Overview

URL seguro.ofertasdeverao.online/cart?cart_token=shopify-9aa94aff4c7cdcaaea2e830b6cf0c7cc&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=14ff4ff5f9af26f9f5ee151204a5531f29ab3dff&customerToken=998b10c0-3eb0-11ed-b47e-3fdebbc9a44c
IP170.82.173.30
ASN3L CLOUD INTERNET SERVICES LTDA - EPP
Location Brazil
Report completed2022-09-28 00:41:42 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-28 2 seguro.ofertasdeverao.online/e/t Phishing
2022-09-28 2 seguro.ofertasdeverao.online/cart/recomm Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (27)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS github.bubbstore.com (7) 0 2018-10-11 16:37:24 UTC 2022-09-27 20:37:31 UTC 104.21.29.224 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-27 21:28:46 UTC 93.184.220.29
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-27 20:10:57 UTC 142.250.74.174
mnemonic passive DNS s3.sa-east-1.amazonaws.com (1) 60686 2017-11-14 13:15:14 UTC 2022-09-28 00:11:48 UTC 52.95.163.112
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-27 16:37:28 UTC 142.250.74.10
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-27 23:53:35 UTC 143.204.55.36
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-27 04:52:59 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-09-27 04:53:27 UTC 151.101.86.137
mnemonic passive DNS r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-09-27 04:52:25 UTC 23.36.77.32
mnemonic passive DNS ocsp.pki.goog (13) 175 2017-06-14 07:23:31 UTC 2022-09-27 04:53:14 UTC 142.250.74.35
mnemonic passive DNS icons.yampi.me (11) 0 2022-06-09 17:24:40 UTC 2022-09-27 15:32:32 UTC 172.67.72.14 Domain (yampi.me) ranked at: 256292
mnemonic passive DNS cdn.shopify.com (1) 2327 2012-06-22 18:37:14 UTC 2022-09-27 05:08:09 UTC 104.16.254.71
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-27 04:53:14 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS awesome-assets.yampi.me (2) 708511 2019-08-08 18:25:49 UTC 2022-09-27 20:37:31 UTC 172.67.72.14
mnemonic passive DNS bam.nr-data.net (2) 630 2015-02-10 00:06:27 UTC 2022-09-27 04:54:22 UTC 162.247.241.14
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 100.20.30.105
mnemonic passive DNS js.upnid.com (1) 0 2020-06-23 15:36:07 UTC 2022-09-27 07:33:18 UTC 130.211.14.112 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS fonts.dooki.com.br (2) 829308 2018-11-23 22:20:24 UTC 2022-09-27 20:37:31 UTC 104.18.1.53
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.49
mnemonic passive DNS seguro.ofertasdeverao.online (5) 0 2022-09-14 19:43:44 UTC 2022-09-24 16:05:23 UTC 170.82.173.30 Unknown ranking
mnemonic passive DNS images.yampi.me (3) 955081 2019-07-25 14:01:06 UTC 2022-09-27 07:33:18 UTC 172.67.72.14
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS www.facebook.com (8) 99 2017-01-30 05:00:00 UTC 2022-09-27 04:38:43 UTC 157.240.200.35
mnemonic passive DNS cdn.yampi.me (1) 309436 2019-12-08 15:51:20 UTC 2022-09-27 15:32:32 UTC 172.67.72.14
mnemonic passive DNS seguro.ofertasdeverao.online (5) 0 2022-09-14 19:43:44 UTC 2022-09-24 16:05:23 UTC 170.82.174.30 Unknown ranking
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-27 20:06:21 UTC 142.250.74.164


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 170.82.173.30

Date UQ / IDS / BL URL IP
2022-11-28 16:45:42 +0000
0 - 0 - 2 www.brinquedosbabebi.com.br/wp-includes/certi (...) 170.82.173.30
2022-11-28 10:54:37 +0000
0 - 0 - 2 www.brinquedosbabebi.com.br/wp-includes/certi (...) 170.82.173.30
2022-11-24 05:00:44 +0000
0 - 0 - 4 seguro.caixamisteriosa.net/checkout/payment?c (...) 170.82.173.30
2022-11-24 04:40:41 +0000
0 - 0 - 2 seguro.caixamisteriosa.net/cart?cart_token=f7 (...) 170.82.173.30
2022-11-15 06:03:21 +0000
0 - 0 - 3 seguro.sotrendshop.com/checkout/payment?cart_ (...) 170.82.173.30

Last 5 reports on ASN: 3L CLOUD INTERNET SERVICES LTDA - EPP

Date UQ / IDS / BL URL IP
2022-11-28 16:45:42 +0000
0 - 0 - 2 www.brinquedosbabebi.com.br/wp-includes/certi (...) 170.82.173.30
2022-11-28 10:54:37 +0000
0 - 0 - 2 www.brinquedosbabebi.com.br/wp-includes/certi (...) 170.82.173.30
2022-11-24 05:00:46 +0000
0 - 0 - 4 seguro.xiaomidobrasill.com/cart?cart_token=sh (...) 170.82.174.30
2022-11-24 05:00:44 +0000
0 - 0 - 4 seguro.caixamisteriosa.net/checkout/payment?c (...) 170.82.173.30
2022-11-24 04:40:41 +0000
0 - 0 - 2 seguro.caixamisteriosa.net/cart?cart_token=f7 (...) 170.82.173.30

Last 1 reports on domain: ofertasdeverao.online

Date UQ / IDS / BL URL IP
2022-09-28 00:41:42 +0000
0 - 0 - 2 seguro.ofertasdeverao.online/cart?cart_token= (...) 170.82.173.30

No other reports with similar screenshot



JavaScript

Executed Scripts (33)


Executed Evals (5)

#1 JavaScript::Eval (size: 15544, repeated: 1) - SHA256: 87ee55b6a14be406e7e5057321bfa597cef65647f5277f0e2f558c08388ebc67

