r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5767
Expires: Sat, 28 Jan 2023 22:16:56 GMT
Date: Sat, 28 Jan 2023 20:40:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8225
Expires: Sat, 28 Jan 2023 22:57:54 GMT
Date: Sat, 28 Jan 2023 20:40:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2316
Expires: Sat, 28 Jan 2023 21:19:25 GMT
Date: Sat, 28 Jan 2023 20:40:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 19:43:06 GMT
content-type: application/json
age: 3463
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RChlqzyUFHDYdWggqLQhVRMun5LJux9PIOvGk+a7hxje5ypdRwTTYkaY3gDYVOWolrzVVBod45I=
x-amz-request-id: VPV01BA8DEM7NJ2K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 20:21:06 GMT
age: 1183
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 20:40:49 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
seguro.newbotox.ml/cart?cart_token=37b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=544ac29e5477374e88758a965806ff0b48752541&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
170.82.173.30301 Moved Permanently 134 B URL HTTP/1.1 seguro.newbotox.ml/cart?cart_token=37b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=544ac29e5477374e88758a965806ff0b48752541&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /cart?cart_token=37b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=544ac29e5477374e88758a965806ff0b48752541&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 28 Jan 2023 20:40:49 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://seguro.newbotox.ml:443/cart?cart_token=37b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=544ac29e5477374e88758a965806ff0b48752541&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
X-GoCache-CacheStatus: BYPASS
Server: gocache
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 19:41:40 GMT
age: 3550
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6615
Expires: Sat, 28 Jan 2023 22:31:05 GMT
Date: Sat, 28 Jan 2023 20:40:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 14a9b6ac568ea29326443c0a20f1f31e
fc0951ea06f8ba2d42f9c0fda68ce9fb0ecf227a
7477bdc6eaf52d823d356721ae6cd63b661211b484ecc0871437bfe14ad536a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7477BDC6EAF52D823D356721AE6CD63B661211B484ECC0871437BFE14AD536A6"
Last-Modified: Thu, 26 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Sun, 29 Jan 2023 02:40:20 GMT
Date: Sat, 28 Jan 2023 20:40:50 GMT
Connection: keep-alive
push.services.mozilla.com/
52.35.143.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.143.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: j0EnMrQaBFtoIzJS6/Mx+g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 22r3t6Uu3t+Vo95rJ2TycP3SdU4=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2421
Expires: Sat, 28 Jan 2023 21:21:12 GMT
Date: Sat, 28 Jan 2023 20:40:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2421
Expires: Sat, 28 Jan 2023 21:21:12 GMT
Date: Sat, 28 Jan 2023 20:40:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2421
Expires: Sat, 28 Jan 2023 21:21:12 GMT
Date: Sat, 28 Jan 2023 20:40:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2421
Expires: Sat, 28 Jan 2023 21:21:12 GMT
Date: Sat, 28 Jan 2023 20:40:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2421
Expires: Sat, 28 Jan 2023 21:21:12 GMT
Date: Sat, 28 Jan 2023 20:40:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 81845
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f185f0b4f90d06dbb397b44ed9c73dbe
a48e2c369a048447e0e25e4791eb603859391c1c
b466060fc132cc8d23fcb83001206606e2d5502118c65e9f55795b5adbff2fa6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9364
x-amzn-requestid: e556be7b-567a-4c9a-931e-ff6fee42d3a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T8GbFoAMFySg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-6f4476e9388c77a057153277;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LPkLrx7l9Qf_GKdtJq_77RUkvgnKZlCaDN34xsB5bEO8c9VQEJPAew==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:38 GMT
etag: "a48e2c369a048447e0e25e4791eb603859391c1c"
content-type: image/jpeg
age: 81853
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57b73886cbbb719eda5f733c018eedfb
b84ed40973f8a0d3c10529e34f9466746cfdaf0c
4ba11c23e0bbd2aed53b04ad0b3d22161af1971ddcfb75ae55734de9a49af207
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: c1743fed-205a-431b-8648-474facde6d09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwFtboAMF9rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-5b94864c707c42fc36fbc63a;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7LUa_R8g8Rlv7JJA0_okht-vGe-xBSyZ5TPJTFakAHlncQPZKEdULQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:48:58 GMT
age: 82313
etag: "b84ed40973f8a0d3c10529e34f9466746cfdaf0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 23:03:41 GMT
age: 77830
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c982569d070f24dba1259603091c22e3
0f93acb5bee53670cc4ef486922f7333d96a2f4e
9a5a2d8a181a763ee6f60c27b396a0e3d7b1527e5177b2aff8d511db250753ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4975
x-amzn-requestid: 633350b7-4686-40d5-8c9d-3c097f8e2d34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-EBGuaoAMFbSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b3-4201212c1a0eb2a65d3f494c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: M4VR-I89SGD0-FLzHhZ88PJJJmdWTEi0UrBnAmCBCQAdjRsssqnSzw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:49:06 GMT
age: 82305
etag: "0f93acb5bee53670cc4ef486922f7333d96a2f4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K9YWM9eaEc1DQ6wtEEuADnG1U-ahRBXDaiHIAm20dkWMOxPWBlJidw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:46:13 GMT
age: 78878
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC
142.250.74.132200 OK 586 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC
IP 142.250.74.132:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 9209866a4051c1a5a169b9f6ca2d5d69
c1561a92f66c11e4fef89fd3fd359bbda76a304a
f0a5a0f1ce8b494947bf336db830d604be27826ce7961f5118b352d9718ff188
GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 28 Jan 2023 20:40:52 GMT
date: Sat, 28 Jan 2023 20:40:52 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-N6QHJQM
142.250.74.78200 OK 44 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-N6QHJQM
IP 142.250.74.78:0
File type ASCII text, with very long lines (1759)
Hash 52dc3cd56bd9e1680e9d1eb7418e356b
806302962432fc3871bb5ae4241c4cc98d877f40
ce0a501165a7429a7942b076beb996248d35dfbf83e2339cec0a1e85f6086588
GET /optimize.js?id=OPT-N6QHJQM HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 20:40:52 GMT
expires: Sat, 28 Jan 2023 20:40:52 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44409
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1eb0a2928a5a6445ea2403546c917632
c3174e2243b998ea5850bed5f26f124253a59ea4
6f6125f352a6f2271ac69946dc5985aeef83d623cd7e90bb48bb3d3a62b4bdb3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3989
Cache-Control: max-age=107101
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:52 GMT
Etag: "63d4781c-1d7"
Expires: Mon, 30 Jan 2023 02:25:53 GMT
Last-Modified: Sat, 28 Jan 2023 01:19:24 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
142.250.74.106200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
IP 142.250.74.106:0
Hash 6fe661db9b9f371cf1f455a650ed8444
ddb636da692221eeaf95357b9809d41bdd431433
a320c364ae56c73d44829b6c11922b048d786686144a3c78e600c27692b51897
GET /css2?family=Rubik:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 20:40:52 GMT
date: Sat, 28 Jan 2023 20:40:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.mlstatic.com/sdk/javascript/v1/mercadopago.js
95.101.10.155200 OK 9.1 kB URL HTTP/1.1 secure.mlstatic.com/sdk/javascript/v1/mercadopago.js
IP 95.101.10.155:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (25829), with no line terminators
Hash 13e3cc8ff400bf1da09ba98065151e4a
05da8917634372f71cd2f851e42129fecfb2f45f
9fb8f6afd1ae3d95fbd299a8a9b63fb83e653410c7a9cd0e42fbb75b4faf1c36
GET /sdk/javascript/v1/mercadopago.js HTTP/1.1
Host: secure.mlstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 9065
Server: Tengine
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "810759-9065-1647036440000"
Last-Modified: Fri, 11 Mar 2022 22:07:20 GMT
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.openplatform-sdk-javascript.melifrontends.com
X-Request-Id: 7ed89847-67cf-43cc-978b-8953a1b3c905
X-Request-Device-Id: 7ed89847-67cf-43cc-978b-8953a1b3c905
X-D2id: 7ed89847-67cf-43cc-978b-8953a1b3c905
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Cache-Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Date: Sat, 28 Jan 2023 20:40:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9df6f457d1cca5dba95b8f04622c5e
27ae6e401db6f83b812f9fca85bd890795b11ece
c0ad68d3477a53d59c7e80ffb8a5ffa239f723e15b3bd2f02bafc7893d22f3af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:52 GMT
Etag: "63d43fc7-1d7"
Server: ECS (amb/6BB2)
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cf27377db382380cc800fa17df83721f
4c3759d24d0e980575a70208917814c799b13bd9
687742c0c93fb8f6cb441ea7296d9dd9e8885639d9f7bf2d569e3dd19eb7f693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=153123
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:52 GMT
Etag: "63d53b77-117"
Expires: Mon, 30 Jan 2023 15:12:55 GMT
Last-Modified: Sat, 28 Jan 2023 15:12:55 GMT
Server: nginx
Content-Length: 279
stc.pagseguro.uol.com.br/pagseguro/api/v2/checkout/pagseguro.directpayment.js
152.199.20.248200 OK 2.3 kB URL HTTP/2 stc.pagseguro.uol.com.br/pagseguro/api/v2/checkout/pagseguro.directpayment.js
IP 152.199.20.248:0
File type ASCII text, with very long lines (8220), with no line terminators
Hash d155846e9d2bba207ed4e4f326b470f3
2e8544830a2b548da372350352a9d04372cb84c3
5be2051bfd2d4c73af54a685ce1c1628d4909edf7307c67521852747875db6ca
GET /pagseguro/api/v2/checkout/pagseguro.directpayment.js HTTP/1.1
Host: stc.pagseguro.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript
date: Sat, 28 Jan 2023 20:40:53 GMT
ec-rule-version: 20230120-01
last-modified: Thu, 19 Jan 2023 20:52:53 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
content-length: 2275
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 17fa98c621a1f5f54de9cc535739e6a3
89b712e71fd8f4660b1dbaa684459fbf8bd7b01e
57a7cdf4f688c7e4007ff06f6183cb611c0380765435196e301fd9b75d46d9c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=159942
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Etag: "63d5561b-1d7"
Expires: Mon, 30 Jan 2023 17:06:35 GMT
Last-Modified: Sat, 28 Jan 2023 17:06:35 GMT
Server: nginx
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a36d09eb1f86aec609c457316f0d3c2a
0ebe8259086aea731a61a3dc7553ebff431ca29a
ed813153f14242a3bb1fd29c3842f1140f34804bd2fafacdee87059bd35c157b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=158531
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Etag: "63d55098-117"
Expires: Mon, 30 Jan 2023 16:43:04 GMT
Last-Modified: Sat, 28 Jan 2023 16:43:04 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a36d09eb1f86aec609c457316f0d3c2a
0ebe8259086aea731a61a3dc7553ebff431ca29a
ed813153f14242a3bb1fd29c3842f1140f34804bd2fafacdee87059bd35c157b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Server: ECS (amb/6BA1)
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a36d09eb1f86aec609c457316f0d3c2a
0ebe8259086aea731a61a3dc7553ebff431ca29a
ed813153f14242a3bb1fd29c3842f1140f34804bd2fafacdee87059bd35c157b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Server: ECS (amb/6B7F)
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PSBDR7P
142.250.74.168200 OK 40 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PSBDR7P
IP 142.250.74.168:0
File type ASCII text, with very long lines (8901)
Hash 4452973b4fcf903e3cf8f33a5a655653
a37aaa9f3335e90d15bac61d9385dd2cad1d03c1
ae3bdda822a190edb5e3b221acc609ffddaee0916e26193c1c0fd784f17fa4f0
GET /gtm.js?id=GTM-PSBDR7P HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 20:40:53 GMT
expires: Sat, 28 Jan 2023 20:40:53 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 39784
