d7365-01
tracestate: 2935249@nr=0-1-2935249-1134170823-81cdc1073d6d7365----1674938458781
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IldQUTlUTGJmYlFIODJKc3cxSDBTXC93PT0iLCJ2YWx1ZSI6ImJ2NXArdzlpNUdwS0dNWVpXU1FyMXVcL2hlY3BRYXlKeEc0TXpDNm1NSURRN1R4VFhCb2poZXJXS0FHSk1mUUtRZTZmSmFiNkN1WjNadzdFUnMrb2VDQT09IiwibWFjIjoiNWU3YTM5NjkzOGMzZTUwZWM1MGFhYWMzNTRmMjZjOWVhYTFkNWQ3N2FiM2ZkMjY3M2FiNmVjNjlkYTc0ODRlYSJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IitValkrOSsyK2FVSXptTTVoWjNCY2c9PSIsInZhbHVlIjoiVmswbUNZR01LakFaVU4rY0pJQ3YwaVVcL3pQT0ZqQ0ZTdDJzeEFoWGlNa3BNMmxSZmFERXVmcEFhUklWdTlOQjdaUThXbzRkSnRsOWU2bVFTbFJYZjV3PT0iLCJtYWMiOiIxYzFmM2I0MTM0YmFkNTVjYmNiZTFhNjE5Mzc0MGM1OWE4MWJiMjc0MTE5ZTM4YmM4MmJmNTQ4YWJkMmRkOTQ2In0%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
216.58.211.3200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 444682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 28 kB URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type ASCII text, with very long lines (64348)
Hash 5f2cf3f6067a080ee87b333b7493bdf3
6258c56daa14ae5bfb3d75a5e53107221390252f
6f85dd6487f814f67bf1c4d2ad203bad33a1e685fa39eb890ce04b86e5be9298
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjA2MzczOGZkMmYzNTk3NDIiLCJ0ciI6IjEzOTEyYzEyNmUxYTE2MDk2M2EzYjRhYmNmZDU5MTMwIiwidGkiOjE2NzQ5Mzg0NTg4MTd9fQ==
traceparent: 00-13912c126e1a160963a3b4abcfd59130-063738fd2f359742-01
tracestate: 2935249@nr=0-1-2935249-1134170823-063738fd2f359742----1674938458817
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IldxcU93aGJzTm1vZFhPY3dcL1NjNzJBPT0iLCJ2YWx1ZSI6IlJOcGx3M1BOZUNzXC8rcGhQZ2o4SkwrSzRETjE1KzM5am1UeWVcL2FKV3lRNEFSd2RtSjN3YzgrYVVwSEpcL0F4NXpNcEozeGRRZmFNWVZLVXI0NTJkdjB3PT0iLCJtYWMiOiIyOTliM2NjMWNmNjNkY2I0M2RkNDI0ODAwZDA4NDA5YWEyZWVhMTM4OTBmNGU0Njg5ZGMwMmQ0NGQ1YzQ3NjlhIn0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImVtaDBTVUtDOCt5TDVzWm5HTjJEUUE9PSIsInZhbHVlIjoiY2dDcXBkTDk3OCtpSUg0azJrNktQc1FPbTBMZjViTzIreVlsTldsUjdDYXA3ZTFjeXg0eWk5NE5hYVMydFJRekZHNFdQWVV1aytBcHNjWWVDY203XC9nPT0iLCJtYWMiOiIzMzVlYjgwM2U0ODA2MmQwZDYxOTIyNjk2MjZkZjc3M2UwOTViNDMzNmVlYjBmZTRkZWZiMjQ5YTc4YTc0ZTI1In0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 388 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Hash 61764bdde47b74f1257bf339ee232446
366be9e04de3028a954715dccc7c3b02a4fffa0d
ed9acf15dfdd359541c9b57a67b2751ff9814c7bd53ef9f087f8235f73279b33
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 28 Jan 2023 20:40:56 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1493896903%3A1674938456074093&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfSVRYqp0IWEit4lLx4jNngqOvH9aYO21VITJ-i64OPd1irSntglVBsM2L168hIsKOmDyek
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-3-Av5Rv5BCwzzI0BHu2NIw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 388
server: GSE
set-cookie: __Host-GAPS=1:1jnxvXR8RhPe7DsSH1kZsRGEsKy--Q:opM4_3k4XF9gK1JV;Path=/;Expires=Mon, 27-Jan-2025 20:40:56 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html
54.230.111.85200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html
IP 54.230.111.85:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash c34915675a9e912c93dac934322be7d1
1d0c20a805821d76fdef8b95eace30ac659a9454
091ab4e6d3f86a5e7bc8c7c3e9805df420c13f77627902dd204abc1f28b6336d
GET /box-fc6c0cda90900662e5160cde908b3e86.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 27 Jan 2023 09:04:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "c34915675a9e912c93dac934322be7d1"
last-modified: Fri, 27 Jan 2023 09:03:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GR5xNZpk4FCKjeO6133cZjJpFvFnjHv9ZA0orA7AKN8uMcwrqBumGw==
age: 128210
X-Firefox-Spdy: h2
script.hotjar.com/modules.dcdf252a9a6cf097c357.js
54.230.111.79200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.dcdf252a9a6cf097c357.js
IP 54.230.111.79:0
File type Unicode text, UTF-8 text, with very long lines (48602)
Hash 4ab050de5a6437b8d1f5955ab1dbfb07
498e55a41dc3df84cf825bd946a1300a04b38677
87cbfe168c8537c46132cab67a16afe706796b7f301ac8dc5bd8f9ea847e4a72
GET /modules.dcdf252a9a6cf097c357.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68336
date: Fri, 27 Jan 2023 09:04:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "4ab050de5a6437b8d1f5955ab1dbfb07"
last-modified: Fri, 27 Jan 2023 09:03:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q8r2q0uz9dEFg9fThSr4PCTV8mmWM6SE4LWyssU4i1pmO8Yuj1qVAg==
age: 128211
X-Firefox-Spdy: h2
cdn.yampi.io/ana/ana.min.js?t=1674950400000
104.18.15.227200 OK 73 kB URL HTTP/2 cdn.yampi.io/ana/ana.min.js?t=1674950400000
IP 104.18.15.227:0
Hash 39b5b5e352b9a0b2c2a3cebc8cc24f72
56318f84c766a1ad650147877bc6247db3e3fc89
edc5faaab6c2b0a8c3b0a8f0abe5d8ffb73def0be275c3b9cf5f15d1853607a7
GET /ana/ana.min.js?t=1674950400000 HTTP/1.1
Host: cdn.yampi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: application/javascript
x-amz-id-2: 8BL4l3z5HK/snKrGcB49Ovbru0jZnLpfBSWLG9tpnJ9C1yqrE5yqX1M9GaqmeG7sbED6OT1gY7Y=
x-amz-request-id: F79XMARX0GADR2B5
last-modified: Sun, 26 Jun 2022 23:28:17 GMT
x-amz-version-id: QVByH4DoJS5uOcK0PZ6NhcCV1oJEdR5U
etag: W/"e7cabc20ce5d56c20d8c4577a36e2525"
cf-cache-status: HIT
age: 0
expires: Sun, 28 Jan 2024 20:40:54 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c8bbd788cb4ed-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 5d82f13ba1a417cdf33652baad8bbdff
f556140bebb2bdeb818a7a30ecf637669b72b012
e0ccff47353a39aa03fd63013559f4aadd0c9791dd207284575e9a94254b6149
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=93014
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:56 GMT
Etag: "63d450ae-2d7"
Expires: Sun, 29 Jan 2023 22:31:10 GMT
Last-Modified: Fri, 27 Jan 2023 22:31:10 GMT
Server: nginx
Content-Length: 727
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 1.4 kB URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type ASCII text, with very long lines (3296), with no line terminators
Hash 8e49bb8a0b69946801c297a593fdbf89
fac8badc0ed6d077f554ce2d5c6ca9938524ec8b
8bfdc2a00f58177bc129c04bf7028c0f5a8dcf833daa8dccba9d5d1808f13fd7
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImJiMTY3MDQ4YzA2NGRkZGQiLCJ0ciI6IjE2ZjZhNTE1MmFkNmM1ZTI2ZDc3NjA2ZDBkMjE3NDAwIiwidGkiOjE2NzQ5Mzg0NTg4MDd9fQ==
traceparent: 00-16f6a5152ad6c5e26d77606d0d217400-bb167048c064dddd-01
tracestate: 2935249@nr=0-1-2935249-1134170823-bb167048c064dddd----1674938458807
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Ijh3K1A4cUI5elJRZ0kxdmhLMlwvbEpBPT0iLCJ2YWx1ZSI6IlYyeTAwZTBHNHB5QXMzSUJvcVR4Q2JvZEtBWXNYT0NIdEM4XC9oVjdqNTJQc292YWhGM29ReGMwdE1HQVhwazhsRml5ajAxTkNQXC94NWxTWjJxU1F4Wmc9PSIsIm1hYyI6Ijc5MjQ0YmVkMjYzZjliMDljYWNlMjE5YzE2NDY3MTI4ZDVhZGM2ZjM3ZThmMDEzYTYzNmUxN2UxMGIyYTQ1NTcifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Im9kY0RnK29uUFhaRGlRbUxwMVwvYlwvUT09IiwidmFsdWUiOiJGamZXMFwvWVFHazZZUWxFZGtFMFJrczFkSElRMHhnV0xSeFRlR1wveCs3Y1pubkhpdGZwN3RYNHVPSkozV3lvN0lndWR5NUZDczZZa2ZJVTFtRTNDOGFBPT0iLCJtYWMiOiIwODg0ZjlhOTIyYmQzZGYyZGFmNTJjMGZkNmFhNDc4ZDkxZWZjOWMxNmMwYzQwNjIyMzc3MjFhYjM0NjFhNzgxIn0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRC09UWxVKRURSAQ0KDFdAFFIWCAQCA1UVUR9QBVBTBxtMV08aUFJUAloGAAJVUlQBClNeUUAcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
pagseguro.uol.com.br/checkout/direct-payment/i-ck.html
152.199.19.56200 OK 5.7 kB URL HTTP/2 pagseguro.uol.com.br/checkout/direct-payment/i-ck.html
IP 152.199.19.56:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (13422), with CRLF, LF line terminators
Hash 8f5969bcda0b1367eaea051cd167838b
8da5fb3fb3cc9aa76774676c90174fe924663285
2a3be7de27bf395dcac090a2e2e919b63d0cef4f97fb1fc09761d9bc65ccfa47
GET /checkout/direct-payment/i-ck.html HTTP/1.1
Host: pagseguro.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-language: pt-BR
content-type: text/html;charset=ISO-8859-1
date: Sat, 28 Jan 2023 20:40:55 GMT
ec-rule-version: 20230120-01
expires: Mon, 01 Jan 1990 12:00:00 GMT
pragma: no-cache
server: nginx
set-cookie: LAST_SERVER_HIT=131ebbd241baeb8b2b813df306ff900b9a54912aa835fc5a; Domain=pagseguro.uol.com.br; Expires=Sat, 28-Jan-2023 21:10:55 GMT; Path=/; Secure
csrfId=59; Path=/; HttpOnly; Expires=29 Jan 2023 24:40:55 GMT
JSESSIONID=oEyYIFDsyiuUaS0HIFmwaA**.ps2; Path=/
csrfId=59; Path=/; HttpOnly; Expires=29 Jan 2023 24:40:55 GMT
TRANSACTION_COOKIE=83d2c03e671f425a937baad685cea323; Expires=Fri, 28-Apr-2023 20:40:55 GMT; Domain=pagseguro.uol.com.br; Path=/; Secure; HttpOnly
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
x-newrelic-app-data: PxQFUVJVCAoAR1BSAAgDXlADAhFORDQHUjZKA1ZLVVFHDFYPbU5gEhZfWQYlDFZHQgsNDlJDa0kAWERWARJOElEbVQdWTGgdWkhaCh8JRw8IFh8mIzcRERxUT1IbARlXVAAHBFdRW04AThpRAV4CBgVVAAdXBVJaUQEGQ0oFWV9DATw=
x-ps-migration: direct-payment-router
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash f28a3708b4280d76ed8dc282d55ef32d
936230a896861425271e3cf01afcc5949fdb840f
0cd5b9d36aa0db70ca3f380b8007b45791a989025a1387272fa77c48b315c7e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6304
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:56 GMT
Last-Modified: Sat, 28 Jan 2023 18:55:52 GMT
Server: ECS (amb/6BAD)
X-Cache: HIT
Content-Length: 727
df.uol.com.br/safe-checkout/js/datafortressConnSecure.v1.js
186.234.147.72200 OK 29 kB URL HTTP/1.1 df.uol.com.br/safe-checkout/js/datafortressConnSecure.v1.js
IP 186.234.147.72:0
ASN #7162 Universo Online S.A.