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var t = this || self,
        P = function(U) {
            return U
        },
        I = function(U, l) {
            if (!(l = (U = null, t.trustedTypes), l) || !l.createPolicy) return U;
            try {
                U = l.createPolicy("bg", {
                    createHTML: P,
                    createScript: P,
                    createScriptURL: P
                })
            } catch (W) {
                t.console && t.console.error(W.message)
            }
            return U
        };
    (0, eval)(function(U, l) {
        return (l = I()) && 1 === U.eval(l.createScript("1")) ? function(W) {
            return l.createScript(W)
        } : function(W) {
            return "" + W
        }
    }(t)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var f=function(U,l){U.h.splice(0,0,l)},E=function(U){return U.C?Uv(U.s,U):w(true,U,8)},u=function(U,l){if(U.C)return Uv(U.s,U);return(l=w(true,U,8),l)&128&&(l^=128,U=w(true,U,2),l=(l<<2)+(U|0)),l},WG=function(U,l,t,I){for(;l.h.length;){t=(l.T=null,l.h.pop());try{I=lY(t,l)}catch(D){S(D,l)}if(U&&l.T){(U=l.T,U)(function(){C(true,l,true)});break}}return I},tk=function(U,l){return(l=E(U),l)&128&&(l=l&127|E(U)<<7),l},C=function(U,l,t,I,D,W){if(l.h.length){l.N&&0(),l.N=true,l.cv=U;try{I=l.B(),l.Z=I,l.U=0,l.g=I,W=WG(U,l),D=l.B()-l.g,l.G+=D,D<(t?0:10)||0>=l.J--||(D=Math.floor(D),l.V.push(254>=D?D:254))}finally{l.N=false}return W}},M=function(U,l,t,I){for(I=(l|0)-1,t=[];0<=I;I--)t[(l|0)-1-(I|0)]=U>>8*I&255;return t},x=function(U,l,t){t=this;try{PG(this,U,l)}catch(I){S(I,this),U(function(D){D(t.S)})}},mr=function(U,l,t,I,D,W){if(!l.S){l.W++;try{for(W=(I=void 0,l.H),D=0;--U;)try{if((t=void 0,l).C)I=Uv(l.C,l);else{if((D=J(99,l),D)>=W)break;I=(g(l,492,D),t=u(l),J)(t,l)}y(false,false,l,(I&&I[IB]&2048?I(l,U):h([R,21,t],0,l),U))}catch(P){J(20,l)?h(P,22,l):g(l,20,P)}if(!U){if(l.hA){mr(553527590301,(l.W--,l));return}h([R,33],0,l)}}catch(P){try{h(P,22,l)}catch(V){S(V,l)}}l.W--}},V0=function(U,l,t,I){(I=(t=u(U),u)(U),K)(I,U,M(J(t,U),l))},Uv=function(U,l){return(U=U.create().shift(),l.C).create().length||l.s.create().length||(l.C=void 0,l.s=void 0),U},De=function(U,l){(l.push(U[0]<<24|U[1]<<16|U[2]<<8|U[3]),l.push(U[4]<<24|U[5]<<16|U[6]<<8|U[7]),l).push(U[8]<<24|U[9]<<16|U[10]<<8|U[11])},PG=function(U,l,t,I,D){for(U.ns=((U.AA=fi,(U.Hv=U[p],U).so=qw,U).yg=w2({get:function(){return this.concat()}},U.i),z)[U.i](U.yg,{value:{value:{}}}),I=0,D=[];128>I;I++)D[I]=String.fromCharCode(I);C(true,U,(f(U,(f(U,[((B(function(W){SV(4,W)},(B(function(W,P,V){g((P=(V=u((P=u(W),W)),J(P,W)),P=bY(P),W),V,P)},(g(U,299,[0,(B(function(W){V0(W,4)},(B(function(W,P,V,m,q){g(W,(V=(V=u((m=(P=u((q=u(W),W)),u(W)),W)),J(V,W)),m=J(m,W),P=J(P,W),q),cG(W,P,m,V))},(B(function(W,P){(W=(P=u(W),J)(P,W.I),W[0]).removeEventListener(W[1],W[2],A)},U,(B(function(W,P,V,m){g(W,(V=J((m=(V=u((P=u(W),W)),u(W)),P=J(P,W),V),W),m),P[V])},U,(B(function(W,P,V,m){g(W,(P=J((m=(P=u(W),u(W)),P),W),V=J(m,W),m),V+P)},(B(function(W,P,V,m){(m=u((V=(P=u(W),u(W)),W)),W).I==W&&(m=J(m,W),V=J(V,W),J(P,W)[V]=m,467==P&&(W.D=void 0,2==V&&(W.R=w(false,W,32),W.D=void 0)))},(g(U,(B(function(W){uY(4,W)},(B(function(W,P,V,m,q){for(m=(V=(q=tk((P=u(W),W)),[]),0);m<q;m++)V.push(E(W));g(W,P,V)},U,((B(function(W,P,V){V=(P=(V=u(W),u(W)),0!=J(V,W)),P=J(P,W),V&&g(W,99,P)},(B(function(W,P,V,m,q,e){y(false,true,W,P)||(m=Ci(W.I),q=m.o,e=q.length,V=m.v,P=m.mN,m=m.IS,q=0==e?new m[V]:1==e?new m[V](q[0]):2==e?new m[V](q[0],q[1]):3==e?new m[V](q[0],q[1],q[2]):4==e?new m[V](q[0],q[1],q[2],q[3]):2(),g(W,P,q))},U,(B((B(function(W,P,V,m){!y(false,true,W,P)&&(P=Ci(W),m=P.IS,V=P.v,W.I==W||V==W.Si&&m==W)&&(g(W,P.mN,V.apply(m,P.o)),W.Z=W.B())},(g(U,253,(B((g(U,20,(g(U,391,(B(function(W,P,V,m){g(W,(m=J((P=(m=(V=u(W),u(W)),u(W)),m),W),V=J(V,W)==m,P),+V)},((B(function(W,P,V){g(W,(V=u(W),P=u(W),P),""+J(V,W))},(B((B(function(W,P,V,m){if(P=W.Fq.pop()){for(m=E(W);0<m;m--)V=u(W),P[V]=W.F[V];W.F=(P[223]=W.F[223],P[91]=W.F[91],P)}else g(W,99,W.H)},(g((B(function(W){V0(W,1)},(g(U,(U.gT=(B(function(){},U,(B(function(W,P,V,m){g(W,(m=(V=(P=u(W),E(W)),u)(W),m),J(P,W)>>>V)},((g(U,(B(function(W,P,V,m,q,e,c,b,d,Z,Q,a){function X(N,G){for(;V<N;)b|=E(W)<<V,V+=8;return V-=N,G=b&(1<<N)-1,b>>=N,G}for(Z=(a=(d=(b=V=(Q=u(W),0),(X(3)|0)+1),X)(5),0),e=[],P=0;P<a;P++)c=X(1),e.push(c),Z+=c?0:1;for(m=(Z=((Z|0)-1).toString(2).length,[]),P=0;P<a;P++)e[P]||(m[P]=X(Z));for(Z=0;Z<a;Z++)e[Z]&&(m[Z]=u(W));for(q=[];d--;)q.push(J(u(W),W));B(function(N,G,O,k,F){for(O=(k=0,G=[],[]);k<a;k++){if(!