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2
216.58.207.227200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 34112, version 1.0\012- data
Hash c21e7acd53a6d80fa451f1af92d9a492
4096e12b96fa2549e4f169044a49b6ec60214008
6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd
GET /s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34112
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 00:13:07 GMT
expires: Fri, 26 Jan 2024 00:13:07 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 07 Dec 2022 18:11:50 GMT
content-type: font/woff2
age: 246466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a8d40bb9e7e93b625f79d49644230c25
5b31a34ebf7797aa7c7bb326be6ba97e61de74bf
5603b38d1028274c5503becd64496e19694a89f3e4852cf0f3a1eb56e5476ce4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1094
Cache-Control: max-age=108872
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Etag: "63d48a57-1d7"
Expires: Mon, 30 Jan 2023 02:55:25 GMT
Last-Modified: Sat, 28 Jan 2023 02:37:11 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a8d40bb9e7e93b625f79d49644230c25
5b31a34ebf7797aa7c7bb326be6ba97e61de74bf
5603b38d1028274c5503becd64496e19694a89f3e4852cf0f3a1eb56e5476ce4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1947
Cache-Control: max-age=109725
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Etag: "63d48a57-1d7"
Expires: Mon, 30 Jan 2023 03:09:38 GMT
Last-Modified: Sat, 28 Jan 2023 02:37:11 GMT
Server: ECS (amb/6B7F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a36d09eb1f86aec609c457316f0d3c2a
0ebe8259086aea731a61a3dc7553ebff431ca29a
ed813153f14242a3bb1fd29c3842f1140f34804bd2fafacdee87059bd35c157b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=158531
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Etag: "63d55098-117"
Expires: Mon, 30 Jan 2023 16:43:04 GMT
Last-Modified: Sat, 28 Jan 2023 16:43:04 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a36d09eb1f86aec609c457316f0d3c2a
0ebe8259086aea731a61a3dc7553ebff431ca29a
ed813153f14242a3bb1fd29c3842f1140f34804bd2fafacdee87059bd35c157b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Last-Modified: Sat, 28 Jan 2023 20:40:53 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a36d09eb1f86aec609c457316f0d3c2a
0ebe8259086aea731a61a3dc7553ebff431ca29a
ed813153f14242a3bb1fd29c3842f1140f34804bd2fafacdee87059bd35c157b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Server: ECS (amb/6B9F)
Content-Length: 279
api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.newbotox.ml
54.165.15.136200 OK 6 B URL HTTP/2 api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.newbotox.ml
IP 54.165.15.136:0
File type ASCII text, with no line terminators
Hash 3c3f2943d4337318cf737f45d5b564cd
941d39154464c20d99b5248f5a5647709745cbfa
f9bafc82ba5f8fb02b25020d66f396860604f496ca919480147fa525cb505d88
OPTIONS /v1/devices/widgets?referer=https%3A//seguro.newbotox.ml HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.newbotox.ml/
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: application/json
content-length: 6
x-request-id: 1e5b23b5-863e-4ac7-abb4-80b37155481e
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-29,x-trace-digest-keys,x-trace-existing-keys, x-source-ip,x-trace-source,x-request-id,x-trace-digest-29,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154, 91.90.42.154
x-b3-spanid: e60300d7a5772dcc, e60300d7a5772dcc
x-b3-traceid: e60300d7a5772dcc, e60300d7a5772dcc
x-trace-source: fury_app, fury_app
x-b3-sampled: 0, 0
x-trace-digest-29: MPcfR6dZdvXRdRJkrpUsVVuo6JoVpmdS4ePZ1Q4AT2EcVhKKySHTIYZF9BQrQ/Dq, MPcfR6dZdvXRdRJkrpUsVVuo6JoVpmdS4ePZ1Q4AT2EcVhKKySHTIYZF9BQrQ/Dq
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid, x-b3-sampled,x-b3-spanid,x-b3-traceid
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://seguro.newbotox.ml
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: content-type
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2
api.mercadopago.com/v1/device_sessions/web_device
54.165.15.136200 OK 0 B URL HTTP/2 api.mercadopago.com/v1/device_sessions/web_device
IP 54.165.15.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.newbotox.ml/
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: https://seguro.newbotox.ml
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: c222314a-66ec-4569-973a-abf01127ba04
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-08,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: cfafb70e002b6e6d
x-b3-traceid: cfafb70e002b6e6d
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-08: iddho5Kia/R1pJIvQSS3B+2ZBxidHbNkhhBd5pXGhJG3ZpRXl2NQHD+P4erl8MWE
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 44b4889eff0e48a4fc2a36487e8119c6
d2eb4541016be80c325190e56943a72e530313a6
8be6d0c11e884bb526c43759ec37c91851720a34e9707e9362ac4512a85dab4c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:53 GMT
Server: ECS (amb/6B97)
Content-Length: 279
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash d989e5e548d18f1ca55068a473074a08
cca9685d4318e98a1892028231cd1a2500bc6867
95375c081cb23dd822fb65851cbe0fbcfc1b8df57ff317dd593580ad1f79e440
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87296
Date: Sat, 28 Jan 2023 20:40:53 GMT
Etag: "63d42bfc-1d7"
Expires: Sun, 29 Jan 2023 20:55:49 GMT
Last-Modified: Fri, 27 Jan 2023 19:54:36 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cQa9R5iS4JrcxECwXHK177OvgXDErBLRFRWowas7BbOyPqi4AvCIsQ==
Age: 3673
fonts.dooki.com.br/fa/4.7.0/fa.woff2?v=4.7.0
104.18.0.53200 OK 77 kB URL HTTP/2 fonts.dooki.com.br/fa/4.7.0/fa.woff2?v=4.7.0
IP 104.18.0.53:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /fa/4.7.0/fa.woff2?v=4.7.0 HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://fonts.dooki.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: binary/octet-stream
content-length: 77160
x-amz-id-2: MWitW1fJ1pHXOV3jvftrj+jO1CIUcKdbmEFE2Xetp/4nZJHz2nMQeDfSNcIwYnE56Om1UaXJgrM=
x-amz-request-id: QYRQCMRE5VZMV05S
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 1800
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 10 Nov 2018 14:21:40 GMT
x-amz-version-id: null
etag: "af7ae505a9eed503f8b8e6982036873e"
cf-cache-status: MISS
expires: Sun, 05 Feb 2023 20:40:54 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
set-cookie: __cf_bm=k277W_ORs5SrDu6Wx7hOcMvh4hJpnmiaBVJM7kTV2RA-1674938454-0-AXBfILyL66AeK6QvGqvQfQ9/JZSbeuXEZUnbp6V0oqOnSjFCaVRX/uluttNlWRjV24RZWfGNB8YFLCFhLCazuiA=; path=/; expires=Sat, 28-Jan-23 21:10:54 GMT; domain=.dooki.com.br; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 790c8bb7a9bbb4f9-OSL
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 299 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash 9bde39c44c07471981a6c5638759450a
cb0141e131905a28ca980cd02b084da07529bc1a
d3ed6c4cf32c09168c1730f5f87209fd6d58d293dd08b3368502700efc6b6eef
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IlY1OTF5WFhEUkhvQjh0N2VuSUt3WEE9PSIsInZhbHVlIjoiWXRjTXpUWjNqWEpOU2hndFpyUXFcLzIxeFFReW5yZjNhaEJEQk00dW5cL2x1cWt2SldKOE5ieWFuY3BjVnVvUHZHamxGTUZIVU5POG9KMjBYbHVQak1CZz09IiwibWFjIjoiMmFhMjMyZmQ3OGIwMGI1MzVhZmRmMmQ1MWM3YzliNDMzMjBmMjI5NjBmMDhiZjlmY2U2NTE4ZDg1MGYxOTNjNiJ9; expires=Sat, 28-Jan-2023 23:40:53 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IkZcL0JJcUxsYjlMOEc3Z3RtRklQd0lnPT0iLCJ2YWx1ZSI6IkJQbFNncXBWbFBGaVh2cU5HdUFXWHI3ZjRnQmlMWkY5Y3BzVTJtcUxEVEdhbmhFenVudnNuT0tLVFg1QWQ4cDBPZlFGamJFb0FtM0pTdG9QVXhxYXlnPT0iLCJtYWMiOiI2MDJkOTg3ODczZWE5YzM2YWNkOTQwYzFlN2JkY2VkN2VjYzNiMzczZmEwY2NmNzEzODM3NDNjYmRmZjU3YzM0In0%3D; expires=Sat, 28-Jan-2023 23:40:53 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/63aeda621b554/63aeda621b55a.jpg
16.12.2.32200 OK 26 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/63aeda621b554/63aeda621b55a.jpg
IP 16.12.2.32:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:12:30 09:31:57], progressive, precision 8, 300x90, components 3\012- data
Hash 7c0ac45d06bdb610d0b7601435ddb263
b8aad5fee0e2ddd4fda79d45b66188b055440663
d506b10928075cdb74f091d98814612fb288cf273aa16722f72856d502ddc73b
GET /king-assets.yampi.me/dooki/63aeda621b554/63aeda621b55a.jpg HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Z9c2PSPWbrzOn4WOYp/9NPvg5fbYcji5jsh68imPCuTsJ14kbhAq57WV74pjh/XSlAjnVdEBBOY=
x-amz-request-id: QYRHMC9D2CJW9E3X
Date: Sat, 28 Jan 2023 20:40:55 GMT
Last-Modified: Fri, 30 Dec 2022 12:32:35 GMT
ETag: "7c0ac45d06bdb610d0b7601435ddb263"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 25459
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b49e1e578e00d7006ece637e6c225369
4a7f0eafa423fe5717467967f641058dc3fd17b8
edac1cda42af0db8c67065210d7d6647bd01d08007a4fd3a057c1a314cb03ab5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2303
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:54 GMT
Etag: "63d33e58-1d7"
Last-Modified: Sat, 28 Jan 2023 20:02:31 GMT
Server: ECS (amb/6BB2)
X-Cache: HIT
Content-Length: 471
www.mercadolibre.com/jms/lgz/background/etid
54.230.111.28200 OK 256 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/etid
IP 54.230.111.28:0
Hash 42441eb37aa57a1f05e4230cca8922b3
66223b2e265a70efd4f777cbb852e339a76127c8
86d63e9251935115bf62145a48dbf4a2508286a965753dc1a93cb3d0f4ef5cb6
GET /jms/lgz/background/etid HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Sat, 28 Jan 2023 20:40:54 GMT
server: Tengine
set-cookie: _d2id=52b7ecf3-a414-4d20-ac09-2b2748e056e5-n; Path=/; Domain=.mercadolibre.com; Expires=Sun, 28 Jan 2024 20:40:54 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: f16135eb-6709-4544-b16a-22f3a15562a1-1674938454519
cache-control: private, must-revalidate, proxy-revalidate
x-request-id: 52b7ecf3-a414-4d20-ac09-2b2748e056e5
x-trace-digest-keys: x-source-ip,x-request-device-id,x-meli-trace-bu,x-meli-trace-site,x-meli-trace-platform,x-trace-source,x-request-id,x-trace-digest-48,x-trace-digest-keys,x-trace-existing-keys, x-source-ip,x-request-device-id,x-meli-trace-bu,x-meli-trace-site,x-meli-trace-platform,x-trace-source,x-request-id,x-trace-digest-48,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154, 91.90.42.154
x-trace-source: fury_app, fury_app
x-b3-sampled: 0, 0
x-request-device-id: 52b7ecf3-a414-4d20-ac09-2b2748e056e5
x-meli-trace-bu: mercadolibre, mercadolibre
x-b3-spanid: fd0d7c66b3221333, fd0d7c66b3221333
x-b3-traceid: fd0d7c66b3221333, fd0d7c66b3221333
x-meli-trace-platform: /web/desktop, /web/desktop
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid, x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-48: eMFwzEwbI5lK2Y1isNlpJgubbkIzTNpXW1Uek7RxDU4K0S98srKGbyjURY3bGUh9, eMFwzEwbI5lK2Y1isNlpJgubbkIzTNpXW1Uek7RxDU4K0S98srKGbyjURY3bGUh9
x-meli-trace-site: UNKNOWN, UNKNOWN
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-d2id: 52b7ecf3-a414-4d20-ac09-2b2748e056e5
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cpSFItUI1LJODZ0cDhCFJJTDSyFm2AcWHFPWH98wll52tRw4ql16Gg==
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 491 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash 298b645dde3630f3a1fd9386847f51be
ee69bd9b26a4ddb8b328852beca2d7e2b47c534a
e35782a29da4d886b20b9e8b809e47794e1e577ca88c95ad6427a4648d06175e
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjlIUmRUQmNNM3g0VjRKTEdraXpHb1E9PSIsInZhbHVlIjoicWtSUkJ2SVJ4WU5USW5LSGJib1YwbU93MWQxSkJPWVV6bVJrSU9jMkM3cHVMM3Zob1JlQ1pxcCsyXC95dmttTXN3XC90RUZxcVVsK2M2YmJ2SFdZSkt6QT09IiwibWFjIjoiYzFiMjc5MmI5NmIxMTA2YzcyMWJmMmQwNTYxMThiMDA1M2NjMjdlYjlkNTg0OGFhNDk2MzE2NDk0NTFmNTljZCJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Imp1cjUxRm1vdXJGVUZWUkY0VUtSNlE9PSIsInZhbHVlIjoiSlwvREMrNisxZk9CbWd3ZitnM2Q1bklVR2FSOE84REtkSytmSHlWYURmOFQ3MUUrQ3RMWlp5UWdWeitEMVwvQXhjT2JESTc0QTlwNXd4ZHp3RktrRGFxUT09IiwibWFjIjoiNTg1MTZlZTRmMDgyODQwOWNlYTE0OGEzNDIzMzFhZDc5ZmQ3NWRkODY1NDAyODcyZjk1OWFhYjE5OTIwODZjNSJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
http2.mlstatic.com/frontend-assets/ui-navigation/5.14.4/mercadopago/logo__large.png
23.36.76.88200 OK 1.6 kB URL HTTP/2 http2.mlstatic.com/frontend-assets/ui-navigation/5.14.4/mercadopago/logo__large.png
IP 23.36.76.88:0
ASN #20940 Akamai International B.V.