File type ASCII text, with CRLF, LF line terminators
Hash b78998c019084bb41d103c371e5cf0ed
c2ea353d361df11343533cb6bd8f0d9d7424674c
a73ff766f1d4cd207dd12706112dd4873dca33846db4bd18935d2cd5a6fbe5a7
GET /safe-checkout/js/datafortressConnSecure.v1.js HTTP/1.1
Host: df.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 20:40:56 GMT
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self'; object-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 07 Feb 2020 12:46:22 GMT
Accept-Ranges: bytes
Content-Length: 29408
Cache-Control: no-store; no-cache; max-age=0
Expires: Sat, 28 Jan 2023 20:43:56 GMT
Connection: close
Content-Type: application/javascript
Set-Cookie: TS0153c357=0160ed0a6c5ee90074f352a56e1c4356813eee629d1cbb47a71e5293b5979abe77f4c27f6dbdefd4bddf6b7a1bdbc32540f533acac; Path=/; Domain=.df.uol.com.br
clicklogger.rm.uol.com.br/crossdomain.html?appender=&prd=32&grouping=&referrer=https%3A//seguro.newbotox.ml/
200.147.15.219200 OK 1.3 kB URL HTTP/1.1 clicklogger.rm.uol.com.br/crossdomain.html?appender=&prd=32&grouping=&referrer=https%3A//seguro.newbotox.ml/
IP 200.147.15.219:0
ASN #7162 Universo Online S.A.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 56038ac4751de0ec112c7c6decf7ee76
5eb7380c2ef26dad2e13c4181af4e1990263d6d5
8fc3b8b6a4a23f2ba1c8a43e160c0db974dffa53d72e389e35cb5013a4cd03db
GET /crossdomain.html?appender=&prd=32&grouping=&referrer=https%3A//seguro.newbotox.ml/ HTTP/1.1
Host: clicklogger.rm.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 20:40:57 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips
Last-Modified: Wed, 07 Nov 2018 14:41:22 GMT
ETag: "138e5-51b-57a141ca40880"
Accept-Ranges: bytes
Content-Length: 1307
P3P: policyref="http://clicklogger.rm.uol.com.br/w3c/p3p.xml",CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With
Connection: close
Content-Type: text/html; charset=UTF-8
github.bubbstore.com/svg/card-mastercard.svg
104.21.29.224200 OK 34 kB URL HTTP/2 github.bubbstore.com/svg/card-mastercard.svg
IP 104.21.29.224:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (352)
Hash 47a4e5f8b5ff1ccb5f13e79c69b9db92
bbd5fb76b9366b175498687aa94ff0e28f4ec8c6
cae8855ee96dfabf2630915403fb0ee91bb6063a43e16c86b91ecc7ecfe97011
GET /svg/card-mastercard.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-5b3"
expires: Sat, 28 Jan 2023 20:50:53 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 7708:0B0C:657AC1:858E3E:63D40235
via: 1.1 varnish
age: 1
x-served-by: cache-bma1645-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674838582.821647,VS0,VE106
vary: Accept-Encoding
x-fastly-request-id: 7412d7df84baa34d81d1263ed6eb85a11e285396
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2rsxbnhsthgPEE7gcOI3frbssKj%2FRfPKE94hMZATZuA9cPNlSRHM0oUwMBWZvhoZtKfUS8pQnVHsiMlLOjmC%2Brx8tP%2FPGLCQCvK1FF2EBNV9asS0OOL%2FJzlJJ0y%2B9eCHnOwuTdvVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c8bbe7ce5b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
me.jsuol.com.br/rm/UolRMWorker.js
54.230.111.96200 OK 698 B URL HTTP/2 me.jsuol.com.br/rm/UolRMWorker.js
IP 54.230.111.96:0
File type ASCII text, with very long lines (1615), with no line terminators
Hash 5a6a29435dfcaa7191715461cfee1f33
9391d4b905b592054b4b0e18d3cfd8888ff8923e
5fbd220ff9f8938611907feb964f0a2243f2d5ce8cec70b8e05cdf3676813493
GET /rm/UolRMWorker.js HTTP/1.1
Host: me.jsuol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clicklogger.rm.uol.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 698
date: Sat, 28 Jan 2023 20:05:18 GMT
server: marrakesh 1.16.6
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
last-modified: Mon, 11 Jul 2022 20:47:05 GMT
expires: Sat, 28 Jan 2023 21:05:18 GMT
content-encoding: gzip
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
etag: 5a6a29435dfcaa7191715461cfee1f33
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dr7qp8TvFhNxh5sW4wgFS5qPsbM-_iiDCA1ah61MnzlYIqaxkEJhpg==
age: 2139
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&ns__t=1674938461888&ns_c=windows-1252&ns_if=1&cv=3.1&c8=PagSeguro%20-%20Direct%20Payment%20Checkout%20API%20-%20PagSeguro%20UOL&c7=https%3A%2F%2Fpagseguro.uol.com.br%2Fcheckout%2Fdirect-payment%2Fi-ck.html%23rmcl&c9=https%3A%2F%2Fseguro.newbotox.ml%2F
54.230.111.88204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&ns__t=1674938461888&ns_c=windows-1252&ns_if=1&cv=3.1&c8=PagSeguro%20-%20Direct%20Payment%20Checkout%20API%20-%20PagSeguro%20UOL&c7=https%3A%2F%2Fpagseguro.uol.com.br%2Fcheckout%2Fdirect-payment%2Fi-ck.html%23rmcl&c9=https%3A%2F%2Fseguro.newbotox.ml%2F
IP 54.230.111.88:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&ns__t=1674938461888&ns_c=windows-1252&ns_if=1&cv=3.1&c8=PagSeguro%20-%20Direct%20Payment%20Checkout%20API%20-%20PagSeguro%20UOL&c7=https%3A%2F%2Fpagseguro.uol.com.br%2Fcheckout%2Fdirect-payment%2Fi-ck.html%23rmcl&c9=https%3A%2F%2Fseguro.newbotox.ml%2F HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 28 Jan 2023 20:40:57 GMT
set-cookie: UID=1AC0aafb0b3984c362398b61674938457; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0QQFbsB3PkgCZM2J_8RyzIOLyKg6-jjz9_yV7kiBCtXcD1UeBEOHWw==
X-Firefox-Spdy: h2
api.mercadopago.com/v1/device_sessions/anonymous_device_session
52.55.160.178200 OK 0 B URL HTTP/2 api.mercadopago.com/v1/device_sessions/anonymous_device_session
IP 52.55.160.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/device_sessions/anonymous_device_session HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.newbotox.ml/
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:58 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: https://seguro.newbotox.ml
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: da1cce78-6879-4c0f-9aef-1c8943e7eab1
x-trace-digest-65: Y9SoCWOeUAD2+hvFg3InZ1usC7OKWD2xCMiR5ORv3pb6V6cmeQ0LpYSqb7KDDlUx
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-65,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: c0d01b08501e9802
x-b3-traceid: c0d01b08501e9802
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2
clicklogger.rm.uol.com.br/?prd=32&msr=Cliques%20de%20Origem:1&oper=11
200.147.15.219200 OK 0 B URL HTTP/1.1 clicklogger.rm.uol.com.br/?prd=32&msr=Cliques%20de%20Origem:1&oper=11
IP 200.147.15.219:0
ASN #7162 Universo Online S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?prd=32&msr=Cliques%20de%20Origem:1&oper=11 HTTP/1.1
Host: clicklogger.rm.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clicklogger.rm.uol.com.br/crossdomain.html?appender=&prd=32&grouping=&referrer=https%3A//seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 20:40:58 GMT
Server: (null)
P3P: policyref="http://clicklogger.rm.uol.com.br/w3c/p3p.xml",CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Access-Control-Allow-Origin:
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With
Connection: close
Transfer-Encoding: chunked
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 357 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash 6ab79d5a8f20e975e355a74fecb2fd14
a484cc3849251d8b60ff8f01deba8be3cdeb9d08
25bdcaffb1d8ece7a231c2aec62d3d00290e18173e903f517080ef6684240ccb
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6Ijg4NjdkNTgyZTMwMDlkNzciLCJ0ciI6IjIwNTViYmE3MDZiODA1ZmNlNzMzNjM2ODg1NjU1MzMwIiwidGkiOjE2NzQ5Mzg0NTg4MjF9fQ==
traceparent: 00-2055bba706b805fce733636885655330-8867d582e3009d77-01
tracestate: 2935249@nr=0-1-2935249-1134170823-8867d582e3009d77----1674938458821
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IllQWmdEamxWb3JYTzFlQnFLbWlnMXc9PSIsInZhbHVlIjoiWlhiMFp6eDgzT0tpZ1N3RFVXNzFIMkpHMWNkNUtTemFnRFhIT2REcmFkcm9nRGVNcW9uSzZ4bFwvKzZCK25iR29tOTVKMThFN0djSXNLeXhZMFpKdG1BPT0iLCJtYWMiOiJlMTdjMmZiODI4NWRkYWFjNjdjZTI2MjVhMTE3MzZlNjYzNTVkZWUzZDAzMjU2N2QyMTc2MjYyMThiNmE2YjBiIn0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6InBoMjJvRldlSlJLVlJPK1ZPZGxoNWc9PSIsInZhbHVlIjoiYnBXQUdpNFlZamR2K3dqN3EwVm9vOTdcL0dVRU1ZSTBzTWtzdEFUd0k5SktNdDRidzV6ZU1OVVRTdXRTZzU5RWxGK0E5RW1Zdkt5ZytpU3dzUjZ4RnlnPT0iLCJtYWMiOiJmYzk4ODY5ZDk0NTRiZjJlMDg0OTVmMzc5Y2Q3ZDMwMGEyYTBkYzA2YjQ0ZTc1YzdlNWZhMDkwMTZjMDVlNTUxIn0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRC09UWxVKRURSAQ0KDFdAFFIWCAQCA1UVUR9QB1BUDxtMV08aAgIAU1ADAFJSVggGClJfB0AcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8959fb2295abb68af293c08c53fd9284