(F=m[k],e[k])){for(;F>=O.length;)O.push(u(N));F=O[F]}G.push(F)}N.s=eV(N,(N.C=eV(N,q.slice()),G))},W,Q)},U,((g(U,(g(U,(B((g(U,(g(U,(U.Eo=(((U.H=0,U).Fq=[],U.h=((U.G=0,U).I=U,[]),U.O=(U.N=false,U.j=8001,U.D=(U.Y=1,void 0),U.J=25,U.F=[],(U.T=null,U).cv=false,U.l=[],I=(U.s=void 0,(U.lC=0,window).performance||{}),0),U.Si=(U.U=(U.Z=(U.W=0,U.K=false,0),U.L=void 0,U.g=0,U.C=(U.S=void 0,void 0),U.R=void 0,void 0),U.P=[],function(W){this.I=W}),U).V=[],I.timeOrigin||(I.timing||{}).navigationStart||0),99),0),492),0),function(W,P,V,m,q,e,c){for(q=(c=(m=(V=u(W),e=tk(W),""),J(317,W)),c).length,P=0;e--;)P=((P|0)+(tk(W)|0))%q,m+=D[c[P]];g(W,V,m)}),U,11),212),{}),396),U),U.oS=0,B)(function(W,P,V,m){g(W,(V=(m=(V=(P=u(W),u)(W),u(W)),P=J(P,W),J(V,W)),m),P in V|0)},U,446),110)),91),2048),g(U,32,H(4)),B)(function(W,P,V,m,q){(m=J((q=(q=(m=(P=u((V=u(W),W)),u(W)),u)(W),P=J(P,W),J(q,W)),m),W),V=J(V,W.I),0!==V)&&(m=cG(W,m,q,1,V,P),V.addEventListener(P,m,A),g(W,173,[V,P,m]))},U,395),U),70),45)),0),263),[160,0,0]),U),5),U),173,0),U),9),B(function(W,P,V){y(false,true,W,P)||(P=u(W),V=u(W),g(W,V,function(m){return eval(m)}(Ev(J(P,W.I)))))},U,440),function(W,P,V,m,q,e){if(!y(true,true,W,P)){if("object"==(V=J((P=J((P=(V=u((m=(q=u(W),u(W)),W)),u(W)),P),W),m=J(m,W),V),W),W=J(q,W),bY(W))){for(e in q=[],W)q.push(e);W=q}for(q=(V=0<V?V:1,e=0,W.length);e<q;e+=V)m(W.slice(e,(e|0)+(V|0)),P)}}),U,422),U),479),B)(function(W,P){P=J(u(W),W),sv(P,W.I)},U,498),U),351),0)),119)),function(W){SV(3,W)}),U,279),[])),U),83),function(W,P,V,m){g(W,(V=u((m=(P=u(W),u)(W),W)),V),J(P,W)||J(m,W))}),U,41),270)),U),267),U).ZZ=0,0)),U),194),10),n),U),333),U),359),397)),477)),U),98),g(U,223,[]),U),504),0),0]),U),305),U),329),f)(U,[Ze]),L),t]),[iY,l])),true))},g=function(U,l,t){if(99==l||492==l)U.F[l]?U.F[l].concat(t):U.F[l]=eV(U,t);else{if(U.K&&467!=l)return;263==l||32==l||253==l||223==l||299==l?U.F[l]||(U.F[l]=Mw(t,U,102,l)):U.F[l]=Mw(t,U,97,l)}467==l&&(U.R=w(false,U,32),U.D=void 0)},bY=function(U,l,t){if("object"==(t=typeof U,t))if(U){if(U instanceof Array)return"array";if(U instanceof Object)return t;if((l=Object.prototype.toString.call(U),"[object Window]")==l)return"object";if("[object Array]"==l||"number"==typeof U.length&&"undefined"!=typeof U.splice&&"undefined"!=typeof U.propertyIsEnumerable&&!U.propertyIsEnumerable("splice"))return"array";if("[object Function]"==l||"undefined"!=typeof U.call&&"undefined"!=typeof U.propertyIsEnumerable&&!U.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==t&&"undefined"==typeof U.call)return"object";return t},lY=function(U,l,t,I,D){if(I=U[0],I==r)l.J=25,l.A(U);else if(I==p){D=U[1];try{t=l.S||l.A(U)}catch(W){S(W,l),t=l.S}D(t)}else if(I==d2)l.A(U);else if(I==L)l.A(U);else if(I==iY){try{for(t=0;t<l.P.length;t++)try{D=l.P[t],D[0][D[1]](D[2])}catch(W){}}catch(W){}(0,(l.P=[],U)[1])(function(W,P){l.u(W,true,P)},function(W){((W=!l.h.length,f)(l,[IB]),W)&&C(true,l,false)})}else{if(I==Y)return t=U[2],g(l,101,U[6]),g(l,212,t),l.A(U);I==IB?(l.F=null,l.l=[],l.V=[]):I==Ze&&"loading"===n.document.readyState&&(l.T=function(W,P){function V(){P||(P=true,W())}n.document.addEventListener((P=false,"DOMContentLoaded"),V,A),n.addEventListener("load",V,A)})}},H=function(U,l){for(l=[];U--;)l.push(255*Math.random()|0);return l},aB=function(U,l,t){return U.u(function(I){t=I},false,l),t},v,sv=function(U,l){g(l,99,(l.Fq.push(l.F.slice()),l.F[99]=void 0,U))},T,K=function(U,l,t,I,D,W){if(l.I==l)for(W=J(U,l),32==U?