File type PNG image data, 142 x 37, 8-bit colormap, non-interlaced\012- data
Hash 9d1b14c7293241736af26e6e987b4ea9
a35b4aa54637619fe2e1875ffef50229b45304d2
f859d77523d9f7180c7907e63a79be9ac761672070f0dda7ca61b04526d31ded
GET /frontend-assets/ui-navigation/5.14.4/mercadopago/logo__large.png HTTP/1.1
Host: http2.mlstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1636
server: Tengine
x-dns-prefetch-control: on
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
accept-ch: device-memory, dpr, viewport-width, rtt, downlink, ect, save-data
accept-ch-lifetime: 60
cache-control: public, max-age=31536000, immutable
etag: "664-o1tKpUY3YZ/i4Ydf/vUCKbRTBNI"
x-envoy-upstream-service-time: 66
x-envoy-decorator-operation: prod.imageoptim.melifrontends.com
x-request-id: fad0eb57-bb68-4ba0-98cb-e537603c2ac2
x-request-device-id: fad0eb57-bb68-4ba0-98cb-e537603c2ac2
x-d2id: fad0eb57-bb68-4ba0-98cb-e537603c2ac2
access-control-allow-origin: *
timing-allow-origin: *
date: Sat, 28 Jan 2023 20:40:55 GMT
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
x-cdn: a
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background/etid
54.230.111.28200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/etid
IP 54.230.111.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jms/lgz/background/etid HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Sat, 28 Jan 2023 20:40:55 GMT
server: Tengine
set-cookie: _d2id=28429923-eecc-4c2d-a6b9-474a7b149796-n; Path=/; Domain=.mercadolibre.com; Expires=Sun, 28 Jan 2024 20:40:55 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: bc5c72b4-5400-484e-b54b-347bd6207d22-1674938455060
cache-control: private, must-revalidate, proxy-revalidate
x-request-id: 28429923-eecc-4c2d-a6b9-474a7b149796
x-trace-digest-62: CcWJcZMsfOLGKOuAIdByY5/J3bo9hqqornYCoQhM1rzFxP0Ur0e6sgqj/OcdpvRW, CcWJcZMsfOLGKOuAIdByY5/J3bo9hqqornYCoQhM1rzFxP0Ur0e6sgqj/OcdpvRW
x-trace-digest-keys: x-source-ip,x-request-device-id,x-meli-trace-bu,x-meli-trace-site,x-meli-trace-platform,x-trace-source,x-request-id,x-trace-digest-62,x-trace-digest-keys,x-trace-existing-keys, x-source-ip,x-request-device-id,x-meli-trace-bu,x-meli-trace-site,x-meli-trace-platform,x-trace-source,x-request-id,x-trace-digest-62,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154, 91.90.42.154
x-trace-source: fury_app, fury_app
x-b3-sampled: 0, 0
x-request-device-id: 28429923-eecc-4c2d-a6b9-474a7b149796
x-meli-trace-bu: mercadolibre, mercadolibre
x-b3-spanid: b9945aa37f7b0f74, b9945aa37f7b0f74
x-b3-traceid: b9945aa37f7b0f74, b9945aa37f7b0f74
x-meli-trace-platform: /web/desktop, /web/desktop
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid, x-b3-sampled,x-b3-spanid,x-b3-traceid
x-meli-trace-site: UNKNOWN, UNKNOWN
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-d2id: 28429923-eecc-4c2d-a6b9-474a7b149796
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U2MB-XxVvP_60KNVfITfQ_3FgdBTiua6uSs4f-1YGBcXJcf-VNFg-g==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4723
Cache-Control: max-age=166871
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:55 GMT
Etag: "63d55ebb-1d7"
Expires: Mon, 30 Jan 2023 19:02:06 GMT
Last-Modified: Sat, 28 Jan 2023 17:43:23 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 28 Jan 2023 19:45:20 GMT
expires: Sat, 28 Jan 2023 21:45:20 GMT
cache-control: public, max-age=7200
age: 3335
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: GUxXS6l6fiHd5fLoyimPE+vzAaiFTAGoqAl3AggGCCN6GlAufeFQSiCzkAgGbQm3jWOLl5tQfHl4xuSboBtIBA==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1904183273
date: Sat, 28 Jan 2023 20:40:55 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.yampi.me/jquery/jquery.js
172.67.72.14200 OK 35 kB URL HTTP/2 cdn.yampi.me/jquery/jquery.js
IP 172.67.72.14:0
File type ASCII text, with very long lines (32060)
Hash abcdb699c2a8258a05980516a3635f1f
74b4f426a830f5d1e4a9786b1dae62bb490b6e5d
6bcbdde8c0f6e85b02d22098cfc88cffc4c272dae7df9d074d1c8a380e84aad6
GET /jquery/jquery.js HTTP/1.1
Host: cdn.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:52 GMT
content-type: application/javascript
x-amz-id-2: cvnt6Bg7zbti5Bm8Lp0rAGY7y345bRB4T32MulxMxGJI1GHuapNQjUTBRTBFSQUT3nXc9o650NA=
x-amz-request-id: TP7GXVJKXZ65D2ZZ
last-modified: Tue, 24 Sep 2019 11:23:34 GMT
x-amz-version-id: 6XhfNvj9UGB1eWzPJf8PFJnclFrAQqDF
etag: W/"9f7c65c84c8e8c3e317945e8fd89899b"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiYeFoHMen16vpcfD8jGgczOPQXtWfDP4jLanvAo2EsrrLDi%2FqGpnE3bS6k%2BYfk69pbvQhlJ%2Fc051rVwkEInMJG2bgqFQzIKgvUT8hHaYISgcsL38M82SjRN9GJ3Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c8bb07c9f0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
216.58.211.3200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 444681
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 473da311aa95321130ef267c06113a8c
b2a10e7dd5c0284a6f50ccb933bba4a9af7b99c7
4f89d7a9b88075a1627d29ebd064cd9c63b0fa23b5007e51d7b52505aaa6c412
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=98759
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:55 GMT
Etag: "63d4671e-1d7"
Expires: Mon, 30 Jan 2023 00:06:54 GMT
Last-Modified: Sat, 28 Jan 2023 00:06:54 GMT
Server: nginx
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7078b1d21bbac26012d93fc9501fbbb0
412189ffa7980709edc28b87a820aa1ae64fa3a7
6db1d0d3f3924d7e75e1fd087553cf4ec5fa938ecc52adf3f149570551eaf7f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2468
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:55 GMT
Last-Modified: Sat, 28 Jan 2023 19:59:47 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 416 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash f37e24afd755a8af68301ca91b2576b9
48168802da1d2b66768479cba15ad6844c083157
2058d4d428fa4c8e601bfd1305789507a0c40ce8ea613b0ee8481a77b4beb726
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Ikd0aGxoclQ2a1V5ZzFOMFwvWmUwRkFnPT0iLCJ2YWx1ZSI6IllKb3FiKzJVQmVWMkxYR05USFVvVzhzZ3FhbUphODJrNThwbEU5eEZXdTFaMVFtcWN2MWJKMGdaeXBUOFFqMEZiZkNOdGdLN2N1NVRteXBWcDNDVExnPT0iLCJtYWMiOiJhNGNmOWRmZTY3MThlN2MwNWQ4NmFkYzQ4NDAxNzI3N2YxNzQ0OTczZDNkMGZmNzZjOGQwMTQ2ZDc1OGVhOGE2In0%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjVScXJqcW5oTGFONXlmSGpJRW45Znc9PSIsInZhbHVlIjoiQVJ1ckp2aXBtaVJKRUc5ZkxMTHNmNmVuQVVZWkZvS2I0VWtWd2IyUXRvVXYzbDA5MHlINWI3a3R0b2x6YnJ6WU5iZmFmNWQwb1F2dWFUa09FS1RvSVE9PSIsIm1hYyI6IjM2MGUzODRhNjNiYTdmMmVmNDA1NzE4ZDNmMGJmYjA2MTEyMzZmMDYyNDMxNjJjY2JkY2FiMWYxYmZjNzIwNmQifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 4.2 kB URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash 4aaadc02252f26fe38309565f6429db3
13550c959aa1826cbf158d58816ac6b56093b445
c3341e9c54b8fc4f1dd91d15dbb46da13d5200572c2da9d63c2c6d3a4a69a7db
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Ikk4TndmSHlHVWN2WWpyU0NmSGxTamc9PSIsInZhbHVlIjoiS3JIMEMxczlGaUQyTkMrdTNhRTNnVkVZR0NJa2VQNDJ0MmRIaEVCV1N6WjBqQVwvU2xVY0xuSzVEd3N5XC82a0hWaUZtNmZUU09iWkpoXC9EazQrYU8yRVE9PSIsIm1hYyI6IjJhNzBkOWQ5Y2VkYmVmZjNjZWNkYTM5ZWRkY2UwZmJjNGYxMDg5MDJkYWZlYTIwYmU2YTcyOTg5NmJmOTg1NWQifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IlljNEdoZXRnYUhwTVJXM2doSExtU0E9PSIsInZhbHVlIjoiWFdhenVPaGVSQmcxXC8rUWhaSTNHZm1TcGRxNnJpQUV4V3ZxWDZYUTJxRFY1RktsY00xSmhaTTA3YlwvM0lnMFpWdVFSRXRCR3c2eUs2MG1VcTZrbFdmZz09IiwibWFjIjoiY2U1MDYzYTQ3ZWI0MjhiZGI4ZDU1MjQwMTg0YWY5YzE0MjYyNThhMDliZTc1YjdmNGYyMDdlNzM5YmFkZmM2ZCJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
script.hotjar.com/modules.dcdf252a9a6cf097c357.js
54.230.111.93200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.dcdf252a9a6cf097c357.js
IP 54.230.111.93:0
File type Unicode text, UTF-8 text, with very long lines (48602)
Hash 4ab050de5a6437b8d1f5955ab1dbfb07
498e55a41dc3df84cf825bd946a1300a04b38677
87cbfe168c8537c46132cab67a16afe706796b7f301ac8dc5bd8f9ea847e4a72
GET /modules.dcdf252a9a6cf097c357.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68336
date: Fri, 27 Jan 2023 09:04:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "4ab050de5a6437b8d1f5955ab1dbfb07"
last-modified: Fri, 27 Jan 2023 09:03:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: stpuit-vjd8G_iJvynW8rny1SBhsMooO0b4AXsLgfsQ-xfkRxQU9_A==
age: 128210
X-Firefox-Spdy: h2
vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html
54.230.111.94200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html
IP 54.230.111.94:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash c34915675a9e912c93dac934322be7d1