c38797ec9bfecae209bc0297fa59eb52ef859ae1
763c831152bf9a355be9cac4b005fd5cb04945f6510f6b1b244ee3a4758e0929
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5527
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:58 GMT
Last-Modified: Sat, 28 Jan 2023 19:08:51 GMT
Server: ECS (amb/6B94)
X-Cache: HIT
Content-Length: 471
pagseguro.uol.com.br/checkout/nc/log-sender-hash.jhtml?p1=onReady%20-%20start&p2={%22sender_hash%20%22:%22de2628e632a5ab9e961a5f324c0e5d99bf1a69c76f07fee6cf64de5e13ed7e4a%22,%22iframe_installed%22:true}&p3=https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c?token=0c3edd12d0hhc5
152.199.19.56200 OK 0 B URL HTTP/2 pagseguro.uol.com.br/checkout/nc/log-sender-hash.jhtml?p1=onReady%20-%20start&p2={%22sender_hash%20%22:%22de2628e632a5ab9e961a5f324c0e5d99bf1a69c76f07fee6cf64de5e13ed7e4a%22,%22iframe_installed%22:true}&p3=https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c?token=0c3edd12d0hhc5
IP 152.199.19.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /checkout/nc/log-sender-hash.jhtml?p1=onReady%20-%20start&p2={%22sender_hash%20%22:%22de2628e632a5ab9e961a5f324c0e5d99bf1a69c76f07fee6cf64de5e13ed7e4a%22,%22iframe_installed%22:true}&p3=https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c?token=0c3edd12d0hhc5 HTTP/1.1
Host: pagseguro.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
date: Sat, 28 Jan 2023 20:40:59 GMT
ec-rule-version: 20230120-01
expires: 0
pragma: no-cache
server: nginx
set-cookie: LAST_SERVER_HIT=131ebbd241baeb8b2b813df306ff900b9a54912aa835fc5a; Domain=pagseguro.uol.com.br; Expires=Sat, 28-Jan-2023 21:10:59 GMT; Path=/; Secure; SameSite=None
csrfId=40; Path=/; HttpOnly; Expires=29 Jan 2023 24:40:59 GMT; Domain=.pagseguro.uol.com.br; Secure; SameSite=None
JSESSIONID=ihomJC1Aq4lF7M3-fTfZOg**.ps2; Path=/; Secure; SameSite=None
strict-transport-security: max-age=31536000
vary: User-Agent
x-xss-protection: 1; mode=block
content-length: 0
X-Firefox-Spdy: h2
dna.uol.com.br/js/dna.min.js
152.199.20.182200 OK 48 kB URL HTTP/2 dna.uol.com.br/js/dna.min.js
IP 152.199.20.182:0
File type Unicode text, UTF-8 text, with very long lines (31469)
Hash 74e033842f1c29686fa9650dc97c760a
4b03c5b9f133efd8d85a248e8dc9ad53807ecf26
d492b99504ce018393db350ab021e6c7fb3f01715ff29e57e19bd980ba77f678
GET /js/dna.min.js HTTP/1.1
Host: dna.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3600
content-type: application/javascript
date: Sat, 28 Jan 2023 20:40:58 GMT
ec-rule-version: 20230120-01
etag: W/"63c5916b-2785c"
expires: Sat, 28 Jan 2023 21:40:58 GMT
last-modified: Mon, 16 Jan 2023 18:03:23 GMT
server: nginx
vary: Accept-Encoding
x-request-id: 0bafe6ccb37d1ed0c5e4dd15887dc23b
X-Firefox-Spdy: h2
www.uol.com.br/dna-iframe.html
54.230.111.92200 OK 92 kB URL HTTP/2 www.uol.com.br/dna-iframe.html
IP 54.230.111.92:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18530)
Hash 1b904bf65a88b585cde415ed2296df75
fff96c4246a9cfd850c2b86bbe65b9d04fe0551e
aade392b2b8f8b5c33acb4a358afb22e312bc66da5b735f64d6a99b837f079e7
GET /dna-iframe.html HTTP/1.1
Host: www.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/html
content-encoding: gzip
cache-control: max-age=3600
date: Sat, 28 Jan 2023 20:26:55 GMT
ec-rule-version: 20230120-01
etag: W/"63c5916b-1de0"
expires: Sat, 28 Jan 2023 21:26:55 GMT
last-modified: Mon, 16 Jan 2023 18:03:23 GMT
server: nginx
x-request-id: bcb5622e4831e87075d442495e088490
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NPo93e9k5px1wrNWfgrewgDXRUKXPYeQ72hpogo3ns61nqFTPzW-ew==
age: 844
X-Firefox-Spdy: h2
www.facebook.com/x/oauth/status?client_id=190329594333794&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.uol.com.br%2Fdna-iframe.html%23496cfe95-1aa3-4422-9142-42cbc1875e45-377c46f&sdk=joey&wants_cookie_data=true
31.13.72.36200 OK 110 kB URL HTTP/2 www.facebook.com/x/oauth/status?client_id=190329594333794&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.uol.com.br%2Fdna-iframe.html%23496cfe95-1aa3-4422-9142-42cbc1875e45-377c46f&sdk=joey&wants_cookie_data=true
IP 31.13.72.36:0
File type gzip compressed data, from Unix\012- data
Size 110 kB (109977 bytes)
Hash 41b1ba75c2cf9e32f41d41f0f29d9f29
1047af175b102df06fa0a7ce16ae2ce8461c7364
f423b34bcf637e358e1e9b036765baef965a33cb22df0bf24ef9ccf9ca12f464
GET /x/oauth/status?client_id=190329594333794&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.uol.com.br%2Fdna-iframe.html%23496cfe95-1aa3-4422-9142-42cbc1875e45-377c46f&sdk=joey&wants_cookie_data=true HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.uol.com.br/
Origin: https://www.uol.com.br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: https://www.uol.com.br
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
x-fb-debug: lVcj5Z1HGSxvquspqd1ZnhDLjMe8+JQS8vo7Fuuxg/XtiJrOzA4mh6qr43ZZERQ8cBhR52bbP0huNFkYEHSlVQ==
content-length: 0
date: Sat, 28 Jan 2023 20:40:59 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pagseguro.uol.com.br/checkout/nc/log-sender-hash.jhtml?p1=get_sender_hash%20-%20attempts&p2={%22sender_hash%20%22:%22de2628e632a5ab9e961a5f324c0e5d99bf1a69c76f07fee6cf64de5e13ed7e4a%22,%22application_ready%22:true}&p3=https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c?token=0c3edd12d0hhc5
152.199.19.56200 OK 0 B URL HTTP/2 pagseguro.uol.com.br/checkout/nc/log-sender-hash.jhtml?p1=get_sender_hash%20-%20attempts&p2={%22sender_hash%20%22:%22de2628e632a5ab9e961a5f324c0e5d99bf1a69c76f07fee6cf64de5e13ed7e4a%22,%22application_ready%22:true}&p3=https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c?token=0c3edd12d0hhc5
IP 152.199.19.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /checkout/nc/log-sender-hash.jhtml?p1=get_sender_hash%20-%20attempts&p2={%22sender_hash%20%22:%22de2628e632a5ab9e961a5f324c0e5d99bf1a69c76f07fee6cf64de5e13ed7e4a%22,%22application_ready%22:true}&p3=https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c?token=0c3edd12d0hhc5 HTTP/1.1
Host: pagseguro.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Cookie: dna_status=eyJ0aW1lb3V0IjoxNjc0OTM4NDg4MTc1LCJydW5uaW5nIjp0cnVlLCJjYXB0dXJlZCI6ZmFsc2UsImRldGVjdERldmljZURhdGEiOnRydWUsInJlcXVlc3RzIjpbXSwiZm9yY2VVcGRhdGUiOmZhbHNlfQ==; LAST_SERVER_HIT=131ebbd241baeb8b2b813df306ff900bb32de9f35388e74a; csrfId=141; JSESSIONID=AooIseiFQFJ7QTRxCFIulA**.ps3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
date: Sat, 28 Jan 2023 20:40:59 GMT
ec-rule-version: 20230120-01
expires: 0
pragma: no-cache
server: nginx
set-cookie: JSESSIONID=AooIseiFQFJ7QTRxCFIulA**.ps3; Path=/; Secure; SameSite=None
LAST_SERVER_HIT=131ebbd241baeb8b2b813df306ff900b9a54912aa835fc5a; Domain=pagseguro.uol.com.br; Expires=Sat, 28-Jan-2023 21:10:59 GMT; Path=/; Secure; SameSite=None
csrfId=141; Path=/; HttpOnly; Expires=29 Jan 2023 24:40:59 GMT; Domain=.pagseguro.uol.com.br; Secure; SameSite=None
strict-transport-security: max-age=31536000
vary: User-Agent
x-xss-protection: 1; mode=block
content-length: 0
X-Firefox-Spdy: h2
pagseguro.uol.com.br/checkout/nc/log-sender-hash.jhtml?p1=get_sender_hash%20-%20attempts&p2={%22sender_hash%20%22:%22de2628e632a5ab9e961a5f324c0e5d99bf1a69c76f07fee6cf64de5e13ed7e4a%22,%22application_ready%22:true}&p3=https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c?token=0c3edd12d0hhc5
152.199.19.56200 OK 0 B URL HTTP/2 pagseguro.uol.com.br/checkout/nc/log-sender-hash.jhtml?p1=get_sender_hash%20-%20attempts&p2={%22sender_hash%20%22:%22de2628e632a5ab9e961a5f324c0e5d99bf1a69c76f07fee6cf64de5e13ed7e4a%22,%22application_ready%22:true}&p3=https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c?token=0c3edd12d0hhc5