(U=function(P,V,m,q){if((q=W.length,m=(q|0)-4>>3,W.iC)!=m){m=(m<<(V=[(W.iC=m,0),0,D[1],D[2]],3))-4;try{W.Cs=xa(Nw(W,m),V,Nw(W,(m|0)+4))}catch(e){throw e;}}W.push(W.Cs[q&7]^P)},D=J(299,l)):U=function(P){W.push(P)},I&&U(I&255),l=t.length,I=0;I<l;I++)U(t[I])},hk=function(U,l,t,I){function D(){}return{invoke:(I=Jk(U,function(W){D&&(l&&g2(l),t=W,D(),D=void 0)},(t=void 0,!!l))[0],function(W,P,V,m){function q(){t(function(e){g2(function(){W(e)})},V)}if(!P)return P=I(V),W&&W(P),P;t?q():(m=D,D=function(){g2((m(),q))})})}},SV=function(U,l,t,I,D){K(((t=(I=(t=(D=U&4,U&=3,u(l)),u)(l),J(t,l)),D)&&(t=jV(""+t)),U&&K(I,l,M(t.length,2)),I),l,t)},h=function(U,l,t,I,D,W){if(!t.K){if(3<(U=J(91,((l=((W=J(223,((I=void 0,U)&&U[0]===R&&(l=U[1],I=U[2],U=void 0),t)),0==W.length)&&(D=J(492,t)>>3,W.push(l,D>>8&255,D&255),void 0!=I&&W.push(I&255)),""),U)&&(U.message&&(l+=U.message),U.stack&&(l+=":"+U.stack)),t)),U)){(I=(l=(l=l.slice(0,(U|0)-3),U-=(l.length|0)+3,jV(l)),t.I),t).I=t;try{K(32,t,M(l.length,2).concat(l),9)}finally{t.I=I}}g(t,91,U)}},jV=function(U,l,t,I,D){for(D=(U=U.replace(/\\r\\n/g,"\\n"),I=0,[]),t=0;I<U.length;I++)l=U.charCodeAt(I),128>l?D[t++]=l:(2048>l?D[t++]=l>>6|192:(55296==(l&64512)&&I+1<U.length&&56320==(U.charCodeAt(I+1)&64512)?(l=65536+((l&1023)<<10)+(U.charCodeAt(++I)&1023),D[t++]=l>>18|240,D[t++]=l>>12&63|128):D[t++]=l>>12|224,D[t++]=l>>6&63|128),D[t++]=l&63|128);return D},w=function(U,l,t,I,D,W,P,V,m,q,e,c,b,d){if((e=J(99,l),e)>=l.H)throw[R,31];for(D=(I=l.Hv.length,b=0,t),m=e;0<D;)c=m%8,P=m>>3,W=8-(c|0),W=W<D?W:D,d=l.l[P],U&&(q=l,q.D!=m>>6&&(q.D=m>>6,V=J(467,q),q.L=xa(q.R,[0,0,V[1],V[2]],q.D)),d^=l.L[P&I]),m+=W,b|=(d>>8-(c|0)-(W|0)&(1<<W)-1)<<(D|0)-(W|0),D-=W;return g((U=b,l),99,(e|0)+(t|0)),U},uY=function(U,l,t,I){for(I=(t=u(l),0);0<U;U--)I=I<<8|E(l);g(l,t,I)},A={passive:true,capture:true},n=this||self,oB=function(U,l,t,I){try{I=U[((l|0)+2)%3],U[l]=(U[l]|0)-(U[((l|0)+1)%3]|0)-(I|0)^(1==l?I<<t:I>>>t)}catch(D){throw D;}},y=function(U,l,t,I,D,W,P,V,m){if(t.Y+=(W=(D=(P=(l||t.U++,0<t.O&&t.N)&&t.cv&&1>=t.W&&!t.C&&!t.T&&(!l||1<t.j-I)&&0==document.hidden,V=4==t.U)||P?t.B():t.Z,D-t.Z),m=W>>14,t.R&&(t.R^=m*(W<<2)),m),t.I=m||t.I,V||P)t.U=0,t.Z=D;if(!P||D-t.g<t.O-(U?255:l?5:2))return false;return!((g(t,(t.j=I,U=J(l?492:99,t),99),t.H),t.h.push([d2,U,l?I+1:I]),t).T=g2,0)},Nw=function(U,l){return U[l]<<24|U[(l|0)+1]<<16|U[(l|0)+2]<<8|U[(l|0)+3]},Mw=function(U,l,t,I,D,W,P,V){return(U=[-32,-66,-39,(P=t&(W=RB,7),-36),-61,36,U,-76,70,41],V=z[l.i](l.yg),V)[l.i]=function(m){P+=(D=m,6+7*t),P&=7},V.concat=function(m){return m=(m=(m=I%16+1,1*I*I*m+(W()|0)*m+U[P+27&7]*I*m+P-m*D-48*I*I*D- -3168*I*D+48*D*D-3552*D),U[m]),D=void 0,U[(P+37&7)+(t&2)]=m,U[P+(t&2)]=-66,m},V},J=function(U,l){if((l=l.F[U],void 0)===l)throw[R,30,U];if(l.value)return l.create();return(l.create(1*U*U+-66*U+74),l).prototype},y0=function(U,l){return[(l(function(t){t(U)}),function(){return U})]},w2=function(U,l){return z[l](z.prototype,{pop:U,length:U,propertyIsEnumerable:U,floor:U,replace:U,splice:U,call:U,document:U,stack:U,parent:U,console:U,prototype:U})},xa=function(U,l,t,I,D){for(l=l[2]|(I=l[D=0,3]|0,0);14>D;D++)t=t>>>8|t<<24,t+=U|0,U=U<<3|U>>>29,t^=l+3261,I=I>>>8|I<<24,U^=t,I+=l|0,l=l<<3|l>>>29,I^=D+3261,l^=I;return[U>>>24&255,U>>>16&255,U>>>8&255,U>>>0&255,t>>>24&255,t>>>16&255,t>>>8&255,t>>>0&255]},cG=function(U,l,t,I,D,W){function P(){if(U.I==U){if(U.F){var V=[Y,l,t,void 0,D,W,arguments];if(2==I)var m=C((f(U,V),false),U,false);else if(1==I){var q=!U.h.length;(f(U,V),q)&&C(false,U,false)}else m=lY(V,U);return m}D&&W&&D.removeEventListener(W,P,A)}}return P},B=function(U,l,t){U[g(l,t,U),Ze]=2796},g2=n.requestIdleCallback?function(U){requestIdleCallback(function(){U()},{timeout:4})}:n.setImmediate?function(U){setImmediate(U)}:function(U){setTimeout(U,0)},Q0=function(U,l){if((U=n.trustedTypes,l=null,!U)||!U.createPolicy)return l;try{l=U.createPolicy("bg",{createHTML:Ki,createScript:Ki,createScriptURL:Ki})}catch(t){n.console&&n.console.error(t.message)}return l},Jk=function(U,l,t,I){return(I=v[U.substring(0,3)+"_"])?I(U.substring(3),l,t):y0(U,l)},eV=function(U,l,t){return((t=z[U.i](U.ns),t)[U.i]=function(){return l},t).concat=function(I){l=I},t},$a=function(U,l,t){if(3==U.length){for(t=0;3>t;t++)l[t]+=U[t];for(t=[13,(U=0,8),13,12,16,5,3,10,15];9>U;U++)l[3](l,U%3,t[U])}},Ci=function(U,l,t,I,D,W){for(I=(l=u((D=(t=(W=U[Xi]||{},u)(U),W.mN=u(U),W.o=[],U).I==U?