1d0c20a805821d76fdef8b95eace30ac659a9454
091ab4e6d3f86a5e7bc8c7c3e9805df420c13f77627902dd204abc1f28b6336d
GET /box-fc6c0cda90900662e5160cde908b3e86.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 27 Jan 2023 09:04:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "c34915675a9e912c93dac934322be7d1"
last-modified: Fri, 27 Jan 2023 09:03:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VXrFn3hag2eXtgJV-eR8SnGtunv-h_qOmqjWXml9Q7pjdoOnpcE-rA==
age: 128209
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/633849660473e/6338496604745.png
16.12.2.32200 OK 70 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/633849660473e/6338496604745.png
IP 16.12.2.32:0
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash ea51683c8c5e5c452a10cb40aafe38ad
61cfaadce5a973a0ff8d6b1ac785199062777020
1148f8c6ce48a5dd90ceb26ddc20d1028988413f3753b08b326ad820714ee1c2
GET /king-assets.yampi.me/dooki/633849660473e/6338496604745.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 67fKidXuOtXmHQZRvVcw9nhnP9d6+tERGuEb2np64/KAXnqitkr24Aka7cWaIiVtOPJ778b0qhY=
x-amz-request-id: AK5SBXFTF30BPCCB
Date: Sat, 28 Jan 2023 20:40:56 GMT
Last-Modified: Sat, 01 Oct 2022 14:06:31 GMT
ETag: "ea51683c8c5e5c452a10cb40aafe38ad"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 69995
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 2.0 kB URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type ASCII text, with very long lines (8047), with no line terminators
Hash 6c96e9ed5ccd6ea2e7f9f2e8b9c953d7
c8299c3e2f058b5b3997980c5ef1084bfd928a76
243be3b2ebe2774c49b42100539ef8dc12314aac9d3511426329b439d197cba6
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IlhBY3J4RmRMUlBQY2NcL2JcLzQ3WldFQT09IiwidmFsdWUiOiJJQVdFbFR2QmFraHAzYk5EQkpGa1JjRFYrTmg5aENPSklxeERPcXNDd3haMmRJM2FieWV0RWR4SEhzSlhtSm1WRUVIcTR5cmptMlpBTE0yc25vM016dz09IiwibWFjIjoiODQxOTdlNGIzMzk4YjBhMWExNzdiZTRmNTEzNDUyMWJlNDk3MDgyMzBhZjFhOTAxNjc3OWQ3NmZmMjFjNGVmMCJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6InJENWkweXlqZUJFTitFM3dNOFwvaFwvUT09IiwidmFsdWUiOiJveDBvQWJJVVdMeHN5WVpteVwvT3lIa0JUVFd2YUJOVFZHUko0MFE2blNtUkx1S3VHWDg3eGZvejBweDhvdVVoRCtzTHdmdzNXTk9oRGwrVUpUM25QdXc9PSIsIm1hYyI6ImI5NDliNDY0ZjhmMWM3ZTcyMTg3NWFiYjRkNzMzYWM1ZjFjOWY3MWFjYmFmMDhjNzg4OGJiZDdiYjY2MjJkYjYifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 5d82f13ba1a417cdf33652baad8bbdff
f556140bebb2bdeb818a7a30ecf637669b72b012
e0ccff47353a39aa03fd63013559f4aadd0c9791dd207284575e9a94254b6149
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:55 GMT
Server: ECS (amb/6BB2)
Content-Length: 727
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 1.4 kB URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type ASCII text, with very long lines (3296), with no line terminators
Hash 8e49bb8a0b69946801c297a593fdbf89
fac8badc0ed6d077f554ce2d5c6ca9938524ec8b
8bfdc2a00f58177bc129c04bf7028c0f5a8dcf833daa8dccba9d5d1808f13fd7
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IlBhaTVDdjNHbW1EZURrcGRWWGxTUFE9PSIsInZhbHVlIjoiZHhPYkRwNzdYTUJRb0pxUVlpUjBXYUoyUlFzWGZIM2txZ2REYUlGYlJVeUk2VzZ2ZUs4TkJVMVFWakN4TGtOVXNicVg2KzMzVEhRXC9OaVwvazJYY3RnZz09IiwibWFjIjoiOWI4ZjQ0ZDczNWRmNWU2OGNlOWVmMGIxMzJmMjU0YWVjYTA4ZGE2MzJjYjc2OGVlZmRiMjQwZDdiOTY3MTI1OSJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IkJheUVJT05PMmF1ZzJXeEh3eWNOVWc9PSIsInZhbHVlIjoiRit3STBTNkIwSlJXK0FKdVdCY3BSOU5Jbm16N0U0SlpvNGU5eFp2ZGtGMnRUcFdsUGNVMlh0bTlRRUt3bUNEN2xDY0hXY21rWStCd1NrWDkwcXlRcUE9PSIsIm1hYyI6ImE0YTI0Y2MwMWVjM2VjM2JkNzgyOTBiMmVmNzFlY2Q0NTE5OTQ5ZDJlN2E0NDE0NTU4YzA0NzEwYTdmNzE0OTcifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
pagseguro.uol.com.br/checkout/direct-payment/i-ck.html
152.199.19.56200 OK 35 kB URL HTTP/2 pagseguro.uol.com.br/checkout/direct-payment/i-ck.html
IP 152.199.19.56:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (58102), with CRLF, LF line terminators
Hash c69eee8bb6502eedf94dae9ca1048bbc
630261e7d44d49a64ef0bb249afd6009e554c9cc
095bf1bb477ed3ab2870ba3af39e796803d798705cc70108639b15770431503f
GET /checkout/direct-payment/i-ck.html HTTP/1.1
Host: pagseguro.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-language: pt-BR
content-type: text/html;charset=ISO-8859-1
date: Sat, 28 Jan 2023 20:40:54 GMT
ec-rule-version: 20230120-01
expires: Mon, 01 Jan 1990 12:00:00 GMT
pragma: no-cache
server: nginx
set-cookie: LAST_SERVER_HIT=65205cd10558c60fdeff41eb9598fd7da4deeba5f0aec64e; Domain=pagseguro.uol.com.br; Expires=Sat, 28-Jan-2023 21:10:54 GMT; Path=/; Secure
csrfId=96; Path=/; HttpOnly; Expires=29 Jan 2023 24:40:54 GMT
JSESSIONID=0829Zz3Pqik9VMeKS0WJMw**.ps2; Path=/
csrfId=96; Path=/; HttpOnly; Expires=29 Jan 2023 24:40:54 GMT
TRANSACTION_COOKIE=dfd8b732e3df43c084e3afb66658c2d6; Expires=Fri, 28-Apr-2023 20:40:54 GMT; Domain=pagseguro.uol.com.br; Path=/; Secure; HttpOnly
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
x-newrelic-app-data: PxQFUVJVCAoAR1BSAAgDXlADAhFORDQHUjZKA1ZLVVFHDFYPbU5gEhZfWQYlDFZHQgsNDlJDa0kAWERWARJOElEbVQdWTGgdWkhaCh8JRw8IFh8mIzcRERxUT1IbARlWXQEEA1VRUE4AThoDDQoHVgcGDFNSVgVaB1cOQ0oFWV9DATw=
x-ps-migration: direct-payment-router
X-Firefox-Spdy: h2
df.uol.com.br/safe-checkout/js/datafortressConnSecure.v1.js
186.234.147.72200 OK 29 kB URL HTTP/1.1 df.uol.com.br/safe-checkout/js/datafortressConnSecure.v1.js
IP 186.234.147.72:0
ASN #7162 Universo Online S.A.
File type ASCII text, with CRLF, LF line terminators
Hash b78998c019084bb41d103c371e5cf0ed
c2ea353d361df11343533cb6bd8f0d9d7424674c
a73ff766f1d4cd207dd12706112dd4873dca33846db4bd18935d2cd5a6fbe5a7
GET /safe-checkout/js/datafortressConnSecure.v1.js HTTP/1.1
Host: df.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 20:40:55 GMT
Access-Control-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: script-src 'self'; object-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
Last-Modified: Fri, 07 Feb 2020 12:46:22 GMT
Accept-Ranges: bytes
Content-Length: 29408
Cache-Control: no-store; no-cache; max-age=0
Expires: Sat, 28 Jan 2023 20:43:55 GMT
Connection: close
Content-Type: application/javascript
Set-Cookie: TS0153c357=0160ed0a6c31c5475acae60d91046a2a8f17204777cffacb1f7cfdd120118a9e996ae7acea28cf7344423648f5b7e7ef1424010430; Path=/; Domain=.df.uol.com.br
sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&ns__t=1674938460622&ns_c=windows-1252&ns_if=1&cv=3.1&c8=PagSeguro%20-%20Direct%20Payment%20Checkout%20API%20-%20PagSeguro%20UOL&c7=https%3A%2F%2Fpagseguro.uol.com.br%2Fcheckout%2Fdirect-payment%2Fi-ck.html%23rmcl&c9=https%3A%2F%2Fseguro.newbotox.ml%2F
54.230.111.125204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&ns__t=1674938460622&ns_c=windows-1252&ns_if=1&cv=3.1&c8=PagSeguro%20-%20Direct%20Payment%20Checkout%20API%20-%20PagSeguro%20UOL&c7=https%3A%2F%2Fpagseguro.uol.com.br%2Fcheckout%2Fdirect-payment%2Fi-ck.html%23rmcl&c9=https%3A%2F%2Fseguro.newbotox.ml%2F
IP 54.230.111.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=2&c2=6036356&c3=&c4=&c5=&c6=&c15=&ns__t=1674938460622&ns_c=windows-1252&ns_if=1&cv=3.1&c8=PagSeguro%20-%20Direct%20Payment%20Checkout%20API%20-%20PagSeguro%20UOL&c7=https%3A%2F%2Fpagseguro.uol.com.br%2Fcheckout%2Fdirect-payment%2Fi-ck.html%23rmcl&c9=https%3A%2F%2Fseguro.newbotox.ml%2F HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 28 Jan 2023 20:40:56 GMT
set-cookie: UID=19Fa26553e13daad01778f21674938456; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aYyL5JeHvdmQpWHzNkVuTki5gL_QYFA8ECYyFbASl2oYVAFRFOWSug==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash f28a3708b4280d76ed8dc282d55ef32d
936230a896861425271e3cf01afcc5949fdb840f
0cd5b9d36aa0db70ca3f380b8007b45791a989025a1387272fa77c48b315c7e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:56 GMT
Etag: "63d4186d-2d7"
Server: ECS (amb/6BB6)
Content-Length: 727
github.bubbstore.com/svg/card-amex.svg
172.67.149.218200 OK 2.0 kB URL HTTP/2 github.bubbstore.com/svg/card-amex.svg
IP 172.67.149.218:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (856)
Hash 7bdd15be063e754022fbaa391d77a0f2
c103059f4635e435b6cce474fb4708018dc1f772
5e9838b862a6afb3c97ec22a17b089a8acd1ac4238883df4777b2d074d5ec4e5
GET /svg/card-amex.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-5f3"
expires: Sat, 28 Jan 2023 20:50:53 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 707C:6AC2:8857DD:B5B2D3:63D40235
via: 1.1 varnish