IP 152.199.19.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /checkout/nc/log-sender-hash.jhtml?p1=get_sender_hash%20-%20attempts&p2={%22sender_hash%20%22:%22de2628e632a5ab9e961a5f324c0e5d99bf1a69c76f07fee6cf64de5e13ed7e4a%22,%22application_ready%22:true}&p3=https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c?token=0c3edd12d0hhc5 HTTP/1.1
Host: pagseguro.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Cookie: dna_status=eyJ0aW1lb3V0IjoxNjc0OTM4NDg4MTc1LCJydW5uaW5nIjp0cnVlLCJjYXB0dXJlZCI6ZmFsc2UsImRldGVjdERldmljZURhdGEiOnRydWUsInJlcXVlc3RzIjpbXSwiZm9yY2VVcGRhdGUiOmZhbHNlfQ==; LAST_SERVER_HIT=131ebbd241baeb8b2b813df306ff900b9a54912aa835fc5a; csrfId=141; JSESSIONID=AooIseiFQFJ7QTRxCFIulA**.ps3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
date: Sat, 28 Jan 2023 20:40:59 GMT
ec-rule-version: 20230120-01
expires: 0
pragma: no-cache
server: nginx
set-cookie: JSESSIONID=AooIseiFQFJ7QTRxCFIulA**.ps3; Path=/; Secure; SameSite=None
LAST_SERVER_HIT=131ebbd241baeb8b2b813df306ff900b441be2c971607970; Domain=pagseguro.uol.com.br; Expires=Sat, 28-Jan-2023 21:10:59 GMT; Path=/; Secure; SameSite=None
csrfId=141; Path=/; HttpOnly; Expires=29 Jan 2023 24:40:59 GMT; Domain=.pagseguro.uol.com.br; Secure; SameSite=None
strict-transport-security: max-age=31536000
vary: User-Agent
x-xss-protection: 1; mode=block
content-length: 0
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pagseguro/sender-hash
170.82.173.30200 OK 282 B URL HTTP/2 seguro.newbotox.ml/api/v1/pagseguro/sender-hash
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash 2730fc2a18a0e31f8f401a0ec1fc05ca
41c5053c78de49dc025d0c32c28cc8e75e992f59
b4dfa3140c51cd5a378625a752a4eec11039f1bac9caf2bd1e2ff9ad5e7fbf4f
POST /api/v1/pagseguro/sender-hash HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImUwZWVkYWIxNGExNjcyNTUiLCJ0ciI6IjYwNGZhOWY0M2VkMTFlZmUyYzJkNDM2OTlmZDVjMWQwIiwidGkiOjE2NzQ5Mzg0NjM2NTN9fQ==
traceparent: 00-604fa9f43ed11efe2c2d43699fd5c1d0-e0eedab14a167255-01
tracestate: 2935249@nr=0-1-2935249-1134170823-e0eedab14a167255----1674938463653
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 69
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6Im1kQXd0OUl5cmdwZE5POFE4VGlVZUE9PSIsInZhbHVlIjoiaWtvOFZvZzBEMGc3UDlkcXRxb3dhQ29cL0pCa3ZDQmRtZFAxNHdaSFRZVFwvQmNBbmwwN24yVE1NaXRGXC9DWk1MY1hyMFpQTzFWbDFkTXlGMXpyZXd5VGc9PSIsIm1hYyI6ImU3NmU1NWMwNzg2ODJhOGRlMWVkY2Y5ZmIyZjQ4NWQwNTIxNzAyNTAyNzRhYzI5MTI1ZmM3ZWM5NTAwZTU5MDUifQ%3D%3D; bubbstore_checkout=eyJpdiI6IkhpWFp0XC9iSFBlK3NaV2N4blpHa3RBPT0iLCJ2YWx1ZSI6Ikw4VzJFVzFudnQ4YUY2ZVJ2aEE4RmhhK2ZGU2R3MDFKYW1WRXFKR3dod1hzd01ZZ2MyQlZCaGhQVUcrZzBTNFVndTFQV3BiQ1pwRzRBd3pudjluQ0p3PT0iLCJtYWMiOiIxZTUwOGFjMzA2N2M0ZmQ5ZTYyZTZmY2EwYWZiNGIzOTI4ZWZiZjUyNmM1ZjI2MjhlNzEyNTRkMDMzZWY3MjZiIn0%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D; __ana_uid=1-oldaghd1-ldgf4295; __ana_utm={"utm_source":"SMS","utm_campaign":"Carrinho Abandonado 1"}; recommendationLoaded=true; _ga=GA1.2.1672591521.1674938460; _gid=GA1.2.1462642029.1674938460; _hjSessionUser_3285671=eyJpZCI6Ijg0OTEzNjEyLThkMDYtNWRjZi05ZTkyLTRmYTJlMWNjNGQwYyIsImNyZWF0ZWQiOjE2NzQ5Mzg0NjA1MTksImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_3285671=eyJpZCI6IjMyZWIxMmJhLWUyMmQtNDM0NS1hOTY0LTlmZTE3MjZiYmU1YyIsImNyZWF0ZWQiOjE2NzQ5Mzg0NjA1NTMsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:59 GMT
content-type: application/json
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjkxUjlrWTZaM3hFeG5uWWdXNTFaWnc9PSIsInZhbHVlIjoiWFBqd2lxMTFUWE1vRyt4K0xKR0ZDbFlEZG1xN24rREhJb3FYYWFJTTVsNzg4UnhjVlF2ckJPUm91TXFCYSttYXByUzFsSkJ5NGo1VGxcL3RwRU15UzBnPT0iLCJtYWMiOiJlNGU1MTkwZTU3NGY4NzMwZWYxNzI5ZTZiM2JjMjY2MTE5NGQ0Njg0MDkzZmM4NzNkYTkwZjU4NGExZDc5MDE3In0%3D; expires=Sat, 28-Jan-2023 23:40:59 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjNLcVZzK3VTK25VR0JseFBPSDlSM2c9PSIsInZhbHVlIjoiVW4wbG5oXC9YcTg5YXBURVU1VzlmWDFiZ2hHMUZMK0tTQmM0SzJqbVpKbWkweVBLWEt4QTA2OEZLK2dtM1wveVwvNHkyZDB5NG4rYUhoVStpbldvTTM3ZWc9PSIsIm1hYyI6IjgxYjUzNzM4ZDc2NjViZjJlMGY2MzU4MDY1Zjg0ZDllYTE0OTUxMTBmMmM5ZjAxNDVkOWU5ODEyNmY4ZTI2NjgifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:59 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjZkZWFmYjVlZjM0NmEzMjIiLCJ0ciI6IjkzNzNmNDg0ZjVmN2MzOTMzMmVjYzIwNmI0YTlhY2QwIiwidGkiOjE2NzQ5Mzg0NTg4MTJ9fQ==
traceparent: 00-9373f484f5f7c39332ecc206b4a9acd0-6deafb5ef346a322-01
tracestate: 2935249@nr=0-1-2935249-1134170823-6deafb5ef346a322----1674938458812
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Ink3Smp3YkZnbDZKczdIYkpuMVl6bGc9PSIsInZhbHVlIjoibWVQZEx3cklJUEFoU0pLcGs3SVRJTUYxMEk2eFBzakFzalpuMkRNYzk5eEhRNnNCM1kzd21iUUtyZmIyQkcxdGowdDBmdVFqdTBMMGx2Q3hcL3diNkV3PT0iLCJtYWMiOiJmNzdkOWVhMTkzMTBkYjg4NjMyYjYyYTBlY2U4NzkwMzljZDMyZjgwOGFkZDg5YjFjZmZkNDJhMWM1MDFhM2M1In0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IlI2d25TOGFEYkl0UFVLenFiaUkwYnc9PSIsInZhbHVlIjoicWlvcWNrZXlodmdGdVFaQXBrSmEwMTJnd2tOTnlXaUZyQXpNWUN6bHlla05hekFGMWJsQzNIbllNTUJSbFlPWTEzTmVaZXhpb2JzTDZVVnlDRFdsdHc9PSIsIm1hYyI6Ijc2YmJmYjIwMDU1YTljZmJhNjQzMTBmZTc3ZWRlMmU1ZTRjMjRhYTQ0ZjgxM2FkNGNkY2RhMGM0YTM0ZDhkYWYifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjAwOTkzYWI4NzcwNGY5YTgiLCJ0ciI6ImUwZDk4YjYyMmRhMDA1MmNkMjcxYjBiODBiYTM2OGYwIiwidGkiOjE2NzQ5Mzg0NTg4MTB9fQ==
traceparent: 00-e0d98b622da0052cd271b0b80ba368f0-00993ab87704f9a8-01
tracestate: 2935249@nr=0-1-2935249-1134170823-00993ab87704f9a8----1674938458810
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InlXWmRxRVU1S09SNG9Wemg2YktlT3c9PSIsInZhbHVlIjoiVVducXQxTFp0NU13cm93cnluVG1HWERUT3ZxY21XSGlRWjZNWDhQWDdYaVRLdnRLXC9kcVpRdDZOVG9uTDNMSWkzbDVDalBMQmE1ZkQ3TUxUQXhIUWFBPT0iLCJtYWMiOiJmMzJjMTA2YzhhNzViYzUzMTRjOGRmNGM5MjI5OTQzMmNhZjZiZTQ3ZjM2MmI3MTk1OTk0YTUyNWM4YTIyN2NlIn0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjQzTGx1b2hRSmV1Und5Nyt4Mzk1a2c9PSIsInZhbHVlIjoiejdCRUVWRSt3cjF0d1hCWmc1Y3FRRk8xOVJWUFlZaFlXNTQyekNlWldlclFmQTEwMjhQS3FsMEhFR1hQZ2s0MFFiMlJOdXQ2cFE1dFM5MWx3bVpcL0RnPT0iLCJtYWMiOiJkYWVmYThjMzcwMTQ2MDgwNGVjNzMwNDMxOTIwY2M4NmRmMzI3NDlmMTdjNjRmMzM2NDRlNTcxNWY3NTU0OGI2In0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRC09UWxVKRURSAQ0KDFdAFFIWCAQCA1UVUR9QAlNTARtMV08aUgBQWFBSCQdfAFMFBVUFVEAcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
github.bubbstore.com/svg/card-hipercard.svg
104.21.29.224200 OK 0 B URL HTTP/2 github.bubbstore.com/svg/card-hipercard.svg
IP 104.21.29.224:0
GET /svg/card-hipercard.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-54bc"
expires: Sat, 28 Jan 2023 20:50:53 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 112A:1762:A5B048:AB7C96:63C930C9
via: 1.1 varnish
age: 1
x-served-by: cache-bma1625-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674129609.092807,VS0,VE122
vary: Accept-Encoding
x-fastly-request-id: 2cef2eed1144a2ce2f17e6a455b6e5a6c74868b0
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=traLyKwdrYgojDn%2FzhGjkJ%2BwUZkHWKjWgDr9t3bcFROaUrOXorcf8VOPd4IeXOKYl5fTOvhaed8MNFxpWb0IS203yqW7qw6m5X%2BAEPQqCfrGnuX6C7ANBZ5s2DzvNc%2FNRUxYPDgapw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c8bbc79e0b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
IP 142.250.74.106:0
GET /css2?family=Rubik:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 20:40:53 GMT
date: Sat, 28 Jan 2023 20:40:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
github.bubbstore.com/svg/card-discover.svg
104.21.29.224200 OK 0 B URL HTTP/2 github.bubbstore.com/svg/card-discover.svg
IP 104.21.29.224:0
GET /svg/card-discover.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-f89"
expires: Sat, 28 Jan 2023 20:50:53 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 55EA:61CB:900552:BD64AE:63D40235
via: 1.1 varnish
age: 1
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674838582.821486,VS0,VE103
vary: Accept-Encoding
x-fastly-request-id: 8d3af4b5fb3eefe8a561deb9f1923e37bcfa52e2