(E(U)|0)-1:1,U)),0);I<D;I++)W.o.push(u(U));for(W.IS=J(l,U);D--;)W.o[D]=J(W.o[D],U);return W.v=J(t,U),W},S=function(U,l){l.S=((l.S?l.S+"~":"E:")+U.message+":"+U.stack).slice(0,2048)},Gm=function(U,l,t,I){return J(212,(g(U,99,(((I=J(99,U),U.l&&I<U.H)?(g(U,99,U.H),sv(t,U)):g(U,99,t),mr)(l,U),I)),U))},Ki=function(U){return U},Xi=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),d2=[],Ze=[],iY=[],p=(x.prototype.Wv=void 0,x.prototype.hA=(x.prototype.xQ=void 0,false),[]),Y=(x.prototype.X="toString",[]),IB=[],R={},r=[],L=[],z=(((De,function(){})(H),function(){})(oB),$a,R.constructor),RB=(T=x.prototype,T.ps=function(U,l,t,I,D,W){for(t=(D=I=0,[]);D<U.length;D++)for(I+=l,W=W<<l|U[D];7<I;)I-=8,t.push(W>>I&255);return t},void 0);T.rT=(T.DZ=((T.u=function(U,l,t,I,D){if((t="array"===bY(t)?t:[t],this).S)U(this.S);else try{I=[],D=!this.h.length,f(this,[r,I,t]),f(this,[p,U,I]),l&&!D||C(l,this,true)}catch(W){S(W,this),U(this.S)}},T).B=(window.performance||{}).now?function(){return this.Eo+window.performance.now()}:function(){return+new Date},T.Tb=function(U,l,t,I,D){for(I=D=0;I<U.length;I++)D+=U.charCodeAt(I),D+=D<<10,D^=D>>6;return(D=(U=(D+=D<<3,D^=D>>11,D+(D<<15)>>>0),new Number(U&(1<<l)-1)),D)[0]=(U>>>l)%t,D},T.RS=(x.prototype.i="create",function(){return Math.floor(this.B())}),function(){return Math.floor(this.G+(this.B()-this.g))}),function(U,l,t){return((l^=l<<13,l^=l>>17,l=(l^l<<5)&t)||(l=1),U)^l}),x.prototype.A=function(U,l){return U=(RB=function(){return l==U?74:111},l={},{}),function(t,I,D,W,P,V,m,q,e,c,b,d,Z,Q,a){Z=l,l=U;try{if(W=t[0],W==L){P=t[1];try{for(b=(D=[],c=atob(P),q=0);q<c.length;q++)d=c.charCodeAt(q),255<d&&(D[b++]=d&255,d>>=8),D[b++]=d;g(this,467,[0,0,(this.l=D,this.H=this.l.length<<3,0)])}catch(X){h(X,17,this);return}mr(8001,this)}else if(W==r)t[1].push(J(253,this).length,J(263,this).length,J(91,this),J(32,this).length),g(this,212,t[2]),this.F[175]&&Gm(this,8001,J(175,this));else{if(W==p){this.I=(I=(Q=M(((q=t[2],J(263,this)).length|0)+2,2),this).I,this);try{e=J(223,this),0<e.length&&K(263,this,M(e.length,2).concat(e),10),K(263,this,M(this.Y,1),109),K(263,this,M(this[p].length,1)),c=0,c-=(J(263,this).length|0)+5,c+=J(391,this)&2047,V=J(32,this),4<V.length&&(c-=(V.length|0)+3),0<c&&K(263,this,M(c,2).concat(H(c)),15),4<V.length&&K(263,this,M(V.length,2).concat(V),156)}finally{this.I=I}if((b=H(2).concat(J(263,this)),b[1]=b[0]^6,b[3]=b[1]^Q[0],b)[4]=b[1]^Q[1],a=this.bC(b))a="!"+a;else for(c=0,a="";c<b.length;c++)m=b[c][this.X](16),1==m.length&&(m="0"+m),a+=m;return J(32,(g(this,91,((J(253,(D=a,this)).length=q.shift(),J(263,this)).length=q.shift(),q.shift())),this)).length=q.shift(),D}if(W==d2)Gm(this,t[2],t[1]);else if(W==Y)return Gm(this,8001,t[1])}}finally{l=Z}}}();var qw,fi=/./,pi=L.pop.bind(x.prototype[x.prototype[iY]=[0,0,1,1,0,1,1],((x.prototype.bC=function(U,l,t,I){if(l=window.btoa){for(I=(t="",0);I<U.length;I+=8192)t+=String.fromCharCode.apply(null,U.slice(I,I+8192));U=l(t).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else U=void 0;return U},x.prototype).NT=0,x).prototype.Bv=0,r]),Ev=(qw=w2({get:pi},(fi[x.prototype.X]=pi,x.prototype.i)),x.prototype.kQ=void 0,function(U,l){return(l=Q0())&&1===U.eval(l.createScript("1"))?function(t){return l.createScript(t)}:function(t){return""+t}}(n));(40<(v=n.botguard||(n.botguard={}),v.m)||(v.m=41,v.bg=hk,v.a=Jk),v).VBW_=function(U,l,t){return[(t=new x(l,U),function(I){return aB(t,I)})]};}).call(this);'));
}).call(this);
                                    