x-served-by: cache-bma1674-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674838582.821332,VS0,VE94
vary: Accept-Encoding
x-fastly-request-id: 36477a13bdc0d39d36b8af19fb8e0ae5bb4650c1
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkBi9NxgyZqgIJmWjGI01YdJvJLyN6BS4wZavp1hG7RhS1RWrFCIA%2BDHCxv3nPLBuu9q9PqkSkpWk1oTAkHr8yacovwHnlR8m%2BfboL0jv3pBNB35DRoyKYatsoeU9yyFVjP754BmxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c8bb7795f1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pagseguro/session
170.82.173.30200 OK 440 kB URL HTTP/2 seguro.newbotox.ml/api/v1/pagseguro/session
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type ASCII text, with very long lines (64471)
Size 440 kB (439908 bytes)
Hash 74215c85fbbe5d63ab984a26bb860407
6ce32b68e78452952745c34a55d69c412632c60f
fd9afb98097f479986df47a04df38b2db9540660895cfff3fc78e97e417d25cf
POST /api/v1/pagseguro/session HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: application/json
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Ikk1K1lFZmhzOUI2eG1cL1hRcHZsallRPT0iLCJ2YWx1ZSI6IndWYWlcL0c2ek51WVdlTmFhVUloK3pkdWk1MkZiZHRVYit5b3Qzem5ZNlIyS0k4Uzh3SmZVeDRQZXZUSDV6MTA4UWxBOW1zNE1RdkRcL00xSmNudDFtMXc9PSIsIm1hYyI6IjQ4OWEyYjliNGRlYTNiYTQ4MDhlNmEwMThiYzY4MDljNDJlMzM4Y2YxMDMyNzVhZjE4YmI3NjQwYzMyMjI0MDcifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjNGVXdUdGxWS3hFb3hiU3lKOHdiUkE9PSIsInZhbHVlIjoiTXE4b3p1OW0xTVFEVDBjYmdGRjFjSzRmTW9pdlwveEFqTVZWVnByaTNKTkZ6Z0tIWU5rT29EMmMwVWhWczAzWndPcFoyTFY4WUZuT05rYlwvdGYxcjhwUT09IiwibWFjIjoiZjBlNzBkMDU3NTgzNGU2OGU4ODUyZjBhZmViMzY1ZmVkYTM2NDIyMmE5MGQwODE4MDE1MjdmYzNlMDI2MjdiNiJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
me.jsuol.com.br/rm/UolRMWorker.js
54.230.111.96200 OK 698 B URL HTTP/2 me.jsuol.com.br/rm/UolRMWorker.js
IP 54.230.111.96:0
File type ASCII text, with very long lines (1615), with no line terminators
Hash 5a6a29435dfcaa7191715461cfee1f33
9391d4b905b592054b4b0e18d3cfd8888ff8923e
5fbd220ff9f8938611907feb964f0a2243f2d5ce8cec70b8e05cdf3676813493
GET /rm/UolRMWorker.js HTTP/1.1
Host: me.jsuol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clicklogger.rm.uol.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 698
date: Sat, 28 Jan 2023 20:05:18 GMT
server: marrakesh 1.16.6
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
last-modified: Mon, 11 Jul 2022 20:47:05 GMT
expires: Sat, 28 Jan 2023 21:05:18 GMT
content-encoding: gzip
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
etag: 5a6a29435dfcaa7191715461cfee1f33
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d4cD3t58fEGOxjX15cTscB7zOo7VvfIFveSW88K9UdOn8ERqTUOXpg==
age: 2139
X-Firefox-Spdy: h2
api.mercadopago.com/v1/device_sessions/anonymous_device_session
54.165.15.136200 OK 110 kB URL HTTP/2 api.mercadopago.com/v1/device_sessions/anonymous_device_session
IP 54.165.15.136:0
File type gzip compressed data, from Unix\012- data
Size 110 kB (110313 bytes)
Hash 5171af81cd058efd01a078eff70a1283
8ac0e330326b1787e0dc767b6997287ee05fe5e8
9d95c539f41c8b5cf42c91b14f50bb683b08d717eb951f79f14962e895f7bfa3
POST /v1/device_sessions/anonymous_device_session HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 98
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:57 GMT
content-type: application/json; charset=utf-8
content-length: 337
access-control-allow-origin: https://seguro.newbotox.ml
x-request-id: c0a82d7b-ef69-44ca-9de8-330c2f7833c0
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-94,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 53b23bb3a734f2de
x-b3-traceid: 53b23bb3a734f2de
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-94: iyWl/G/Mjk0B9HCDwAdPZbch4I4JX4iL/1glGUEsAPC7f11l7NclSOYN6GPHpfBL
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8959fb2295abb68af293c08c53fd9284
c38797ec9bfecae209bc0297fa59eb52ef859ae1
763c831152bf9a355be9cac4b005fd5cb04945f6510f6b1b244ee3a4758e0929
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:40:57 GMT
Server: ECS (amb/6BB6)
Content-Length: 471
api.mercadopago.com/v1/device_sessions/web_device
54.165.15.136200 OK 0 B URL HTTP/2 api.mercadopago.com/v1/device_sessions/web_device
IP 54.165.15.136:0
POST /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 48
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://seguro.newbotox.ml
x-request-id: 5a55542a-f548-4d24-a7e7-6eb1ec3d04ed
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-22,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 09e2fc9bfced912c
x-b3-traceid: 09e2fc9bfced912c
x-trace-source: fury_app
x-trace-digest-22: y6cYYNDdi57CQqcEUeNU3YRWpqm6ghNcEJYw3686S4hS4R8NgPCc/pZ0hVrwPUDy
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept-Encoding, Accept,Accept-Encoding
cache-control: max-age=0
set-cookie: profile=1674938453983;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/cart/payment
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/cart/payment
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
PUT /cart/payment HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 79
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMXFSTFNjMThZczh0K3k1eHhRekE9PSIsInZhbHVlIjoiNWp2ckNINWR2bzZmaG9nZUpaMlFqa3B2YTRyaHNSY2ZBa093Q0Y1K0JLZ2kxWG5pV253Q2JXZnhpcnJDQzVnNlEwV2dYcWlRMzBiT0pzM05KZHZ5WVE9PSIsIm1hYyI6IjE5NzE5NjlkNWMyNzlkNWQ3YzEzYzBkOWFmYWQyYjRiMTk3Mjk5MmMwZWRjN2E4ZWY3ZGFmYWIxMjgwMGUwMDEifQ%3D%3D; bubbstore_checkout=eyJpdiI6IjFRTFJ1ckRJREhTcWJ3QkdOeTJ2SVE9PSIsInZhbHVlIjoiTGNROFNIYktUTWFqUXJTaXBKQjhMa0xcLzRaKzYrQ21ZRkpPVVpnR0hDSnlQa0lycmljeGpTUE8rd21YRU9oRGcrN3g1OEdkTUxJRE4ySEtCeUYrV3NnPT0iLCJtYWMiOiJjNGMwMWU3YWY1MDlmZDNhNGE4MWJjNzliNjE0NGE1YzgzMTY3Y2JhNjdjODhlYmQyNTlkNzE5N2E1ZWRmMmZhIn0%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D; recommendationLoaded=true; __ana_uid=1-zjwc46uc-ldgf41x4; __ana_utm={"utm_source":"SMS","utm_campaign":"Carrinho Abandonado 1"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6InROK3daSWVHNGF6em5TeEs1UG5IckE9PSIsInZhbHVlIjoiN3l3MzVxNjBRU1hCTTVITmh2aGFWQ1VJdEtSSmdYMWtHR1BMRjEwTU9ZN0xRdFM5bk1sdmlLbTRrQ0VyZlU1aWROMHBpRjJVMzZDUWV3NUVnSjdMZmc9PSIsIm1hYyI6IjdhNmJhNTM5MTIxZWY1OTJjNjI3ZGFhMDQ1NTZiM2FhMzViZWQ2MDU4MjgyZjhkY2UzN2JjZTRkNmZlMmJiMzgifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IkFvS1ptM25oUHQweHkyeHAya0oxV1E9PSIsInZhbHVlIjoiTWdRSmNLUVwvNmp2NDBkdXJHcjZ1VmhneGFcL0J2UlJPdzMyc0gxTlVVaW9SS0NFcHkwZnBDMzhmZGpSM2I0dGc2YXJ0cElUcDlqaEVURWFUVHFSQnNPdz09IiwibWFjIjoiMjE5NTJjY2Q0Mzg3YjY3ZjhmN2I2NDNhMTRiODQwMzY4NDMyMWRjZGY4OTA2OWYxOGI0NjdkZWUzOGQ3NDVhZCJ9; expires=Sat, 28-Jan-2023 23:40:55 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IktmcFN6aDZ4WDdPeW9cL1FWa0VIakdRPT0iLCJ2YWx1ZSI6ImJvcVA0ZU1sVExRNEtVUmhmSzlOOExYcU5nYnJ5c3V6NkpuTU9Pc01OMElDY2tEM0FIRnp2NVJ4TENnTkRKaTdaaW1Bdmx2Zk1DT25yd2habDZVYnBnPT0iLCJtYWMiOiJiNjgxNzM4ZDFhMmMxNWJkNDg4YzEwYjY2NmIyYTk0MjllOTIwZDAwMDU0NmVkZmFhMjUzYmUxYjg2N2UzZDZhIn0%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IktOSHJlYnFBcHQxcjZxZWxybndiekE9PSIsInZhbHVlIjoidVdWZkZmNzBUd3Q4TVFlbVRxS1VVaEl2TmxNRE9rdHZGNUVvWnZ6MWRtTnZaRXI0T0w0T3JMOTB4NGxvYXh2MW5xZis5enRxV0pmRG96NVlQZkQ4elE9PSIsIm1hYyI6IjJmNzcyMDg3YWFlNDZkZjRiZjA1NWNkZTQ5N2EzNTFkNmEyMjdjZWRkMmU4ZjBiMGJkYzExNTU5Yjc2MmVlNzcifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
dna.uol.com.br/js/dna.min.js
152.199.20.182200 OK 0 B URL HTTP/2 dna.uol.com.br/js/dna.min.js
IP 152.199.20.182:0
GET /js/dna.min.js HTTP/1.1
Host: dna.uol.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: max-age=3600
content-type: application/javascript
date: Sat, 28 Jan 2023 20:40:57 GMT
ec-rule-version: 20230120-01
etag: W/"63c5916b-2785c"
expires: Sat, 28 Jan 2023 21:40:57 GMT
last-modified: Mon, 16 Jan 2023 18:03:23 GMT
server: nginx
vary: Accept-Encoding
x-request-id: b2b8b9913c4ec26fed2574168bf904c4
X-Firefox-Spdy: h2
fonts.dooki.com.br/fa/4.7.0/fa.css
104.18.0.53200 OK 0 B URL HTTP/2 fonts.dooki.com.br/fa/4.7.0/fa.css
IP 104.18.0.53:0
GET /fa/4.7.0/fa.css HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: text/css
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: HIT
expires: Sun, 05 Feb 2023 20:40:53 GMT
cache-control: public, max-age=691200
set-cookie: __cf_bm=KA7VxTGa.EQ5tfVPWoy8W1EFkTbeZGln9l7vct_cJqg-1674938453-0-AXHC1I+AlhKJJmzSTn0PEKRaCYGlGnDpxAdXbnhR/Qtic92extQVxspsIcNMsis/bMEfKfLWig7jj/IeJgsuAH0=; path=/; expires=Sat, 28-Jan-23 21:10:53 GMT; domain=.dooki.com.br; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c8bb34921b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