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAjEeQOVfWEDIE86dfPI0uwpeyoYbBvUfVZ5cSNPAAk88L68lZ%2FAWzeHjYqJQ4uG9mDLOCRTYEG8eooXKrz%2B9dQII%2BhAmTv7DY2rwDjW5Q2UfLVI%2BFKxl3IsylYaowSzF3SRdeiQ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c8bbc79dab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6Ijk0YThiMDI5OGUwZDNjNmQiLCJ0ciI6IjNiMTRjMWNmNGI3M2M1NzcxN2Q2YTYwMThlZjJmY2YwIiwidGkiOjE2NzQ5Mzg0NTg3ODZ9fQ==
traceparent: 00-3b14c1cf4b73c57717d6a6018ef2fcf0-94a8b0298e0d3c6d-01
tracestate: 2935249@nr=0-1-2935249-1134170823-94a8b0298e0d3c6d----1674938458786
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IkJXUTNqMituODZLMFpESTk4MGwrQnc9PSIsInZhbHVlIjoiQW1Jb2hmN3Y0OFQwbGI2a2Z0MGZNaVVvd2pjNSs3d1ROQVNybzM3TG9sYXg2KzdWVFpCbW91bDkyZWIxVFZTNWR2NXJHVkJGb2g5Vmhrb1hFbmd1TWc9PSIsIm1hYyI6IjZiNDQ2MjJiNGY5ZWIxOTdiZWIxNTJiNTI5ZDc5NGNiNDA5NWEyMzdiMTVhM2U2MzI5OGM2ZmQzYWZiNGQyYmEifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Imkxekh6Z1luMUlcL3VqUUE1QkkrV3VRPT0iLCJ2YWx1ZSI6IjJwWVBFUGErQUtPandPY2ZyR05zd08xUlo2MFwveU1MRGc5WVFiRnJzUU05YkR0Y3VuRVk5K09RcmxmMHA0UmtVTmdhcnVxXC9tRUJtS1MyMUlrZjh0QlE9PSIsIm1hYyI6IjBjNTNlYzljM2M5MTE0MTg2MjE0OTQ1NWNjYzRiNTg3ZjllOWNlNGJmMGU5NGRmZGNmOGFlM2ExNGRlNjU5YjQifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImQ4ZDk5YWE2NWEzZTVmZjEiLCJ0ciI6Ijk1NmU4ZmQ4NWNiZDFjMTUxOTYzMDA4NDg4NmYyYzkwIiwidGkiOjE2NzQ5Mzg0NTg3OTZ9fQ==
traceparent: 00-956e8fd85cbd1c1519630084886f2c90-d8d99aa65a3e5ff1-01
tracestate: 2935249@nr=0-1-2935249-1134170823-d8d99aa65a3e5ff1----1674938458796
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IkhqMlNSWmtQTHBKQzFGakVXd1EzaVE9PSIsInZhbHVlIjoiUWJCWkhNNm9uZXpPSXNQNDRtZTYwXC9nKzNqeTBWMU5ubGZcL3hSc1B5VmdjVmZ5OUJjSVZOTFg1UGZPbGt3Yzg1YXB5NThKN3g4VlM1THBHcW9oMlRuQT09IiwibWFjIjoiNzA2YmUxMTNhNTgyN2Y2MDJkYzI0ZTcxNzIxZTFiMjU1MzlmMzdmYjVlZjViNjRmODhmZjQxY2U3MWE0ZDc3MiJ9; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjBuWWNRMzZqZ0lWOG1iXC91bmJjN2p3PT0iLCJ2YWx1ZSI6IlE1ZlVGNk9aRWQrVTVROVNHVzk5eW84SDk3WG1iMlwvN09vSE9xTDVvN1RNcGtTQktLN1U3YllcL1FCODZFbHdSeUN1SlZjY21RXC9GOUJyWXpWcEJRUFFRPT0iLCJtYWMiOiIwMGE5ODg0ODNjZTdjYzZiNDdmZTYwYjU2ZTBmYzg2NTJhNGEwYTlhNzhmOWM2ZTRjMzM0YmQ2Yjg3Mzk0Zjg4In0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRC09UWxVKRURSAQ0KDFdAFFIWCAQCA1UVUR9QBVdTAxtMV08aUgVSUVoAUwdXBlQBUFZfAkAcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImRkODQ0MTNkNWJmNTQwNGMiLCJ0ciI6ImI0NjM0NjhjMjI5MTI5MmE0MWJiNzI4NWNmZTM5NTkwIiwidGkiOjE2NzQ5Mzg0NTg3ODN9fQ==
traceparent: 00-b463468c2291292a41bb7285cfe39590-dd84413d5bf5404c-01
tracestate: 2935249@nr=0-1-2935249-1134170823-dd84413d5bf5404c----1674938458783
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IlVWa1wvb3FPVERUYlRCR1M3b2lYd0xBPT0iLCJ2YWx1ZSI6InMwTlBoY1N0dmhmREZadVRqKzBsUVdQUlhwcmVLWGJJVjZVRWZ6d1IxeGM4Tkt3ZlhQUHRUTVdVNDFLT1JTenNhMVJRK2diTnpVc2lHRUxqUkw3cWJBPT0iLCJtYWMiOiI5Y2M3YzNhNWE2YWM3NTYzM2ZhYWIwMjJlZmFkYzA4MDU1M2MxNDUzYjk1ZmY2ZjViNWQwNWE1YmIwNDM1ODRhIn0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImlcL0xKSHJEdzd4OTlab05kbzhnVFNBPT0iLCJ2YWx1ZSI6InByYjBWWGswV29Wb0g0UHZzKzBiZjdJdStjblJveTM1SEVHZ0tJZjN2Q2JZZHJneXZPUGZ1RjBwUUVKRjdkU2ZKOCtIclVHSkZuQnpGeVBDNUJGS3d3PT0iLCJtYWMiOiI0MGZlMDYwMzU4Zjg0ZDJkNDlmNWE5YTk3Nzk5NjRmZWY2NDIzOTE2ZTQ0YTRjNmZmN2YxMDAyMWI0MTg0NDQyIn0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/e/t
170.82.173.30200 OK 0 B IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /e/t HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImJhNjUwNjExZGM0M2QxYzEiLCJ0ciI6IjYzZjc1YzI2NTFmYWY4NGIyZTdkNDY3MGE3ZDc3ZDIwIiwidGkiOjE2NzQ5Mzg0NTg4MzJ9fQ==
traceparent: 00-63f75c2651faf84b2e7d4670a7d77d20-ba650611dc43d1c1-01
tracestate: 2935249@nr=0-1-2935249-1134170823-ba650611dc43d1c1----1674938458832
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 375
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Im9neWdkZnNYODR0TG14RGwzaGhKZXc9PSIsInZhbHVlIjoieWJZcUkwZXI2WUUxN043T1F0QlhcL0ZKRTZmY1grVnJTXC9ZZjFiZjk2UlhRTDI4SWJzUHpkWUpHMklveW90M0Y2Qys1dGVjMkJ0cjdOMjdEbEQzZHcwdz09IiwibWFjIjoiNzc4NjU3YmM5ODNiZjU3ODE2Yzg4MGYyNTlkNDVjMDVlZDcxY2UwZWVlZTk1YjhjNmY3MzBjZmNhOWY2ZGJjMSJ9; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImZSeHU1dWhSVjlseTduV2tOdldOSnc9PSIsInZhbHVlIjoieG8xUXEramc2UkJKZVRMc2IwUlBhVThTODJyQ1NpeEJ0NmZBbkxZY0JDdVpsQ1BOakdodjhVNmpESVJwMnRUOGpqWngwQXFcL1wvc2VcL1NpY2ZWTmNhZUE9PSIsIm1hYyI6ImE4ZjY3ODQ2YTIyZWM0NzU3NDA3YmY5NTQ2YjBiYmEyZDRmNDJhNzVhYTc2NmI5MGFmNWEzMTU4NmEzMjg1ZGEifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZGRTVABKIl4PRxALWlsEFCNMQVEHCgtZVhVKVB8GA1JWU04ATAlXDAoAHh5UFUNVUQJQVgYPV1JVWgcFXVBRFR1RBwhCU24=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/cart/payment
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/cart/payment
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
PUT /cart/payment HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImRhMDRjYTQyYjUzZmZiZGEiLCJ0ciI6IjNhYjMxZGI4ZGU5M2M2ZTMyYWZmNzNjMDkyZGFkNTcwIiwidGkiOjE2NzQ5Mzg0NTg4OTl9fQ==
traceparent: 00-3ab31db8de93c6e32aff73c092dad570-da04ca42b53ffbda-01
tracestate: 2935249@nr=0-1-2935249-1134170823-da04ca42b53ffbda----1674938458899
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 79
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IlJpbEVmQVwvblpaV21nWEdBa2Y3Mkh3PT0iLCJ2YWx1ZSI6ImpoZnBvVUxOc3kwMEpDek9TQVNBUjkwQTZyZUZ3WCtGTVcrSVg0SW9BQjYzWjBMbUxNQUczMTRUNEtQWk53VktJakQ0YkZtdlZ0bXdVdCtTNis0RFFnPT0iLCJtYWMiOiIzYmUyMmFjY2JiYjkwZTRkOWNiNzcxMTYwNzZjNThhOWUxNzI0M2Y2MGMwZjBkNjNlNjk5MzM1NjlhYWU5MmMxIn0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IldJRlMxakNrWFZXYVZsSmdoYmdMdVE9PSIsInZhbHVlIjoia0c3amN6K2ZxYk9acTRDTXIyMGsxeDZrR3JON3hNTnNPOHoydFRPbFpZNDVrYnppUjhuWU51VHp4dW44bzhIb01TMVwvZ2J0Y2xlNEpBa1wvemNiaU5Fdz09IiwibWFjIjoiZWI1YThkNGY3YjFlMzdmYmQ1MmZjNDJmYzUzNzkyNzhjYmY0MmE2YmVhNTQ3NzYxODM3N2JjZmM0MWY1ZmJmNyJ9; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPF0dVVhIBYVdKDwMNFhJOCEwICAQCA0kJTwBZBlRRGhpQSkEMBlNWUAcBBQNSXVMHAVFfQU5WA1QRXWU=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=0f68d2669d40348ccb7bc9a9d17328f5
104.26.2.88200 OK 0 B URL HTTP/2 awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=0f68d2669d40348ccb7bc9a9d17328f5
IP 104.26.2.88:0
GET /checkout/build/mix/assets/css/app.css?id=0f68d2669d40348ccb7bc9a9d17328f5 HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: text/css
x-amz-id-2: j/S4cRK7h2RJJ8oPBInTkUyHWMs2uLy5Y2k2gv7J5HVqK6+oYOtQiL9kw5ONDjsNoD1SA2PVHdI=
x-amz-request-id: CW5G8BWSRMPMAXS4
last-modified: Tue, 17 Jan 2023 17:16:35 GMT
x-amz-version-id: 6DNQN8Tr5zNrG9AbFAdSPatqVsIP8Y4C
etag: W/"0f68d2669d40348ccb7bc9a9d17328f5"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OMRlKFDPa%2BQU62hUYtXm97kCZb10naCpe6aLpp38q86ymlrKqEkhJ%2B5JvhqFzVuGrN93znFkIIrVxfaAxXtJCtvK4WTP7uFPej2X8kj6vXFX742BsC6EAwV5MSqnBGNCTEYG%2BBNiw5A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c8bb5ac55b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
github.bubbstore.com/svg/card-diners.svg
104.21.29.224200 OK 0 B URL HTTP/2 github.bubbstore.com/svg/card-diners.svg
IP 104.21.29.224:0
GET /svg/card-diners.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-99b"
expires: Sat, 28 Jan 2023 20:50:53 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: CBB0:0B92:6D975B:926A28:63D40235
via: 1.1 varnish
age: 1
x-served-by: cache-bma1666-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674838582.821287,VS0,VE101
vary: Accept-Encoding
x-fastly-request-id: 26d2c3fe7e0f5458f554b1e182532784b2d52453
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vg1CkKO1tw%2BjRCttOCDUuVawNMSP9cwRBMEk1RV4%2F9UdpqnpDQAo7Pg%2BlgPQvqWEQwWdlqzKV3ikJ2DyeW%2FpQn6D6caKBPCzD%2FEdVRTPr54RC85D69VYYwDouvHLUYBp1ah1iwPrEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c8bbe2c79b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjZmYmY1ZjlmMWJmMDdmNTAiLCJ0ciI6IjY0YTljNGJhZGE2MjQ5OGE3MTI2NjNlOTBmMjMyODgwIiwidGkiOjE2NzQ5Mzg0NTg4MDB9fQ==
traceparent: 00-64a9c4bada62498a712663e90f232880-6fbf5f9f1bf07f50-01