#2 JavaScript::Eval (size: 15441, repeated: 1) - SHA256: 305a5aa1c4c01144dcad02e262a6965344f6ea18a0d26e88a21107539ba4cfd5

                                        (function() {
    var f = function(U, l) {
            U.h.splice(0, 0, l)
        },
        E = function(U) {
            return U.C ? Uv(U.s, U) : w(true, U, 8)
        },
        u = function(U, l) {
            if (U.C) return Uv(U.s, U);
            return (l = w(true, U, 8), l) & 128 && (l ^= 128, U = w(true, U, 2), l = (l << 2) + (U | 0)), l
        },
        WG = function(U, l, t, I) {
            for (; l.h.length;) {
                t = (l.T = null, l.h.pop());
                try {
                    I = lY(t, l)
                } catch (D) {
                    S(D, l)
                }
                if (U && l.T) {
                    (U = l.T, U)(function() {
                        C(true, l, true)
                    });
                    break
                }
            }
            return I
        },
        tk = function(U, l) {
            return (l = E(U), l) & 128 && (l = l & 127 | E(U) << 7), l
        },
        C = function(U, l, t, I, D, W) {
            if (l.h.length) {
                l.N && 0(), l.N = true, l.cv = U;
                try {
                    I = l.B(), l.Z = I, l.U = 0, l.g = I, W = WG(U, l), D = l.B() - l.g, l.G += D, D < (t ? 0 : 10) || 0 >= l.J-- || (D = Math.floor(D), l.V.push(254 >= D ? D : 254))
                } finally {
                    l.N = false
                }
                return W
            }
        },
        M = function(U, l, t, I) {
            for (I = (l | 0) - 1, t = []; 0 <= I; I--) t[(l | 0) - 1 - (I | 0)] = U >> 8 * I & 255;
            return t
        },
        x = function(U, l, t) {
            t = this;
            try {
                PG(this, U, l)
            } catch (I) {
                S(I, this), U(function(D) {
                    D(t.S)
                })
            }
        },
        mr = function(U, l, t, I, D, W) {
            if (!l.S) {
                l.W++;
                try {
                    for (W = (I = void 0, l.H), D = 0; --U;) try {
                        if ((t = void 0, l).C) I = Uv(l.C, l);
                        else {
                            if ((D = J(99, l), D) >= W) break;
                            I = (g(l, 492, D), t = u(l), J)(t, l)
                        }
                        y(false, false, l, (I && I[IB] & 2048 ? I(l, U) : h([R, 21, t], 0, l), U))
                    } catch (P) {
                        J(20, l) ? h(P, 22, l) : g(l, 20, P)
                    }
                    if (!U) {
                        if (l.hA) {
                            mr(553527590301, (l.W--, l));
                            return
                        }
                        h([R, 33], 0, l)
                    }
                } catch (P) {
                    try {
                        h(P, 22, l)
                    } catch (V) {
                        S(V, l)
                    }
                }
                l.W--
            }
        },
        V0 = function(U, l, t, I) {
            (I = (t = u(U), u)(U), K)(I, U, M(J(t, U), l))
        },
        Uv = function(U, l) {
            return (U = U.create().shift(), l.C).create().length || l.s.create().length || (l.C = void 0, l.s = void 0), U
        },
        De = function(U, l) {
            (l.push(U[0] << 24 | U[1] << 16 | U[2] << 8 | U[3]), l.push(U[4] << 24 | U[5] << 16 | U[6] << 8 | U[7]), l).push(U[8] << 24 | U[9] << 16 | U[10] << 8 | U[11])
        },
        PG = function(U, l, t, I, D) {
            for (U.ns = ((U.AA = fi, (U.Hv = U[p], U).so = qw, U).yg = w2({get: function() {
                        return this.concat()
                    }
                }, U.i), z)[U.i](U.yg, {
                    value: {
                        value: {}
                    }
                }), I = 0, D = []; 128 > I; I++) D[I] = String.fromCharCode(I);
            C(true, U, (f(U, (f(U, [((B(function(W) {
                SV(4, W)
            }, (B(function(W, P, V) {
                g((P = (V = u((P = u(W), W)), J(P, W)), P = bY(P), W), V, P)
            }, (g(U, 299, [0, (B(function(W) {
                V0(W, 4)
            }, (B(function(W, P, V, m, q) {
                g(W, (V = (V = u((m = (P = u((q = u(W), W)), u(W)), W)), J(V, W)), m = J(m, W), P = J(P, W), q), cG(W, P, m, V))
            }, (B(function(W, P) {
                (W = (P = u(W), J)(P, W.I), W[0]).removeEventListener(W[1], W[2], A)
            }, U, (B(function(W, P, V, m) {
                g(W, (V = J((m = (V = u((P = u(W), W)), u(W)), P = J(P, W), V), W), m), P[V])
            }, U, (B(function(W, P, V, m) {
                g(W, (P = J((m = (P = u(W), u(W)), P), W), V = J(m, W), m), V + P)
            }, (B(function(W, P, V, m) {
                (m = u((V = (P = u(W), u(W)), W)), W).I == W && (m = J(m, W), V = J(V, W), J(P, W)[V] = m, 467 == P && (W.D = void 0, 2 == V && (W.R = w(false, W, 32), W.D = void 0)))
            }, (g(U, (B(function(W) {
                uY(4, W)
            }, (B(function(W, P, V, m, q) {
                for (m = (V = (q = tk((P = u(W), W)), []), 0); m < q; m++) V.push(E(W));
                g(W, P, V)
            }, U, ((B(function(W, P, V) {
                V = (P = (V = u(W), u(W)), 0 != J(V, W)), P = J(P, W), V && g(W, 99, P)
            }, (B(function(W, P, V, m, q, e) {
                y(false, true, W, P) || (m = Ci(W.I), q = m.o, e = q.length, V = m.v, P = m.mN, m = m.IS, q = 0 == e ? new m[V] : 1 == e ? new m[V](q[0]) : 2 == e ? new m[V](q[0], q[1]) : 3 == e ? new m[V](q[0], q[1], q[2]) : 4 == e ? new m[V](q[0], q[1], q[2], q[3]) : 2(), g(W, P, q))
            }, U, (B((B(function(W, P, V, m) {
                !y(false, true, W, P) && (P = Ci(W), m = P.IS, V = P.v, W.I == W || V == W.Si && m == W) && (g(W, P.mN, V.apply(m, P.o)), W.Z = W.B())
            }, (g(U, 253, (B((g(U, 20, (g(U, 391, (B(function(W, P, V, m) {