github.bubbstore.com/svg/card-aura.svg
172.67.149.218200 OK 0 B URL HTTP/2 github.bubbstore.com/svg/card-aura.svg
IP 172.67.149.218:0
GET /svg/card-aura.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-111a"
expires: Sat, 28 Jan 2023 20:50:53 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 294A:37CA:8AABDA:B80825:63D40236
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674838582.195470,VS0,VE94
vary: Accept-Encoding
x-fastly-request-id: 30347ffd13b0abf44a823a2800508195b87359a6
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDMaW%2FLit0d%2B8npTw7Arz8wFsbvJPcUilhIWkpX3K7CsCg5Lb2D6GlTU%2FdIsB6EbERspo6MFrKe62KhydK2HkxKbtivwxXRHNl9FyqqIKqu2Ib%2FUaxcvPn95lRZHw6xJjI4yRLEJyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c8bb7795b1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
github.bubbstore.com/svg/card-mastercard.svg
172.67.149.218200 OK 0 B URL HTTP/2 github.bubbstore.com/svg/card-mastercard.svg
IP 172.67.149.218:0
GET /svg/card-mastercard.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-5b3"
expires: Sat, 28 Jan 2023 20:50:53 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 7708:0B0C:657AC1:858E3E:63D40235
via: 1.1 varnish
x-served-by: cache-bma1645-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674838582.821647,VS0,VE106
vary: Accept-Encoding
x-fastly-request-id: 7412d7df84baa34d81d1263ed6eb85a11e285396
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHu2ohx%2BsopiM15OMy8yY5jrs%2BLWP0KZm0z1h9yXpAdd7%2FW2lWFzQlQM6FmB37NvZyjZFN%2BZTkOZhq3Y5KEnYqfYdfyvXwloW1%2FoUm5tAsz2xXAxTNNElgqCnWrXzmJkro4KytFLtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c8bb86adf1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
seguro.newbotox.ml/cart/recomm
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/cart/recomm
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
GET /cart/recomm HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IitMOUhzNElFeVE4bWhUbEVpT3o0V1E9PSIsInZhbHVlIjoiQ1UzVTRPSFpuV2xPRXNcL01zRWV4SXNnM2xpdVwvb1RXbUhmUFhHT0lOZ0hMc1VxekdRN2NuaVFmZm9zN2hSVjBONSthV3JlQXc2VzJZQnJwSjgrS1ZCdz09IiwibWFjIjoiNTI5NDQwNTA2YTg3MTlmYWI4MmZhMmRmNjMzMmNkZjk1NzFlNjg0NjMzY2QyODYyMGE4MmZkYWVkODVmZmFjMSJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjU1NDNsSmJJbnBZbHRGU3B2dmRlMHc9PSIsInZhbHVlIjoibjQzSWZBeXdJUHRSbTJUckl0TVg5RzdlVVZSR3g3RUI3aW9RbzlTOUZGYytzOTJXcWpmVkdOKzVwYzlSVFByM0UySkJKSXc5R1lRaERTbzd0VDhiV2c9PSIsIm1hYyI6ImZlYmE1OWE4YTUxZmI0M2UxNmZhNTBjYzEzZTFjY2RmODQ1MDczMTE0YWI5ZjNlMzZmMTQ3ODI0YTk3NTBmZTEifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6ImRTbWNYeitrNHM2SVI0ZzFmQU84Rmc9PSIsInZhbHVlIjoiTEVXdThleXVPMEdVR1wvbkZLYTRRVm43M0ZyclFseG1RSHZyK3JPY2V1R0lvVEpTUUJXazVva2FUeDM1Y1I4U2kwYnlqVTAzWFJnXC9YMExyRWRvNnIwQT09IiwibWFjIjoiOTg1OWIwZjE4ODlmZGMyYmIyMmRmMzI4ODkxMmZmMmY5ZTBmOTBmNTY0YjFlM2E3MDNkYmMzYWFjMmU1OGM3OCJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Im56cDZLb2tjZWtHOSs1dzV3QWRnenc9PSIsInZhbHVlIjoieENpTE82aFNVc0I4bnVGNW5KbGRBYkFmc1hObGRqSHd4UFBTU3pmK1wvQjJ5R2l2MmlUU1B4RzF6ZlJ0WktybWpZTGRkNlZcL2RmMmRRQ0V1dW1Pdlc4Zz09IiwibWFjIjoiMGQ0ZjA3OWIzMGUyZjVhNWQ0Mzc5ZjQzNDgxNGU5NDhjYjFkZjlmMzA3Mjg0NmE5NmY0Y2ViNzMzNjMwZDc2NiJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/cart/payment
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/cart/payment
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
PUT /cart/payment HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 79
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6ImpsMXFSTFNjMThZczh0K3k1eHhRekE9PSIsInZhbHVlIjoiNWp2ckNINWR2bzZmaG9nZUpaMlFqa3B2YTRyaHNSY2ZBa093Q0Y1K0JLZ2kxWG5pV253Q2JXZnhpcnJDQzVnNlEwV2dYcWlRMzBiT0pzM05KZHZ5WVE9PSIsIm1hYyI6IjE5NzE5NjlkNWMyNzlkNWQ3YzEzYzBkOWFmYWQyYjRiMTk3Mjk5MmMwZWRjN2E4ZWY3ZGFmYWIxMjgwMGUwMDEifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjFRTFJ1ckRJREhTcWJ3QkdOeTJ2SVE9PSIsInZhbHVlIjoiTGNROFNIYktUTWFqUXJTaXBKQjhMa0xcLzRaKzYrQ21ZRkpPVVpnR0hDSnlQa0lycmljeGpTUE8rd21YRU9oRGcrN3g1OEdkTUxJRE4ySEtCeUYrV3NnPT0iLCJtYWMiOiJjNGMwMWU3YWY1MDlmZDNhNGE4MWJjNzliNjE0NGE1YzgzMTY3Y2JhNjdjODhlYmQyNTlkNzE5N2E1ZWRmMmZhIn0%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/e/t
170.82.173.30200 OK 0 B IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /e/t HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 371
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImpsMXFSTFNjMThZczh0K3k1eHhRekE9PSIsInZhbHVlIjoiNWp2ckNINWR2bzZmaG9nZUpaMlFqa3B2YTRyaHNSY2ZBa093Q0Y1K0JLZ2kxWG5pV253Q2JXZnhpcnJDQzVnNlEwV2dYcWlRMzBiT0pzM05KZHZ5WVE9PSIsIm1hYyI6IjE5NzE5NjlkNWMyNzlkNWQ3YzEzYzBkOWFmYWQyYjRiMTk3Mjk5MmMwZWRjN2E4ZWY3ZGFmYWIxMjgwMGUwMDEifQ%3D%3D; bubbstore_checkout=eyJpdiI6IjFRTFJ1ckRJREhTcWJ3QkdOeTJ2SVE9PSIsInZhbHVlIjoiTGNROFNIYktUTWFqUXJTaXBKQjhMa0xcLzRaKzYrQ21ZRkpPVVpnR0hDSnlQa0lycmljeGpTUE8rd21YRU9oRGcrN3g1OEdkTUxJRE4ySEtCeUYrV3NnPT0iLCJtYWMiOiJjNGMwMWU3YWY1MDlmZDNhNGE4MWJjNzliNjE0NGE1YzgzMTY3Y2JhNjdjODhlYmQyNTlkNzE5N2E1ZWRmMmZhIn0%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D; recommendationLoaded=true; __ana_uid=1-zjwc46uc-ldgf41x4; __ana_utm={"utm_source":"SMS","utm_campaign":"Carrinho Abandonado 1"}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:55 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IklwQW9hSDE5NXdnZGt1dUsxekNnR0E9PSIsInZhbHVlIjoiMFwvN2JXTDJtemlRVlpESkswUGJJUFJ6SDVEWEF6eld2ZlVGXC9zV0lIVm84dUl4REVXWjdTcEZMT1ZXektXSDZma1VWUHNHS29QZ0NHanRkOEpGQURMUT09IiwibWFjIjoiY2IzODNkYWRjYzFlNmFmOGQ2OGNhOTQyNWFjOWFmNTU3Y2RhZTA5ZTUwZmE5NmM0YWNjNDY3ZGE0ZWQ1ZDc3ZCJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImNVSDRWWnhKNnltamZ4cTkzVTd0Vmc9PSIsInZhbHVlIjoidDlaMUhvXC8wYkJyTkVPVUs3Y0ZHZk9JT1wvdklLTGxRVE9NTTJxVm4wd0xiU2hESVhmdnBjZWJVUXo4Q2hLN3lzWnd2d2UzZjJPajhQS0RreHZvVkt1Zz09IiwibWFjIjoiNTJkOTQ0NTU0MGZkYjA1YTIyZmRjOGJhZGIwM2UwZjZmMzNmOWVmMmQ4ZWIzYzgyNzlmOGE1ODg1NjczYmU2NyJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/cart?cart_token=37b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=544ac29e5477374e88758a965806ff0b48752541&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
170.82.173.30302 Found 0 B URL HTTP/2 seguro.newbotox.ml/cart?cart_token=37b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=544ac29e5477374e88758a965806ff0b48752541&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ml domain
GET /cart?cart_token=37b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=544ac29e5477374e88758a965806ff0b48752541&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 28 Jan 2023 20:40:50 GMT
content-type: text/html; charset=UTF-8
location: https://seguro.newbotox.ml/checkout/payment?cart_token=37b3c832-9f36-11ed-8b44-02f91afe0016-63d563b0f2811&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=544ac29e5477374e88758a965806ff0b48752541&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IklFdTVxRFoxUmhzN1RBaFRha1pKRlE9PSIsInZhbHVlIjoiNUlvY2hUMTVYYzdWdG50S25iOHZcL053ZURiZHFJdkJ2bGIyZFNRVlFBXC9xcVVPeXNTZzRuSk9qQUtXY25aeEpwbzN0VXBzN0pzdUtLcTRiakI3RWw5dz09IiwibWFjIjoiYmQxNDUzYzBmOWMyNGM2YjY0MTUxZTM2MDIzOGU2YzliMzQ5Y2U3OGJjZjBiZmM3OWIwNjQ0MGVmYzJiYjJjNSJ9; expires=Sat, 28-Jan-2023 23:40:50 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IlJuRkhOcTFXdjVxU1wvbmx5TkpXTEJBPT0iLCJ2YWx1ZSI6InJ4VUpoMFk1eG1BbExCUTcyQ3REcDBGYUhMKzFzQmVmQVppdzVackhxdWR5cGp1MVwvYThINVhSdlhtQkxRVUxnbTdydVJJOUVycTJYU2lcL3RUOEEzVUE9PSIsIm1hYyI6IjExYThhNDY2NmYyYTg0YmM2MGFhNzhkMTRiZmUwOWY4MmI2Njc0MWQ0OGQ4ZDA2YjUwZTVhODdkZTE3NzBmZDkifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:50 GMT; Max-Age=10800; path=/; httponly
pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; expires=Thu, 02-Feb-2023 20:40:50 GMT; Max-Age=432000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2
awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=0d8d6a92e9fa66c414d78f3353e643b0
172.67.72.14200 OK 0 B URL HTTP/2 awesome-assets.yampi.me/checkout/build/mix/assets/js/app.js?id=0d8d6a92e9fa66c414d78f3353e643b0
IP 172.67.72.14:0
GET /checkout/build/mix/assets/js/app.js?id=0d8d6a92e9fa66c414d78f3353e643b0 HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: application/javascript
x-amz-id-2: K/EHESlWLCGW8A6AtF0eaAijovlrup0iAHA/fPCp0ecLP2tZz7wKHGpBroxP6KWxhBEq5pzLzVE=
x-amz-request-id: J8VQTHGTKRCQ91B5
last-modified: Tue, 24 Jan 2023 14:06:10 GMT
x-amz-version-id: cO0VOLTwBag23Dv2NpGr6QTaJJ_IZSsG