tracestate: 2935249@nr=0-1-2935249-1134170823-6fbf5f9f1bf07f50----1674938458800
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Ijg4NUFSQ1lMRG5ycEQrVkcyWWZlZkE9PSIsInZhbHVlIjoiYlRmT0RpQ1VmQjIyRTZHNW9VRk5HMTViSDQ5blhyVmp1OWFOWSt6c2VVOWp4Q1M1WTBWN01EcmRGM3Z5OXZycVZ3SlBLNzk3RGhudmdPVDFNRncwR1E9PSIsIm1hYyI6IjMxZGQ4OWRmNGU2YzE0OTRmZGY5MTk5MDUzODVkYjMxMzYwZTlkMjQzOGExMjY5YzQyOTljNzlkZTlhZGY5MjgifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IkR1ZVJZQmk4SCtnU1kxSUhDMjFMY1E9PSIsInZhbHVlIjoiY0k0U2xLaTdzbnY4NVlhNG9CeDBKVWdITFd4YUxrellERGpTazJoY0dyTU1oRDlwQ1NZOUZYalV2T2xWUEV3dTcwTlwvUVIyRTg2QTd1cTU5UStjSjFRPT0iLCJtYWMiOiJiZWZlOTFkNTgxODAwMTMwYmU3NGJkMmY4ZTNiZWY0M2Y1OTQzMjVkODJhYjY2MzY5ZjkzMDE0OTE1ZDYwNTczIn0%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pagseguro/session
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pagseguro/session
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pagseguro/session HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImJlNTYxZTg4ZmJmZjk3OTkiLCJ0ciI6IjI0YWFiY2Y0ZGQ3ZDY0MmViZDZmMWQ3ZjYyNmUyMGQwIiwidGkiOjE2NzQ5Mzg0NTg3Nzd9fQ==
traceparent: 00-24aabcf4dd7d642ebd6f1d7f626e20d0-be561e88fbff9799-01
tracestate: 2935249@nr=0-1-2935249-1134170823-be561e88fbff9799----1674938458777
X-Requested-With: XMLHttpRequest
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: application/json
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InZLbDkrNDR2VG5FVWE1cDZMUjNMSEE9PSIsInZhbHVlIjoic1BQaHArcm1iUnY1VW5vWjZuMWVjc2FyQnZEMWErM29lZ1N4aFdsRlI4d3A4elJINnlMcXZwd0tEMlFoM2IwWG16Nk93R3crQUZkQmd4ZUsrUmhnMmc9PSIsIm1hYyI6Ijk0ZjQxZjc5MzgxMjkzZThiMTI5OWZkNjNjMTM3NTg1YzE3NjRlZjgxZDcwZDdhNzNkYzA4NzFkODhiNDEzNjgifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImJnYThPUUU2TGtoVGZZYmlGdTVublE9PSIsInZhbHVlIjoiSDRJMkhTZDFYbDJuUkcxSWRWV0sxTXJIYXFmWnlFcjFYZGM4SmhVM0Rzd0RmOVA1Q29HbWI4RUw0aDN3S1NqenJjMFQ1anJsaGJOVjhWQ3lGUHRcLzhnPT0iLCJtYWMiOiIzZjM0MjVjMWFmMDQ5MTFkNWZlYjg1NzkyMDMzYjNmYzMwNDMyMDYzMDYzN2Y4MTlkMmYwZmEyOWJiMmM0ZDc1In0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRA1BCUgERQ1kdEQMQEVkNVkAUCBoCA1UJUR1RHVZcDwRRSk4JHxIABFoECA5eVVAPBgEFBlRTQBQEWVRHV24=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
github.bubbstore.com/svg/card-amex.svg
104.21.29.224200 OK 0 B URL HTTP/2 github.bubbstore.com/svg/card-amex.svg
IP 104.21.29.224:0
GET /svg/card-amex.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-5f3"
expires: Sat, 28 Jan 2023 20:50:53 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 707C:6AC2:8857DD:B5B2D3:63D40235
via: 1.1 varnish
age: 1
x-served-by: cache-bma1674-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674838582.821332,VS0,VE94
vary: Accept-Encoding
x-fastly-request-id: 36477a13bdc0d39d36b8af19fb8e0ae5bb4650c1
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKzCTktCSzaj5vzl0NCTm%2FXtr5lcV1%2FImkyGZsUxp7RUqADC8Gu6knPn1cmDojpcS81YixdhRlEVfMpI%2BzljCSwrC8F%2BEZG5e%2B7z1wihegeRgmW8MH4m0sFLo%2BqCOBQHvEzqEgLQyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c8bbe4caab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjgxYzgwMWFkYmI2NjMwYzEiLCJ0ciI6ImE1NzZhNGJmMjVmMzlkMjcxNDc1YjYxNDkzMzY0YjIwIiwidGkiOjE2NzQ5Mzg0NTg4MDN9fQ==
traceparent: 00-a576a4bf25f39d271475b61493364b20-81c801adbb6630c1-01
tracestate: 2935249@nr=0-1-2935249-1134170823-81c801adbb6630c1----1674938458803
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Ilp5OWlMMGs5UitjamxMWkRmNVFCWWc9PSIsInZhbHVlIjoieXVvWWNcL1dvTnRlNVdsSndsOUJUbGJzK2JRSGRiZXJpTUJSUHRicWZ5RGp6RmtKU1A5VjVJMnFkNTJubHJIR25VY3BJZ0pxVjFUXC9Lbjl3UVZ4aHNvUT09IiwibWFjIjoiZWQxZWIwOGE3YzFjZTRmZWNkNTk5ZjJmZDFkMjRmZTMzZWI2ZTFhYTNlMTBlMDA3ZWYyNzJlNWRmNTBiMjVlOCJ9; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjZUZGFMRTJSUHhwZmNGQzRuOEhETmc9PSIsInZhbHVlIjoiQnJtYlRMbEh3UDA2UndmTlRGaDFuUVdVejlldCt5b3hMVm16NCsxZFRZSG1rYis3V1ZtV1o2SjZzdUluQTB2OVg5b1ZBVHJnNUdxVDM0SHd1WTNGYWc9PSIsIm1hYyI6IjUyZjljMmE5MmY1NjZmYzc2MmVlMmNjOWFjZmQxOWIxNGM1NTk0ZDkxZDIxZDc2MmIyNTQyNzU2ZTI5MjhmMWIifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRC09UWxVKRURSAQ0KDFdAFFIWCAQCA1UVUR9QB1RUDxtMV08aUlEFUFAHUgdQUwJTA1VQUUAcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
pagseguro.uol.com.br/checkout/direct-payment/additional-iframes-by-vendor.jhtml?sessionId=cc1f502dac904b53aa2b1f29f4d2d72a&senderTrackingHash=de2628e632a5ab9e961a5f324c0e5d99bf1a69c76f07fee6cf64de5e13ed7e4a&_=1674938463198
152.199.19.56200 OK 0 B URL HTTP/2 pagseguro.uol.com.br/checkout/direct-payment/additional-iframes-by-vendor.jhtml?sessionId=cc1f502dac904b53aa2b1f29f4d2d72a&senderTrackingHash=de2628e632a5ab9e961a5f324c0e5d99bf1a69c76f07fee6cf64de5e13ed7e4a&_=1674938463198
IP 152.199.19.56:0
GET /checkout/direct-payment/additional-iframes-by-vendor.jhtml?sessionId=cc1f502dac904b53aa2b1f29f4d2d72a&senderTrackingHash=de2628e632a5ab9e961a5f324c0e5d99bf1a69c76f07fee6cf64de5e13ed7e4a&_=1674938463198 HTTP/1.1
Host: pagseguro.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/checkout/direct-payment/i-ck.html
Cookie: dna_status=eyJ0aW1lb3V0IjoxNjc0OTM4NDg4MTc1LCJydW5uaW5nIjp0cnVlLCJjYXB0dXJlZCI6ZmFsc2UsImRldGVjdERldmljZURhdGEiOnRydWUsInJlcXVlc3RzIjpbXSwiZm9yY2VVcGRhdGUiOmZhbHNlfQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=ISO-8859-1
date: Sat, 28 Jan 2023 20:40:59 GMT
ec-rule-version: 20230120-01
expires: 0
pragma: no-cache
server: nginx
set-cookie: LAST_SERVER_HIT=131ebbd241baeb8b2b813df306ff900b3517d216e1391d9d; Domain=pagseguro.uol.com.br; Expires=Sat, 28-Jan-2023 21:10:59 GMT; Path=/; Secure; SameSite=None
csrfId=122; Path=/; HttpOnly; Expires=29 Jan 2023 24:40:59 GMT; Domain=.pagseguro.uol.com.br; Secure; SameSite=None
JSESSIONID=wpDyRZgabEFwSaJGJltzuA**.ps4; Path=/; Secure; SameSite=None
strict-transport-security: max-age=31536000
vary: User-Agent
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjkzMDEyY2U5YTI4ZGRiOWMiLCJ0ciI6IjQ0NDJjNzE2NzhlYzZlZGY2NTg0YTNjY2M3N2EzOWEwIiwidGkiOjE2NzQ5Mzg0NTg4MTV9fQ==
traceparent: 00-4442c71678ec6edf6584a3ccc77a39a0-93012ce9a28ddb9c-01
tracestate: 2935249@nr=0-1-2935249-1134170823-93012ce9a28ddb9c----1674938458815
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6ImpxNGlRbDJFRTB1a29cL1JKOGZsUlZRPT0iLCJ2YWx1ZSI6IkFjV1FEWWljSHFvbkIxSTJnNlZmZFo4eXppNlR6WGxIZFNKYkFqS1E5dExKMzVQK21EZDZwTVVFc2ErdGc1eGIyVGJRczRab1NYQWtlbjBid2FFdVdRPT0iLCJtYWMiOiJlMzhiMTVhOWJiMTg4YTNkOWZjNjNmYzI5YWUwY2Q5Y2E0OWRiZjE0ZTY1ZDU2MjYwNTg1MGVlMWZhMzI0Yzk0In0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6InRNU2lHY3l1bFNwdlM0bnJcL1E2Rjd3PT0iLCJ2YWx1ZSI6IkQxenRBTmVHSkdoK0ozVG1cL09Rb2xKamFydjNQNHJna0U4bmpwMWo4cHdLUU1qc1E1eHFkZytvczhMUlQ5bm5pd1R3MXgxR0FIWHJEVHhFa20rd01ZZz09IiwibWFjIjoiMDFkMjMyNDhmYzlkOTEzOWEyOGUxZTM2NTQ3NDA0MDc4MTYwZmNkMmEwODBmMzVlZWIyMTgzOWNjYTdmNzE5NiJ9; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRC09UWxVKRURSAQ0KDFdAFFIWCAQCA1UVUR9QBVJQDxtMV08aUAAGWAABVARQVwQFBFsCU0AcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pagseguro/sender-hash
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pagseguro/sender-hash
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pagseguro/sender-hash HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjJmNzc0YzczNTk3Yjc0MzgiLCJ0ciI6ImYwN2Y1MTFiNTdjZWUzYTlkNzZlMWUzMTZjZGI1ZGUwIiwidGkiOjE2NzQ5Mzg0NjM5MDJ9fQ==
traceparent: 00-f07f511b57cee3a9d76e1e316cdb5de0-2f774c73597b7438-01
tracestate: 2935249@nr=0-1-2935249-1134170823-2f774c73597b7438----1674938463902
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 69