                g(W, (m = J((P = (m = (V = u(W), u(W)), u(W)), m), W), V = J(V, W) == m, P), +V)
            }, ((B(function(W, P, V) {
                g(W, (V = u(W), P = u(W), P), "" + J(V, W))
            }, (B((B(function(W, P, V, m) {
                if (P = W.Fq.pop()) {
                    for (m = E(W); 0 < m; m--) V = u(W), P[V] = W.F[V];
                    W.F = (P[223] = W.F[223], P[91] = W.F[91], P)
                } else g(W, 99, W.H)
            }, (g((B(function(W) {
                V0(W, 1)
            }, (g(U, (U.gT = (B(function() {}, U, (B(function(W, P, V, m) {
                g(W, (m = (V = (P = u(W), E(W)), u)(W), m), J(P, W) >>> V)
            }, ((g(U, (B(function(W, P, V, m, q, e, c, b, d, Z, Q, a) {
                function X(N, G) {
                    for (; V < N;) b |= E(W) << V, V += 8;
                    return V -= N, G = b & (1 << N) - 1, b >>= N, G
                }
                for (Z = (a = (d = (b = V = (Q = u(W), 0), (X(3) | 0) + 1), X)(5), 0), e = [], P = 0; P < a; P++) c = X(1), e.push(c), Z += c ? 0 : 1;
                for (m = (Z = ((Z | 0) - 1).toString(2).length, []), P = 0; P < a; P++) e[P] || (m[P] = X(Z));
                for (Z = 0; Z < a; Z++) e[Z] && (m[Z] = u(W));
                for (q = []; d--;) q.push(J(u(W), W));
                B(function(N, G, O, k, F) {
                    for (O = (k = 0, G = [], []); k < a; k++) {
                        if (!(F = m[k], e[k])) {
                            for (; F >= O.length;) O.push(u(N));
                            F = O[F]
                        }
                        G.push(F)
                    }
                    N.s = eV(N, (N.C = eV(N, q.slice()), G))
                }, W, Q)
            }, U, ((g(U, (g(U, (B((g(U, (g(U, (U.Eo = (((U.H = 0, U).Fq = [], U.h = ((U.G = 0, U).I = U, []), U.O = (U.N = false, U.j = 8001, U.D = (U.Y = 1, void 0), U.J = 25, U.F = [], (U.T = null, U).cv = false, U.l = [], I = (U.s = void 0, (U.lC = 0, window).performance || {}), 0), U.Si = (U.U = (U.Z = (U.W = 0, U.K = false, 0), U.L = void 0, U.g = 0, U.C = (U.S = void 0, void 0), U.R = void 0, void 0), U.P = [], function(W) {
                this.I = W
            }), U).V = [], I.timeOrigin || (I.timing || {}).navigationStart || 0), 99), 0), 492), 0), function(W, P, V, m, q, e, c) {
                for (q = (c = (m = (V = u(W), e = tk(W), ""), J(317, W)), c).length, P = 0; e--;) P = ((P | 0) + (tk(W) | 0)) % q, m += D[c[P]];
                g(W, V, m)
            }), U, 11), 212), {}), 396), U), U.oS = 0, B)(function(W, P, V, m) {
                g(W, (V = (m = (V = (P = u(W), u)(W), u(W)), P = J(P, W), J(V, W)), m), P in V | 0)
            }, U, 446), 110)), 91), 2048), g(U, 32, H(4)), B)(function(W, P, V, m, q) {
                (m = J((q = (q = (m = (P = u((V = u(W), W)), u(W)), u)(W), P = J(P, W), J(q, W)), m), W), V = J(V, W.I), 0 !== V) && (m = cG(W, m, q, 1, V, P), V.addEventListener(P, m, A), g(W, 173, [V, P, m]))
            }, U, 395), U), 70), 45)), 0), 263), [160, 0, 0]), U), 5), U), 173, 0), U), 9), B(function(W, P, V) {
                y(false, true, W, P) || (P = u(W), V = u(W), g(W, V, function(m) {
                    return eval(m)
                }(Ev(J(P, W.I)))))
            }, U, 440), function(W, P, V, m, q, e) {
                if (!y(true, true, W, P)) {
                    if ("object" == (V = J((P = J((P = (V = u((m = (q = u(W), u(W)), W)), u(W)), P), W), m = J(m, W), V), W), W = J(q, W), bY(W))) {
                        for (e in q = [], W) q.push(e);
                        W = q
                    }
                    for (q = (V = 0 < V ? V : 1, e = 0, W.length); e < q; e += V) m(W.slice(e, (e | 0) + (V | 0)), P)
                }
            }), U, 422), U), 479), B)(function(W, P) {
                P = J(u(W), W), sv(P, W.I)
            }, U, 498), U), 351), 0)), 119)), function(W) {
                SV(3, W)
            }), U, 279), [])), U), 83), function(W, P, V, m) {
                g(W, (V = u((m = (P = u(W), u)(W), W)), V), J(P, W) || J(m, W))
            }), U, 41), 270)), U), 267), U).ZZ = 0, 0)), U), 194), 10), n), U), 333), U), 359), 397)), 477)), U), 98), g(U, 223, []), U), 504), 0), 0]), U), 305), U), 329), f)(U, [Ze]), L), t]), [iY, l])), true))
        },
        g = function(U, l, t) {
            if (99 == l || 492 == l) U.F[l] ? U.F[l].concat(t) : U.F[l] = eV(U, t);
            else {
                if (U.K && 467 != l) return;
                263 == l || 32 == l || 253 == l || 223 == l || 299 == l ? U.F[l] || (U.F[l] = Mw(t, U, 102, l)) : U.F[l] = Mw(t, U, 97, l)
            }
            467 == l && (U.R = w(false, U, 32), U.D = void 0)
        },
        bY = function(U, l, t) {
            if ("object" == (t = typeof U, t))
                if (U) {
                    if (U instanceof Array) return "array";
                    if (U instanceof Object) return t;
                    if ((l = Object.prototype.toString.call(U), "[object Window]") == l) return "object";
                    if ("[object Array]" == l || "number" == typeof U.length && "undefined" != typeof U.splice && "undefined" != typeof U.propertyIsEnumerable && !U.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == l || "undefined" != typeof U.call && "undefined" != typeof U.propertyIsEnumerable && !U.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == t && "undefined" == typeof U.call) return "object";
            return t
        },
        lY = function(U, l, t, I, D) {
            if (I = U[0], I == r) l.J = 25, l.A(U);
            else if (I == p) {
                D = U[1];
                try {
                    t = l.S || l.A(U)
                } catch (W) {
                    S(W, l), t = l.S
                }
                D(t)
            } else if (I == d2) l.A(U);
            else if (I == L) l.A(U);
            else if (I == iY) {
                try {
                    for (t = 0; t < l.P.length; t++) try {
                        D = l.P[t], D[0][D[1]](D[2])