etag: W/"7be8a84c592823cabbcc6eba398f4b22"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WGzzoqrkbaM%2B7QzoW0KCDS1zZAN3zaKT9SUPY9aCHYJc6VpzWImTyHlSx2YxMI%2FDVnyhkv7tibeX%2FIWOHQqHFnYlL4eMHXSlhf2XFvEY7QhXc%2FHOcBsYvssqZ8kX8Ds8%2BN0PYY5Q1sPQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c8bb06c860afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
github.bubbstore.com/svg/card-discover.svg
172.67.149.218200 OK 0 B URL HTTP/2 github.bubbstore.com/svg/card-discover.svg
IP 172.67.149.218:0
GET /svg/card-discover.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-f89"
expires: Sat, 28 Jan 2023 20:50:53 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 55EA:61CB:900552:BD64AE:63D40235
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674838582.821486,VS0,VE103
vary: Accept-Encoding
x-fastly-request-id: 8d3af4b5fb3eefe8a561deb9f1923e37bcfa52e2
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTNAKyL%2FU6%2BQSAgtfedN8hhBmIqNzV5RH1cTu%2FU3n%2BP66RGxZ2i2KlQ%2FfIzFDBmDMdW3OsWONGdyi8yiRYk%2BUsrUOj6gxTacnoiKWdtpCSna26CVaLMq77qA%2FURFjc1zsunSKj5LWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c8bb7896d1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InZZbTlUZXBNQ01kSjZZTnByME5jS0E9PSIsInZhbHVlIjoiRXdnaHpscFZWMlJGT0dDT0s5aHdQT08ybjFaNklwdTROM3lKVWY2bVBHVTFHUERtd2lPN28wdVhqWFVQOVJzYjhsT2RvU0pnOWNuVEYyMGp6KzdaZWc9PSIsIm1hYyI6Ijg0NzIzYzMzZTY4NmNiMGY1YzA4MjkzYmY5ZmNiNmJkZTNlNDhkODJiZTE0ZDJlMGMzY2M4Y2NlMTBlNjRiNzQifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Ikd0VStURFkzR2xTNUJEUU5mbld3QWc9PSIsInZhbHVlIjoiU3ZDRXRndWZaUmZsVWZyUGVvQ2VnUU1weXRmQWN1MW9yVmZDQWp6dUY2U1VTS0FiaXN6bkxXaURZQzhxWWpYUzBMYmEzYm9pcEVZNjR3dkZhbTl3VHc9PSIsIm1hYyI6Ijc5MzRhMmJkNTM2YjMxYzE5YWQxN2I0ZjA1YWY5YWE5OWQ2M2QyNTg3MTg0NTZmZGM1NTNjM2UzMTE2YzE3NTEifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6ImV6KytOZUw2bU5MT0FndjlEamdKVnc9PSIsInZhbHVlIjoiYTV0U0JGTVVRUE5JRTJlYk45Z3cwdnRPUmRKdUtxZzlLWUl2MitGYTQ4K0FURXJ3eVZjUnRNaVd3UzA2a0xiUXAxVTJiWWhyYjdoZisrT2VQemEwZUE9PSIsIm1hYyI6ImE1OWM4YTcxOTk2Y2ExZWE5NjM3ZjI0OTZjNzRhYjRkMjU2MzQyNjE5NTNiY2U2NTliOGQ1YzFlODFiNzhiYjgifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImxcL1pvT2lKQlZRbkR6YUJGUk1SekFBPT0iLCJ2YWx1ZSI6InlYZ1h1d21KS0hLOUtac3N5MW9OTDQ0dFZYNURoMUpvNmxBQVFtdVorZHo3VU5HM2dXSVVIa1dLakVyS0hDWkQyQTFtdEJFekpoaFJ4T1cyMTUwZG5RPT0iLCJtYWMiOiJkNDg0OTE5ZmQzYWM4Njc5MmM4YjFhMDg4NjI0NTNiODgwYTk5MzYwNjU3OWZjZmQ0NDlmMTdmZGYzNGViYmExIn0%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InRiS1V6TFNxa1FPOGVWOTNJUSs0TGc9PSIsInZhbHVlIjoiaExndnhLRVwvUXViRmdQQWZWV2xhb2NDN0dvYlVUQzZKSnlWek11aTcyM3dtUEx5K09neVk4SVBRWVwvMW9kam9IQXZ4eEpYakxXSG12M1V6bVc0UFF2dz09IiwibWFjIjoiNzBlOGMzYzE4NzlmMzRkMGRmM2RlNmRjMDljZjliZDc4YWQ0N2NjNGQ2MTU4ZDJiZDViZjljNzExZjBhMmVkMyJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImNLXC9wSWVXdmoyUm5DazNsUW9pTnh3PT0iLCJ2YWx1ZSI6Ik1VZXI4SG9kRlFqaElLQVhMZE9jeTd2K0Z4SHdiWE9WZlFvTEV5SGJlXC9vRG0xYit3dm9FdmU2M3ZwUjRLa1ppaU5HUXF3VlBzWXRrSjhDWk1TWDdsZz09IiwibWFjIjoiMTBkNzJkNWU2OTFjOTQ5ZWZiMjViNDY5MWRjODVkMzZmYWQ0NGJkM2M0YjA5MDgzODA2ZGEwZDQ5MDQ3MmE4ZCJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
www.mercadopago.com/v2/security.js
54.230.111.66200 OK 0 B URL HTTP/2 www.mercadopago.com/v2/security.js
IP 54.230.111.66:0
GET /v2/security.js HTTP/1.1
Host: www.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 28 Jan 2023 20:40:53 GMT
set-cookie: _d2id=e65c7b3a-3f8b-4c67-b247-238adce86887-n; Path=/; Domain=.mercadopago.com; Expires=Sun, 28 Jan 2024 20:40:53 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: get_off_widget
content-encoding: gzip
x-request-id: e65c7b3a-3f8b-4c67-b247-238adce86887
x-request-device-id: e65c7b3a-3f8b-4c67-b247-238adce86887
x-d2id: e65c7b3a-3f8b-4c67-b247-238adce86887
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XVuHsd1W24GSwkUWpl3J7KQVktJDv5BpXZsHIgu7sMQsgCMogDvaog==
X-Firefox-Spdy: h2
api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.newbotox.ml
54.165.15.136200 OK 0 B URL HTTP/2 api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.newbotox.ml
IP 54.165.15.136:0
POST /v1/devices/widgets?referer=https%3A//seguro.newbotox.ml HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 45
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: application/json
vary: Accept-Encoding
x-request-id: db88ec45-d02e-4942-b2a0-5a6f8f42df10
x-trace-digest-42: W8oaSDgJgYYFAmOMr5aC6kDMnuN/ghjxiEgOaszg0V5kc2XVS+n6chKzjywDSiNy, W8oaSDgJgYYFAmOMr5aC6kDMnuN/ghjxiEgOaszg0V5kc2XVS+n6chKzjywDSiNy
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-42,x-trace-digest-keys,x-trace-existing-keys, x-source-ip,x-trace-source,x-request-id,x-trace-digest-42,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154, 91.90.42.154
x-b3-spanid: 1b11198236b53976, 1b11198236b53976
x-b3-traceid: 1b11198236b53976, 1b11198236b53976
x-trace-source: fury_app, fury_app
x-b3-sampled: 0, 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid, x-b3-sampled,x-b3-spanid,x-b3-traceid
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
access-control-allow-origin: https://seguro.newbotox.ml
access-control-allow-credentials: true
x-transaction-name: public_get_session_widget
set-cookie: profile=1674938453964;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Ikd1SlhBdnhWcnoyMnZQXC9teE1uelVnPT0iLCJ2YWx1ZSI6IkZ1MGZpNm9tVVBCamtIQ3FNS1NKaERvN2d5XC9Cc0F4cXNIOXlsZmRydjRnc3ZMRzRyNkpjUzRDK0hTYklXWFFodFhrSzQ4OFNCQUVMdmZEcXFHS0I1QT09IiwibWFjIjoiZmE5ZmM2ZjNlZTI3ZDZlYzYwZTU4ODQ4MDc0MmExMjAwNWE4NjBlZWQ5ZDk3NzZkOGRmNTYyMWI2ZWY3OTU2MCJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImZjSitua2ZRRWs0dGcwT0RpVk1yTmc9PSIsInZhbHVlIjoiVTY3UEdLc2pSNWZJeDNldE9mSnVhRlZRamxTQlwvNTlEQ2R0aTdKbWlsMnNoZWFjS1FraklveG1teXY2VWJwNXJianR6bG55cU4zajFFS1l3RHlhWDBnPT0iLCJtYWMiOiJjMDNkMTQ5OWVjNjVjYzAwYjRlMGM3ZGI4NDYwNjc1ODJiZjA3MWU4MDhiMzE3M2E1NGU0ZWEwMzBhNmVmOGJhIn0%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Im12c0s1aFJCMTFjWEMxcU4rNnpNV1E9PSIsInZhbHVlIjoiUVwvQkEwTlwvRmE5TlJXbEk2Wmg3RGk4U0EzXC9NOUZpdzBqYURaMHdTOE0xU3QzdUVLaE5hNlRaXC9IY0Zab2tJNVpKcFwvNXBVeWlkSE1jV1huVHZtUUZaZz09IiwibWFjIjoiNGY0N2YyNTgxMzQ0YzQ4MDI0NzJlZTkzNWM5ZTg0ZjQzNGQ1Nzg3M2U4OTM2MjFlZTc1MDY5ODcyMjFiZjEyNCJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Ilg5aW9BTkFBSnpmVWNZbUUrYUZ6QXc9PSIsInZhbHVlIjoiQlZBN3BjbWRRRlh6WmZRUlYxalI2OWNHOWV3WTFMNXhcL3VyalF5QnFLbG9GN2tPaHVXOWt1RUlBOVBsTWt2dkRTSUwwbjFDWmh6Vjhyb1wvanNFNHlWQT09IiwibWFjIjoiM2M3NzI3NzY4ZDg0MzY0MmRjY2UzY2MxZjc3ODNlMjM3ZGU1MmJiYTI3YjFiMGE2OWExYWU2NDRjZGQzOGIxMSJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Im9NdE1XZnV4VnB0aHZ5RzFyTDRzNHc9PSIsInZhbHVlIjoidU1abHlybGYxTDc3KytWRWJoRnVCUGxTT25OSW8xUGVUTFBKTjg4aGsyWnNIc1hOaVdPVjQ0N1JPSjN1czMzWmFRczNiU2lJRXdLUW5tdjI1NXJycXc9PSIsIm1hYyI6Ijc2ZjgyNjczY2RmOWJhODAzNzU3NjlkMjg2ZTUyMmFmNGUzYjEyZWVlNTQzMGVjMTFkYmIxMTE1OTIyYWVlMDEifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IlA5dFFkT0YxNExrQ1BWSHRtNmwrdWc9PSIsInZhbHVlIjoiYUljdTErcmRYWWdjS0R1dzZjek9OdUNDV0pLb1wvczB1Sm9JVm5zRU50WGJCVTZSanNkaGFmYVRmNXd4UkU2R2xDREpGUVUwbHIzSUdlWnVXYjBGaFR3PT0iLCJtYWMiOiJkZWIwMjc1Y2UxYzQwMjgwZTU2Y2M4OTk3NzJiMTU3YzM2OTUwMWViNWQwYjI4YTIyNTUzYjk4Y2FhMWJjYmE0In0%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InQ2c2pMQjJlak9mVTA4aU9oRStRS0E9PSIsInZhbHVlIjoiQWdKcjd1aE00akQycG5yVDBXY01kcm1XUGFuQzZZR1RudUdkK2l3aTlhNUFad1lUQVwvbkp6STM5UHdOYVFQRzE0XC9DUjFKYkNLbUdFcklvYVM2VEs1dz09IiwibWFjIjoiZjcwNTk2ZTY4ODdhOGE5MzUxMzc4MjU5MWZkZmUxZjU4MDBkMzBiZjdlM2MxMDEzMTZmOTA2NjNmM2U2MzZmNiJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6InluRllPTTVaNm9kRFV1S1RLNkFNVXc9PSIsInZhbHVlIjoiM0V5UWJSeFFXQWEwMUN2TXNxOHVrT3BlNjFlN1NhWFhcLzJcL1FDaWhjSzRYbnJ2VXQ5eDRPTTRlMmgwc3JacmZVVzB1NFF3ckRzXC9CUGk1VlhHXC9cL3l0UT09IiwibWFjIjoiZjQzMGJjM2RkMjM2MmM4MTFkYWFlZDIzNTlkMTdjZmU5ZDIyMzFjNDA0NGIwMGFjOWY0YzA3MzExZTNlMDllOCJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
github.bubbstore.com/svg/card-diners.svg
172.67.149.218200 OK 0 B URL HTTP/2 github.bubbstore.com/svg/card-diners.svg
IP 172.67.149.218:0
GET /svg/card-diners.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-99b"
expires: Sat, 28 Jan 2023 20:50:53 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: CBB0:0B92:6D975B:926A28:63D40235
via: 1.1 varnish
x-served-by: cache-bma1666-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674838582.821287,VS0,VE101
vary: Accept-Encoding
x-fastly-request-id: 26d2c3fe7e0f5458f554b1e182532784b2d52453