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6Im1kQXd0OUl5cmdwZE5POFE4VGlVZUE9PSIsInZhbHVlIjoiaWtvOFZvZzBEMGc3UDlkcXRxb3dhQ29cL0pCa3ZDQmRtZFAxNHdaSFRZVFwvQmNBbmwwN24yVE1NaXRGXC9DWk1MY1hyMFpQTzFWbDFkTXlGMXpyZXd5VGc9PSIsIm1hYyI6ImU3NmU1NWMwNzg2ODJhOGRlMWVkY2Y5ZmIyZjQ4NWQwNTIxNzAyNTAyNzRhYzI5MTI1ZmM3ZWM5NTAwZTU5MDUifQ%3D%3D; bubbstore_checkout=eyJpdiI6IkhpWFp0XC9iSFBlK3NaV2N4blpHa3RBPT0iLCJ2YWx1ZSI6Ikw4VzJFVzFudnQ4YUY2ZVJ2aEE4RmhhK2ZGU2R3MDFKYW1WRXFKR3dod1hzd01ZZ2MyQlZCaGhQVUcrZzBTNFVndTFQV3BiQ1pwRzRBd3pudjluQ0p3PT0iLCJtYWMiOiIxZTUwOGFjMzA2N2M0ZmQ5ZTYyZTZmY2EwYWZiNGIzOTI4ZWZiZjUyNmM1ZjI2MjhlNzEyNTRkMDMzZWY3MjZiIn0%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D; __ana_uid=1-oldaghd1-ldgf4295; __ana_utm={"utm_source":"SMS","utm_campaign":"Carrinho Abandonado 1"}; recommendationLoaded=true; _ga=GA1.2.1672591521.1674938460; _gid=GA1.2.1462642029.1674938460; _hjSessionUser_3285671=eyJpZCI6Ijg0OTEzNjEyLThkMDYtNWRjZi05ZTkyLTRmYTJlMWNjNGQwYyIsImNyZWF0ZWQiOjE2NzQ5Mzg0NjA1MTksImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_3285671=eyJpZCI6IjMyZWIxMmJhLWUyMmQtNDM0NS1hOTY0LTlmZTE3MjZiYmU1YyIsImNyZWF0ZWQiOjE2NzQ5Mzg0NjA1NTMsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:41:00 GMT
content-type: application/json
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjJKOFNrMGJjMkhuXC9tSmNmUUQycnB3PT0iLCJ2YWx1ZSI6IlwvcW1JV2JoR0s1Z3JPZmVCemdyUjNXd1dnNVdlOGVyZDlkT1pUaGNIa1dXMlBQN3JLU3JURzJ5eHB5Mk5YRjBZVXI4ZXgyTm1SYVVzRnlXUnlEa09qZz09IiwibWFjIjoiZTJhMGQzNmFmODBmNjJmNzhkMjAwZDYyZWIwZTViZDZiMDNjYzg3YmIwODZiMGQ3NDJmYTI1ZTNiNDIzYTI0MSJ9; expires=Sat, 28-Jan-2023 23:40:59 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IlFnSXA1VjZaenRXcUQrS3AxWXFNekE9PSIsInZhbHVlIjoibk41ZWZzVFgwTEg1WlJVV3pzY2ZKYVFpMytPSFwva1BDdW53YUlKd0dlZCtHeFlJSlFHMW5RSHl1cVBJSHpnam5VaHZLZjNSNk9SaUpHdGwzXC9qZk5tdz09IiwibWFjIjoiN2M1ZDA2Yzc3YzkzOTNjMTlhYjc0OWUyOWMxMGM0NDQwMGE5NjMwYzJiNDU5YjQxNjIyODE2OGI2OTY5NGFhNyJ9; expires=Sat, 28-Jan-2023 23:40:59 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjdjMzM3NDJmMjhmMGFlNWYiLCJ0ciI6IjE3MTIzOThjYWU4ZjkwYzI0YTM5MTY3YjQ3MThhZGMwIiwidGkiOjE2NzQ5Mzg0NTg4MjV9fQ==
traceparent: 00-1712398cae8f90c24a39167b4718adc0-7c33742f28f0ae5f-01
tracestate: 2935249@nr=0-1-2935249-1134170823-7c33742f28f0ae5f----1674938458825
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IkhSWFpOczZ3STZuakZpQml1T3pvNFE9PSIsInZhbHVlIjoiT0JWVVI4aWVFcnJMeE9mcHpwNGRNTjQrTGZ0NytkYmtya25FZnhrVkhJcjhrR2xwVjRSVllGSVRPSldyb2NvbHJYbFZPeHhsUUtuMlwvSnk4N3RuQmxBPT0iLCJtYWMiOiJiMWYwMmFjNjViZGQ4ZjIwZTUxM2RlYzcwY2Y5MzVhNzc2MjhjZjM4Njc2NzliMDkyMGY1NTA0MjEyMWQyNWRmIn0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImxnR0ZacWhQVE5yZzZSNVAwdnp6REE9PSIsInZhbHVlIjoicHk3XC9iVEM5U2QreCtlNjNiTjZOVVwvNEdEM3dxMW95TWZhNFlFY1BENnZUZUFUK3VqWFhSREZMOFFpMkltVlBRNzRiWkRcL05DZnlOemI1M1BzQzhqUHc9PSIsIm1hYyI6IjA3OTBiY2Q3ODRjYWJjMDM5MjQ3NjJjYWY5MzcwY2I5NzQwOWQ5YmU1NGY0N2U1ZTdjMGZkNjAwNWY2YjE3YjIifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRC09UWxVKRURSAQ0KDFdAFFIWCAQCA1UVUR9QBVVRBRtMV08aA1UBAAECBAUFVQYHV1MFAEAcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjljZDcyMTJlMmY2NDk0M2MiLCJ0ciI6IjNjY2MxNTEwZTc4ZGMzN2NiOGVkYTQ4ODA2YmQ2ZDIwIiwidGkiOjE2NzQ5Mzg0NTg3OTJ9fQ==
traceparent: 00-3ccc1510e78dc37cb8eda48806bd6d20-9cd7212e2f64943c-01
tracestate: 2935249@nr=0-1-2935249-1134170823-9cd7212e2f64943c----1674938458792
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjZaM2RcL0tuS3BhN3FXbXREbG9HYkNnPT0iLCJ2YWx1ZSI6IkU3ZXBOR2tRNEM5Q2NoeVh1WWNsNGlrb3VHSVA3cjVFUTRpRUdBc0JlNm9EbEs4Kyt5aWU3VlpseEhlSXFIS2RTOUY5YUgyXC9jRVhqOVJ1S1NQcHdpUT09IiwibWFjIjoiNGM0NDBhYzA1MGNiMjhhNDIxYjhkODUxZTQ1MGRiOThiMTY2OGJkYmRjMzM4NWE2MTQ3M2IwZDIxOWExOTc1ZCJ9; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImlNbHRVZnIrbnVMdkJ4dE1mS0NjM1E9PSIsInZhbHVlIjoieDVObW1TWnBuZXZYd1hcL25zV3hcL0NZMnhEMzFaTWV0Z2h1ZzdKbTl4OE9LTHVKbGQxMzFxRlpIUHZteWsxMGc0NjdtTytRTmRzNlNiNlwvMjJveTgrZWc9PSIsIm1hYyI6ImIyZWZlNDMzYWU0YjZjMjU3YjRiOTRjODk4NDM3ZjNjMTAxNGEzYTZjNWZkZjlkYjc1MzFjNmJmMDQ1M2Y3ZWQifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRC09UWxVKRURSAQ0KDFdAFFIWCAQCA1UVUR9QA1VTBhtMV08aAAdcAwcDAwJUAVAAV1IFBkAcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pagseguro/sender-hash
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pagseguro/sender-hash
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pagseguro/sender-hash HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6Ijk0YWYzMWZkMWQxZWRlODIiLCJ0ciI6IjA3YTEwYzg0MzZiYjkzNDQ0NWJjNjVhNTRhNjYzNjQwIiwidGkiOjE2NzQ5Mzg0NjM5OTd9fQ==
traceparent: 00-07a10c8436bb934445bc65a54a663640-94af31fd1d1ede82-01
tracestate: 2935249@nr=0-1-2935249-1134170823-94af31fd1d1ede82----1674938463997
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 69
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6Im1kQXd0OUl5cmdwZE5POFE4VGlVZUE9PSIsInZhbHVlIjoiaWtvOFZvZzBEMGc3UDlkcXRxb3dhQ29cL0pCa3ZDQmRtZFAxNHdaSFRZVFwvQmNBbmwwN24yVE1NaXRGXC9DWk1MY1hyMFpQTzFWbDFkTXlGMXpyZXd5VGc9PSIsIm1hYyI6ImU3NmU1NWMwNzg2ODJhOGRlMWVkY2Y5ZmIyZjQ4NWQwNTIxNzAyNTAyNzRhYzI5MTI1ZmM3ZWM5NTAwZTU5MDUifQ%3D%3D; bubbstore_checkout=eyJpdiI6IkhpWFp0XC9iSFBlK3NaV2N4blpHa3RBPT0iLCJ2YWx1ZSI6Ikw4VzJFVzFudnQ4YUY2ZVJ2aEE4RmhhK2ZGU2R3MDFKYW1WRXFKR3dod1hzd01ZZ2MyQlZCaGhQVUcrZzBTNFVndTFQV3BiQ1pwRzRBd3pudjluQ0p3PT0iLCJtYWMiOiIxZTUwOGFjMzA2N2M0ZmQ5ZTYyZTZmY2EwYWZiNGIzOTI4ZWZiZjUyNmM1ZjI2MjhlNzEyNTRkMDMzZWY3MjZiIn0%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D; __ana_uid=1-oldaghd1-ldgf4295; __ana_utm={"utm_source":"SMS","utm_campaign":"Carrinho Abandonado 1"}; recommendationLoaded=true; _ga=GA1.2.1672591521.1674938460; _gid=GA1.2.1462642029.1674938460; _hjSessionUser_3285671=eyJpZCI6Ijg0OTEzNjEyLThkMDYtNWRjZi05ZTkyLTRmYTJlMWNjNGQwYyIsImNyZWF0ZWQiOjE2NzQ5Mzg0NjA1MTksImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_3285671=eyJpZCI6IjMyZWIxMmJhLWUyMmQtNDM0NS1hOTY0LTlmZTE3MjZiYmU1YyIsImNyZWF0ZWQiOjE2NzQ5Mzg0NjA1NTMsImluU2FtcGxlIjpmYWxzZX0=; _hjAbsoluteSessionInProgress=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:41:00 GMT
content-type: application/json
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IkNqYlNtcnc1Ulp0SGNBYVBlVnRkWmc9PSIsInZhbHVlIjoiVGIwdlFHQjM0MlJtdm9XWXRqWURsWVRpSkNnWHAxYnZya01WMGtNNE5qQ1ppUTN6SlpDR2lhUXp5d2poRUVRWVpNajBaS2hvelI5eWtXOGxFTjExbVE9PSIsIm1hYyI6ImVmYmZiY2M4NTc2MmUwOWE0NzIwZjIxYTU4ZTJkY2Q4MGJiNzc0MjhiYjA0MTE5MzUwOTM5NzZhOWQ3YjA2ZGIifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:59 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjlscjV4NnJGNW42ZUdEWXlkS2RPTFE9PSIsInZhbHVlIjoiRXBNekRpcm9GbjJVNXNBRTFBSWk3U3NraUk5Qk5BejZiWENUVWYzem9oU0syc3JZSjlNQmRrS1gwUFhsRDlkU2RZK3c4eDk0cmhRc0wrSHBMNTVqRXc9PSIsIm1hYyI6IjU2ZmY3YjY3YWE0MDM5YjExMzg5NzM3MjhmZTUyZDM3MjNjZTlkZDJhMzlmYmJhODA0ZGE2OGU3MGVmYTM2OTAifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:59 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
github.bubbstore.com/svg/card-aura.svg
104.21.29.224200 OK 0 B URL HTTP/2 github.bubbstore.com/svg/card-aura.svg
IP 104.21.29.224:0
GET /svg/card-aura.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-111a"
expires: Sat, 28 Jan 2023 20:50:53 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 294A:37CA:8AABDA:B80825:63D40236
via: 1.1 varnish
age: 1
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674838582.195470,VS0,VE94
vary: Accept-Encoding
x-fastly-request-id: 30347ffd13b0abf44a823a2800508195b87359a6
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2LjK1%2BCu9oFkQdYV5Eu0f9Dj3ZTe9Zb2V3eHgdHGQrWDJsFnkSj80COfjey1MfhnbhemcH%2FnUWQL3%2FzQVQoRy3ddoKn6Pf8GG8C8YEBjBogASIkd%2BNJWD6cG91c4kr%2Fe2AnUiVg0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c8bbc79eeb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.newbotox.ml
52.55.160.178200 OK 0 B URL HTTP/2 api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.newbotox.ml
IP 52.55.160.178:0
POST /v1/devices/widgets?referer=https%3A//seguro.newbotox.ml HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 45
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: application/json
vary: Accept-Encoding
x-request-id: fd1aa55d-d7e2-47ed-8b9c-170b056463aa
x-trace-digest-54: 0Si54Ig5vyqL5HH8uUm0AQqlLwzN3rsFmfdZUKo781EjavYdcF6qs/UDxc6JdtZH, 0Si54Ig5vyqL5HH8uUm0AQqlLwzN3rsFmfdZUKo781EjavYdcF6qs/UDxc6JdtZH