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnqqnnfKfqMD9XWYl3dive1PqpJTrk8b%2Fh7zvyzIUuH7S9w9kCNCVFsi0cqMIYTVvr0wXsDSp8VSCU6zoWiiBBUf01fc1GTvejXv1RDGPj5ig9b81FnmMbunRbFUlo0vFsl5iUgYPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c8bb7b9ae1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjZPbFZqNHMwcGRsTGNrbUl4RzVHWEE9PSIsInZhbHVlIjoiU2llWnFtclkzR256VlA0elFkdGlYNlJQK2ExMWFaZFZjQ09TblBBQjdSZ0g5UWRKRVBxQUdjTVNuZkVWbGlRZjg0N2hwQStMQzVUWFQ3aWdJYWM4UXc9PSIsIm1hYyI6Ijk1N2M0NDYxNGEwMzcxYjRlOWE4MjMzZTAwN2Q2Y2IyNzIwZGQ0ZWZiNjczMGQ5MmExODg4NGMyYzUyZDAxOTkifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IkZtV3hMa01KbFwvS2dya2dwb0tEWXVBPT0iLCJ2YWx1ZSI6IjIrS3ljWUdaUWl4SW5WcUtqNzJBeSs0VTB2blZiblRCSCtKRlZoOE1TSmhlSnlWK3FzWGtTYVY2V3RMcTh3REZoWE8xdVRSblpPV0g1aVhzZXZNK3JRPT0iLCJtYWMiOiIyMjZmMTBlMTg3MTA0YTAxNDE1ZDUxMWEzOTc1NjAzZmQxMzhiZjgzYTZmNjhlOWEzYWQyZWNiNzZkYjkwNGVmIn0%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
assets.pagseguro.com.br/ga-scripts/latest/dist/pagseguro.js
54.230.111.103200 OK 0 B URL HTTP/2 assets.pagseguro.com.br/ga-scripts/latest/dist/pagseguro.js
IP 54.230.111.103:0
GET /ga-scripts/latest/dist/pagseguro.js HTTP/1.1
Host: assets.pagseguro.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pagseguro.uol.com.br/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Tue, 17 Jan 2023 13:48:31 GMT
x-amz-version-id: kLjtyLQm8ES11J5ASg1GnOsaj..n24ED
server: AmazonS3
content-encoding: gzip
date: Sat, 28 Jan 2023 20:40:55 GMT
cache-control: public,max-age=300
etag: W/"b3ea946096967598f0b6c92ad51acb77"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JBsWU7v8RVsoKxX8-gzuchoyfbjLJCVLxtR0mPBHN6OG-sCeDp-kCQ==
age: 199
X-Firefox-Spdy: h2
awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=0f68d2669d40348ccb7bc9a9d17328f5
172.67.72.14200 OK 0 B URL HTTP/2 awesome-assets.yampi.me/checkout/build/mix/assets/css/app.css?id=0f68d2669d40348ccb7bc9a9d17328f5
IP 172.67.72.14:0
GET /checkout/build/mix/assets/css/app.css?id=0f68d2669d40348ccb7bc9a9d17328f5 HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: text/css
x-amz-id-2: j/S4cRK7h2RJJ8oPBInTkUyHWMs2uLy5Y2k2gv7J5HVqK6+oYOtQiL9kw5ONDjsNoD1SA2PVHdI=
x-amz-request-id: CW5G8BWSRMPMAXS4
last-modified: Tue, 17 Jan 2023 17:16:35 GMT
x-amz-version-id: 6DNQN8Tr5zNrG9AbFAdSPatqVsIP8Y4C
etag: W/"0f68d2669d40348ccb7bc9a9d17328f5"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8lpsKQ9sn2RjzGwXfn%2F9TjOhhbKKlXQRx5GjWNDDl0kzTlnWJDYsi9QpSU3vshGUEhN9l7I3B%2BjFZ7rAKLVdol3pSno3w1uRXx7sBBR0CwzImbYpZT5Q0zMfmjdNkxoa4s%2F%2Fj9dlW4h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c8bb06c910afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
github.bubbstore.com/svg/card-hipercard.svg
172.67.149.218200 OK 0 B URL HTTP/2 github.bubbstore.com/svg/card-hipercard.svg
IP 172.67.149.218:0
GET /svg/card-hipercard.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.newbotox.ml/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:53 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-54bc"
expires: Sat, 28 Jan 2023 20:50:53 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 112A:1762:A5B048:AB7C96:63C930C9
via: 1.1 varnish
x-served-by: cache-bma1625-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1674129609.092807,VS0,VE122
vary: Accept-Encoding
x-fastly-request-id: 2cef2eed1144a2ce2f17e6a455b6e5a6c74868b0
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7wHGb5Cpa8p0HQDyUTZl78iTs3NS5H6q0jvYI9XSfeLTEaSLcdR9RdVftDtpeP0psbVqjUsgMqWJ%2FPexEB%2F7NJisx5hFF%2FFfvc8y97amTRc6zDe5MG5EH7iknDXMNTXX8Sgd8b1og%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790c8bb7896b1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IkxXTU5vQTR6cVwvUStvR3R5ZE1NTWlnPT0iLCJ2YWx1ZSI6IjZpeGRvWEo5Z1ZPTEx0SXdUMjFWYjdcL3FycEdBbVwvYnZrWk13bmhyV2V5MGt5ak1lWWNvWmg2TDNON2kzRUQ2dXlEWWVsUGl1aG4yWXd3blNKeERGMWc9PSIsIm1hYyI6ImU3YTAzOWFkYzRkNWQ1YzhiYmQ4NzVkNjMyZTllMjQ4ODMyYTM0ZGIzY2E3NDE0ZmI4MDI0MGY2ZWQxMDczODMifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImcxcHl6WFdUUk9IVVhVRVhwZjZzckE9PSIsInZhbHVlIjoicUJrc1FlQ2pHVnJOU21OUDBMc1wvZWhzY0pRdXR2WVoycWdXbEw1VVlKdW8xXC9UTmhWTzQyUnBoTzhWTm1QaEdqVlN2bmRUQ2RFY1MrTVpHbHc5SXZidz09IiwibWFjIjoiZDRjZTE2OWNhZGZhM2ZhNzViOWE3NWU0NmM2NGM4MDIzNzI0YTAzYTY5ZjgzMThlMWY1M2UwMTJjMzE0MmNhYSJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/e/t
170.82.173.30200 OK 0 B IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /e/t HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 375
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InZEcXFXWENUK29IelVwMnRYS2owYXc9PSIsInZhbHVlIjoieVpuSU1NNzJ6TVwvWmJmM2UwZysrT1JMK25Dckhyb1p4RG5RY1BKaG5XVHhKZ201a3FhVnJDRnRpXC8xRHhJcG1lVlp5cEpHSnJaRllsRnRBNVllTG0wdz09IiwibWFjIjoiNmVhNTJiMGY5NTBmMGI2MmE4ZDM0MzQxOGQ0MDQwYTBiMmE3NzA0Yjc5OTM4Njc4NmM0ZTNjNmEzMGZlNjY4YyJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6InhkUGFRY0VnMldFQlM5SFpVM0V4b1E9PSIsInZhbHVlIjoiMWVBaldieTZOWmVYSDFVMFhxQVFvUDVMb2Y2eTJsT1B4UWNQQ1ZLN1ZnUGtnMVJrMnJ2bldnSWMrY2lRcUVsOExkMEdwVUFCVVErZW9udGFQZlRjVUE9PSIsIm1hYyI6IjY0ZDZiMGYxYWQyZTUxNDA4MDI5MTkwNzc2YWI0YTJkNGEwMDY5NzU1MmQ3ZmM0ZjJhODMxZTQ2MzkzOWJkNzcifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.newbotox.ml/api/v1/pixels/events
170.82.173.30200 OK 0 B URL HTTP/2 seguro.newbotox.ml/api/v1/pixels/events
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
POST /api/v1/pixels/events HTTP/1.1
Host: seguro.newbotox.ml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 389
Origin: https://seguro.newbotox.ml
Connection: keep-alive
Referer: https://seguro.newbotox.ml/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=a0d68910-9f36-11ed-a8bb-554269e8944c
Cookie: XSRF-TOKEN=eyJpdiI6ImlPRlhjbVJac2xtQlhsQmZXUmFxaUE9PSIsInZhbHVlIjoiK204cHBiMWRJeit4MVlcL3FzYjF0MTk5MUV6cWJDU1YyOEZGOEE2bnd1RkpwNUcwd09BZXc1YlVSeCsyOTFkMmNYd3YwV1piUXdxR1BLNlJhRElLSWpnPT0iLCJtYWMiOiJmMTJkZjc1MWM2NDUwMTA5N2VjZTUwMWU5ZGRiY2Y3NzAyNTY2Y2UyZDUzOGNiMzYzMzU1NjcyNDhkNWI3ZmNkIn0%3D; bubbstore_checkout=eyJpdiI6IkRweEVLSVVQbGlET1VDb2V4YUNBVlE9PSIsInZhbHVlIjoiKzk2a2haME9Nd2JzK1dHVGlmeEJEUFBFaWpVbDBObUpCdllaNDJsd21pVGw3YTlFQmtDd0pFTGxmbFg1T0pXQ2pPSlpHREsyTlFKRlpub3lZSGlFUUE9PSIsIm1hYyI6ImNjNWUxOTRmMDk1ZTE2NTRjZGE5YWIwMGI0NjIyMWZhNTNlZWE1NzljYTE5MTUwYWZmM2RkODM0ZjgzODIxMDYifQ%3D%3D; pangeialoja2_cart=eyJpdiI6InQzOHpHSitpZHpBQ1lwdUlcL25rSmNBPT0iLCJ2YWx1ZSI6IjQyYjdwa3JzOUhmazYzR2VXdEFLYVlsYlh3MVFqYUxCcjlyYmdIdjd0NkE2YUNmTStod0ZDU1Q3M1M5V1R0S2RmbnFMbG4zcnRQXC9MV0lHTWtENE9zdz09IiwibWFjIjoiZjAyZjlkMmMxNTdlMGM2MjU3ZjliYmU2NzZjMDdkMGY3MDE5MjNmNTExZjMwN2IxMjg3NTk0MjA3ZTk5M2U0NyJ9; cart_auth_309035566=eyJpdiI6IkxnZnhQVytONUFyNUw2NWJrZVliRFE9PSIsInZhbHVlIjoibFlIa25NZkF2ZEo5S0FtRGozUDlycHRUUnA5VU94MEgxbGl5TFp6MjByd3Rzblpkb1lJa0R0TGx0VlVLYTlUaWtibnRRdDNLMEpyejZEVEMxOGVcL0l6eHpuRFNCNkUyVjdEWHFITnFTVVdOakFjU09NXC9tY2lWTWRiNW9Gekltc1NxMXlWYmsxYVFjS0VrU3NUQzJkUUFLV1U2Y2xNczc3WlhJRjVpM0cwOVR4cGgzZ2RRR1RcL0VrZkUzYXBMTDZCQ1wvK1A5QlwvVk5pZ2JXeFQrdFBhTzZ6blNSa2ZhNXQ0ZEd1VnN2WTlLbkV5cE9ncGhodmZBc0QwSDhFckx3bkxFdUlOUFJHeTMxaDN4YnlNWHZrdmljd0NRMEVySEZpdDRJeEU2WjJYYTdxTXY5Q2Z3MjhYQjdBcmNXT0t2b1pheHFEMU9lNE81RU9OOE5RRHM3cGc4YzdUU0NOaEVhMW83eUVwcURaOUFuN2tiWUVVTjF2UFdMbmIrczVIZjZFWThyc3U0TUhVeHZabFVHb2V6cjhWeXNSYmNGMElmYnh0TVNRaWNcL0orZ0lrY0RaZTJ4Z0orY1V2ZUJuRUg4UkVtWnZPa3VzNGgxTmpZdjZHMkxjN1RZWElhdWd3Q3A3ZVpOMlFDZkl0dkRES0VMWDVURmFlamZSVVRzTWN2RDZXTVFYVTY1TlJ1aU5RTXBiKzJtOHhsYk1XZjRIUTI3RlpCajN1dDlEUEZpSmNydWtVd3VRWlozY1ZTaUZjbzdUMjdwUlltUTZKa2Y2dkNNSzJyYVh3djY2eVdFZlZZVjhId0VhVHhrSXZSZUR6az0iLCJtYWMiOiIzNDU3ZDY0ZWQzOTBiZDQzOTUwZWE0YTkzNzhiZDlkMGFhNGZhNmIzZTkwNDVkOTY2NzA4M2NjY2I5YzAzYzVmIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:40:54 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InE1ejhwQUVKNWg2UUhjMUY3TjNUR2c9PSIsInZhbHVlIjoibUJlakZuY3N6b0U4MmxNWXJYU0RuSndkVTJ2Mk5qY3JCRzQ0dkRselRra0VERm02NFcxT0dtZWs4eUM4M2hHOW4yYld2Z2YxaGNycnVTM2FMc3ZoRkE9PSIsIm1hYyI6IjEwMmM5Mjk0MThiYjU1ZTIwNmUxMTIyMjI5MDg4OGJhZGUzZjg3MWIwODFlMjI1ZDE4OWU4MzE0NzkyNTNjM2EifQ%3D%3D; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6InNOclh2YVlkc2lCeVwvWUU2SXNJZDRBPT0iLCJ2YWx1ZSI6IkJqVlhsdDZ6bTdWNUhNdVRrR1lNbWd5VnBhdTlvRlk0aHhqdWh6UEZ2dUdraUpJcDdQaEhZZjZQc1gxSEpOZEQ2aFNWMHY5VlwvY3ZXNUw4MlQ1alkxQT09IiwibWFjIjoiMzQzNmI4Y2FjOGNmZWI4NWQxMDE1NjMxY2RjNWQ4OGY1YTRlYzAyMGFmZWQxZTM5MTQzNDQ3YmJkMjIzYzI4YiJ9; expires=Sat, 28-Jan-2023 23:40:54 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2