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-54,x-trace-digest-keys,x-trace-existing-keys, x-source-ip,x-trace-source,x-request-id,x-trace-digest-54,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154, 91.90.42.154
x-b3-spanid: 9eb9b67d710a0d09, 9eb9b67d710a0d09
x-b3-traceid: 9eb9b67d710a0d09, 9eb9b67d710a0d09
x-trace-source: fury_app, fury_app
x-b3-sampled: 0, 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid, x-b3-sampled,x-b3-spanid,x-b3-traceid
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
access-control-allow-origin: https://seguro.newbotox.ml
access-control-allow-credentials: true
x-transaction-name: public_get_session_widget
set-cookie: profile=1674938454631;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjI3ODgzYTdhMmJmNGE5NzIiLCJ0ciI6ImRlYjEzZGQyM2ZlMmRhMTJjYTY2OTQ5M2RlM2RmZmIwIiwidGkiOjE2NzQ5Mzg0NTg4MjN9fQ==
traceparent: 00-deb13dd23fe2da12ca669493de3dffb0-27883a7a2bf4a972-01
tracestate: 2935249@nr=0-1-2935249-1134170823-27883a7a2bf4a972----1674938458823
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6ImZ1alcwVk5BY0M3ZXE0eW9ZTmZUdnc9PSIsInZhbHVlIjoicm1maGgyQzBYSXVVb3dmTU5Yc3BvOHQ5OU5XblRkMHlyenpReG1WZW5IVFlVSHU5V1wvN2pmbk1XWURkaTJJSHhwSzRJSEJzb2lVOHp2UHY0ZmFYdit3PT0iLCJtYWMiOiI0N2YzNDZkMjA5MDdmYzk0Mzk3NjY4MTIyYjZjZGUzNzc1OTE2NGVjYWI5MGY4YmRhNTczOWI5YzE1OTk4MDQwIn0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImRNakVJZzhCNjNMRTduUlpXMCsyOHc9PSIsInZhbHVlIjoieXl5a1c5Y3ZiSXdyNDZOdUNGdWNSMGNvbVk4dHdlWmpMQXZSSEwwY2JPWHFYMkFhNTZiWmx1SVVUNkZ2aHZXQUZ3SnczbG9WcWtsSmg1RlpqWFB3Y0E9PSIsIm1hYyI6ImY2OTAyYTA2YTg4NDllNmU0MDE0YjdjMjE3Y2QzNTQ3ZjI3NWJlYTljNDUwYzFhYzkwYTEzYjE4ZTI5OTA3OGEifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRC09UWxVKRURSAQ0KDFdAFFIWCAQCA1UVUR9QClBRABtMV08aCwFWUVFTCVYFXFRTAVIHVkAcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjFhOGJjNjdmNTkxZDM4MjciLCJ0ciI6IjZiYzQxOGYzNGUzNTAxODVkZDU0MTBmZDc3NmNjMDcwIiwidGkiOjE2NzQ5Mzg0NTg3OTh9fQ==
traceparent: 00-6bc418f34e350185dd5410fd776cc070-1a8bc67f591d3827-01
tracestate: 2935249@nr=0-1-2935249-1134170823-1a8bc67f591d3827----1674938458798
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjZzbEU4YXFNcTFUaVM2bFozVVB6MFE9PSIsInZhbHVlIjoiTTd6aUNGTTFSc09QNm9IM1wvXC9yYWVid0cyMkU5ZjVhRjhuZ21nVkVhZlZSOUlGZ0dNMmdscHdoR3o4OTVJR0IzbUpVenczeTJ2MXZvQ2VZOW9yNktPUT09IiwibWFjIjoiODg1NWVhY2RhMGExYzdjMjRkZmI5NmExZDRjZjgxMGE3NjdjOTEzMmI1ZTJiMGY4ZDJkMjFlZDI5NjRkNDE5ZSJ9; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IkFTUmdwMW1iWnVQVG9qTU8xZjdnbnc9PSIsInZhbHVlIjoieHJlTHZaZm9abzNkT3p5THpQN2RZdFwvYjlsSlpxNUd6dnNlSHhOTTh3U0RmWmFhbWY2OUZEQ09zek9EdENqRlJSZUdFUWtmZ25BaWVtZzFBM2tlVnRnPT0iLCJtYWMiOiIxZTdjNzQ0OTZjMzc3N2VlN2Q2ZTE1ZTc2NjdiODRmNjRiM2Q2NjE1N2YxM2E2NWY5NmJlZWQ0NGRhZDUyNjJjIn0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjBkY2NhMmU4OTYxZmVmNWIiLCJ0ciI6ImI1MjAxMTVlMDcyNDNmMmZlMzc4OWQ0MmM1YjhhMTkwIiwidGkiOjE2NzQ5Mzg0NTg4MTl9fQ==
traceparent: 00-b520115e07243f2fe3789d42c5b8a190-0dcca2e8961fef5b-01
tracestate: 2935249@nr=0-1-2935249-1134170823-0dcca2e8961fef5b----1674938458819
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpDQVFRVXd1Ynhnb3VpVVJodytxYUE9PSIsInZhbHVlIjoiVml4dFBodFNCYVd2NDhnN05hV1wvVzVWVFhZYzljMHNGNGdYenZFZ1ViTE9wU3pGb09oVkQ4M0FQcXhXc1RjOTU0QVA5TFloKzI1d3BvckN2azlsRzd3PT0iLCJtYWMiOiJkYzFhOGM5Y2I2N2RlNjFiMjU3ZTVlZDUzYTg2YTFlZTcyZjhkNzRhMmVlOTUwZDUyNGM4MWFlYzFiZTVmOWE4In0%3D; bubbstore_checkout=eyJpdiI6InNWQWJxczRSRGljdENkVFV2T05SOEE9PSIsInZhbHVlIjoiUk1NWUFYZzdYZXJrcUp4K0gxQjF6WGNZQ2k1U2xoZWNmSDgwVjZXSnlaZkpnWkdsYU9jekt3SnZkTzF2MHV4a1hMNWZDM08xR25SNWRNZHpvMFJxWGc9PSIsIm1hYyI6ImI1OTgyMmU2ODYyNjUzODJhOGNkNmYyZGFmZjUzNWYwM2EyYzZhZWQ3MmM1ODI1YmY0MDYzZTYzYTA3Mzk4NzMifQ%3D%3D; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IkVjdzhwTWx0QzVvamFEaytTVFhkVkE9PSIsInZhbHVlIjoiNnFJa08wM3BKT1ZpMWVYb2J2YUV0MnFMTnVaTFhCTXRaY0txek9FbEYxRUNiWGJcL2x2OGx6V2U4dDB0bHlwZ2wwYStia0ZFVGk4RWdjR0RcL1NmTTlRZz09IiwibWFjIjoiNGM4YTgxNGU4MTUzNzJlNTkxZWNmYmFiZmNjZWU0NTlmYzJiYjk0NmE4YzRkMDBjYjVjNTNmMTBjZjc0NDlkNyJ9; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6InhqZGxrc2Y1UXhQQXBucjNNcjVyeEE9PSIsInZhbHVlIjoiWnVUTjdobGhBRHBpVmtCT0VueXRaMXRJam03Q25YREVrTDhHV05XUHVWZllQNEVZaGxNXC9YU1wvcE4wU1hjV0xLdEQ0N0I2bHRWcFFvUU5ZSG1ydG1FQT09IiwibWFjIjoiMmQ0MjE5MjY0NGVlNWUxMjQzMDBmMzQzODIxNzkxNDFlYzE5ZTkzYWY0NjAyZjliMDk3Y2NiMjE2ODdhZjFhMiJ9; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFlDWUoRC09UWxVKRURSAQ0KDFdAFFIWCAQCA1UVUR9QBlRdBRtMV08aAwlcVANUUFICBgRUCwAHWkAcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/cart/payment
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/cart/payment
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
PUT /cart/payment HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjdjNTE1MjJmZjI2YzAzNjciLCJ0ciI6IjE5NzE1Mjc3NDRhM2IyNjE4NjMyM2Y0ZGVjMGQ2OTAwIiwidGkiOjE2NzQ5Mzg0NTk4NTh9fQ==
traceparent: 00-1971527744a3b26186323f4dec0d6900-7c51522ff26c0367-01
tracestate: 2935249@nr=0-1-2935249-1134170823-7c51522ff26c0367----1674938459858
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 79
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpxNGlRbDJFRTB1a29cL1JKOGZsUlZRPT0iLCJ2YWx1ZSI6IkFjV1FEWWljSHFvbkIxSTJnNlZmZFo4eXppNlR6WGxIZFNKYkFqS1E5dExKMzVQK21EZDZwTVVFc2ErdGc1eGIyVGJRczRab1NYQWtlbjBid2FFdVdRPT0iLCJtYWMiOiJlMzhiMTVhOWJiMTg4YTNkOWZjNjNmYzI5YWUwY2Q5Y2E0OWRiZjE0ZTY1ZDU2MjYwNTg1MGVlMWZhMzI0Yzk0In0%3D; bubbstore_checkout=eyJpdiI6InRNU2lHY3l1bFNwdlM0bnJcL1E2Rjd3PT0iLCJ2YWx1ZSI6IkQxenRBTmVHSkdoK0ozVG1cL09Rb2xKamFydjNQNHJna0U4bmpwMWo4cHdLUU1qc1E1eHFkZytvczhMUlQ5bm5pd1R3MXgxR0FIWHJEVHhFa20rd01ZZz09IiwibWFjIjoiMDFkMjMyNDhmYzlkOTEzOWEyOGUxZTM2NTQ3NDA0MDc4MTYwZmNkMmEwODBmMzVlZWIyMTgzOWNjYTdmNzE5NiJ9; pangeialoja2_cart=eyJpdiI6ImlXR1BWNG1PZllLVks0VU5CRGswOUE9PSIsInZhbHVlIjoiNkpvcEs3TjdDVzhtM3JwMDVvejZscTJ1YmRIVVE3aTBpVjJ3c0lxN2JDeHJcL0xXS0twdVlpZDNcL05nbmhITkY3dmkwWWVDQUV0cHhDYzQ3N25lMTdUZz09IiwibWFjIjoiN2Y1NDM1MzI4ZTQ2NGRjZTYzOWFlNWVmMjk1NGNhY2YxZDY2MTU4ZTMzNDkxMWM5OWZhNmYzOWMxYjNhOGNmNiJ9; cart_auth_309035566=eyJpdiI6Ik8zRlg2cHdmQ0QrVThFbE9YYW5VQ3c9PSIsInZhbHVlIjoiXC9WVURCZUpUYTZKK252MU9DRE1FYmNqdnBZVGFEZ29ydEltTCtpWmZ4TmRtTmJSQ0FNSE5IbWV4Vlwvb3cyRkdpMkMyVFV0OUlMWkFSNlhmWkhqM3JncXlRb0VhSTFEcTQxU1VUU2dpK2ZCMCtHQmx6Tm1KUE5wa3hxR1JkdTdsTXJhNFNvTWdUcEdxOTRuQXc0QzkzRzNJR3N1SmhkZW5ncU1VZ1ZVSUd5RUZSZ0Y2TXhMZEthSk04UW1YTzdYcVVzWmtQZ2tLc2lrbXlWQUN0QkUyNk1SUjRSMkxGOCtiNTFlNmNYektJWklJM2NxY2dodkdMd0JCc3JqeXZ5ZEpEOGw1YXRwZmNPSFdadzVXS3g2Y09kalF5VGVDb3hoSElVKzU0R3IyYUJGZVkyYkdJdGs2a2l2SW1iMk1MWW45S0tJbXpTdFcyTjE3ZEZTQ2pxaHBmZThnV0lFdGxIclhLOVZ1TG83NUVJSmFTQVwvTE12OXhzaGRrcGxGM2l6d244WGFIRFFLWTBMbko3Vjc0N2pncVVRZlBlK2lpVnhDTkQxU3hCTEdnQVdseHFVZWhTSHVHd2gyXC9NVFFxXC9BZ3Rkd3JBbkI2eFNGbFdNUTFaTWp3bHo2RlhWSWg2NE9iQStlNVBXSElYWmx4Yk8zc2pPZ1pTaTRnTjZFdWdIWWc1SVdzeHRsWFBQdVgwXC9WaDY4SWRmdU9QNDR3VUxpRFFlOWN1bDJZQUVBVm54YU9Gblg2MTZyb3Y2ZTkzQ2dqN2E3WllkdXVQMlhYVFZUeEN4TWZzcXNLdW5HOUhhR204QWF1Mmk3TWc4TGRxTT0iLCJtYWMiOiJiMjEwZDVkMjFhMjBjM2Q5MjY5NGM4MTE2NWU1Mzg5ZTQ3MTYwMzY3NTA3NjA5YWYxYmZkZjAxMWQxMmNmMDlkIn0%3D; __ana_uid=1-oldaghd1-ldgf4295; __ana_utm={"utm_source":"SMS","utm_campaign":"Carrinho Abandonado 1"}; recommendationLoaded=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:56 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6Im1kQXd0OUl5cmdwZE5POFE4VGlVZUE9PSIsInZhbHVlIjoiaWtvOFZvZzBEMGc3UDlkcXRxb3dhQ29cL0pCa3ZDQmRtZFAxNHdaSFRZVFwvQmNBbmwwN24yVE1NaXRGXC9DWk1MY1hyMFpQTzFWbDFkTXlGMXpyZXd5VGc9PSIsIm1hYyI6ImU3NmU1NWMwNzg2ODJhOGRlMWVkY2Y5ZmIyZjQ4NWQwNTIxNzAyNTAyNzRhYzI5MTI1ZmM3ZWM5NTAwZTU5MDUifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IkhpWFp0XC9iSFBlK3NaV2N4blpHa3RBPT0iLCJ2YWx1ZSI6Ikw4VzJFVzFudnQ4YUY2ZVJ2aEE4RmhhK2ZGU2R3MDFKYW1WRXFKR3dod1hzd01ZZ2MyQlZCaGhQVUcrZzBTNFVndTFQV3BiQ1pwRzRBd3pudjluQ0p3PT0iLCJtYWMiOiIxZTUwOGFjMzA2N2M0ZmQ5ZTYyZTZmY2EwYWZiNGIzOTI4ZWZiZjUyNmM1ZjI2MjhlNzEyNTRkMDMzZWY3MjZiIn0%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPF0dVVhIBYVdKDwMNFhJOCEwICAQCA0kJTwBWB1pUGhpQSkFdAAYHA1MGVAYDBwkHUAFTQU5WA1QRXWU=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2