                    } catch (W) {}
                } catch (W) {}(0, (l.P = [], U)[1])(function(W, P) {
                    l.u(W, true, P)
                }, function(W) {
                    ((W = !l.h.length, f)(l, [IB]), W) && C(true, l, false)
                })
            } else {
                if (I == Y) return t = U[2], g(l, 101, U[6]), g(l, 212, t), l.A(U);
                I == IB ? (l.F = null, l.l = [], l.V = []) : I == Ze && "loading" === n.document.readyState && (l.T = function(W, P) {
                    function V() {
                        P || (P = true, W())
                    }
                    n.document.addEventListener((P = false, "DOMContentLoaded"), V, A), n.addEventListener("load", V, A)
                })
            }
        },
        H = function(U, l) {
            for (l = []; U--;) l.push(255 * Math.random() | 0);
            return l
        },
        aB = function(U, l, t) {
            return U.u(function(I) {
                t = I
            }, false, l), t
        },
        v, sv = function(U, l) {
            g(l, 99, (l.Fq.push(l.F.slice()), l.F[99] = void 0, U))
        },
        T, K = function(U, l, t, I, D, W) {
            if (l.I == l)
                for (W = J(U, l), 32 == U ? (U = function(P, V, m, q) {
                        if ((q = W.length, m = (q | 0) - 4 >> 3, W.iC) != m) {
                            m = (m << (V = [(W.iC = m, 0), 0, D[1], D[2]], 3)) - 4;
                            try {
                                W.Cs = xa(Nw(W, m), V, Nw(W, (m | 0) + 4))
                            } catch (e) {
                                throw e;
                            }
                        }
                        W.push(W.Cs[q & 7] ^ P)
                    }, D = J(299, l)) : U = function(P) {
                        W.push(P)
                    }, I && U(I & 255), l = t.length, I = 0; I < l; I++) U(t[I])
        },
        hk = function(U, l, t, I) {
            function D() {}
            return {
                invoke: (I = Jk(U, function(W) {
                    D && (l && g2(l), t = W, D(), D = void 0)
                }, (t = void 0, !!l))[0], function(W, P, V, m) {
                    function q() {
                        t(function(e) {
                            g2(function() {
                                W(e)
                            })
                        }, V)
                    }
                    if (!P) return P = I(V), W && W(P), P;
                    t ? q() : (m = D, D = function() {
                        g2((m(), q))
                    })
                })
            }
        },
        SV = function(U, l, t, I, D) {
            K(((t = (I = (t = (D = U & 4, U &= 3, u(l)), u)(l), J(t, l)), D) && (t = jV("" + t)), U && K(I, l, M(t.length, 2)), I), l, t)
        },
        h = function(U, l, t, I, D, W) {
            if (!t.K) {
                if (3 < (U = J(91, ((l = ((W = J(223, ((I = void 0, U) && U[0] === R && (l = U[1], I = U[2], U = void 0), t)), 0 == W.length) && (D = J(492, t) >> 3, W.push(l, D >> 8 & 255, D & 255), void 0 != I && W.push(I & 255)), ""), U) && (U.message && (l += U.message), U.stack && (l += ":" + U.stack)), t)), U)) {
                    (I = (l = (l = l.slice(0, (U | 0) - 3), U -= (l.length | 0) + 3, jV(l)), t.I), t).I = t;
                    try {
                        K(32, t, M(l.length, 2).concat(l), 9)
                    } finally {
                        t.I = I
                    }
                }
                g(t, 91, U)
            }
        },
        jV = function(U, l, t, I, D) {
            for (D = (U = U.replace(/\r\n/g, "\n"), I = 0, []), t = 0; I < U.length; I++) l = U.charCodeAt(I), 128 > l ? D[t++] = l : (2048 > l ? D[t++] = l >> 6 | 192 : (55296 == (l & 64512) && I + 1 < U.length && 56320 == (U.charCodeAt(I + 1) & 64512) ? (l = 65536 + ((l & 1023) << 10) + (U.charCodeAt(++I) & 1023), D[t++] = l >> 18 | 240, D[t++] = l >> 12 & 63 | 128) : D[t++] = l >> 12 | 224, D[t++] = l >> 6 & 63 | 128), D[t++] = l & 63 | 128);
            return D
        },
        w = function(U, l, t, I, D, W, P, V, m, q, e, c, b, d) {
            if ((e = J(99, l), e) >= l.H) throw [R, 31];
            for (D = (I = l.Hv.length, b = 0, t), m = e; 0 < D;) c = m % 8, P = m >> 3, W = 8 - (c | 0), W = W < D ? W : D, d = l.l[P], U && (q = l, q.D != m >> 6 && (q.D = m >> 6, V = J(467, q), q.L = xa(q.R, [0, 0, V[1], V[2]], q.D)), d ^= l.L[P & I]), m += W, b |= (d >> 8 - (c | 0) - (W | 0) & (1 << W) - 1) << (D | 0) - (W | 0), D -= W;
            return g((U = b, l), 99, (e | 0) + (t | 0)), U
        },
        uY = function(U, l, t, I) {
            for (I = (t = u(l), 0); 0 < U; U--) I = I << 8 | E(l);
            g(l, t, I)
        },
        A = {
            passive: true,
            capture: true
        },
        n = this || self,
        oB = function(U, l, t, I) {
            try {
                I = U[((l | 0) + 2) % 3], U[l] = (U[l] | 0) - (U[((l | 0) + 1) % 3] | 0) - (I | 0) ^ (1 == l ? I << t : I >>> t)
            } catch (D) {
                throw D;
            }
        },
        y = function(U, l, t, I, D, W, P, V, m) {
            if (t.Y += (W = (D = (P = (l || t.U++, 0 < t.O && t.N) && t.cv && 1 >= t.W && !t.C && !t.T && (!l || 1 < t.j - I) && 0 == document.hidden, V = 4 == t.U) || P ? t.B() : t.Z, D - t.Z), m = W >> 14, t.R && (t.R ^= m * (W << 2)), m), t.I = m || t.I, V || P) t.U = 0, t.Z = D;
            if (!P || D - t.g < t.O - (U ? 255 : l ? 5 : 2)) return false;
            return !((g(t, (t.j = I, U = J(l ? 492 : 99, t), 99), t.H), t.h.push([d2, U, l ? I + 1 : I]), t).T = g2, 0)
        },
        Nw = function(U, l) {
            return U[l] << 24 | U[(l | 0) + 1] << 16 | U[(l | 0) + 2] << 8 | U[(l | 0) + 3]
        },
        Mw = function(U, l, t, I, D, W, P, V) {
            return (U = [-32, -66, -39, (P = t & (W = RB, 7), -36), -61, 36, U, -76, 70, 41], V = z[l.i](l.yg), V)[l.i] = function(m) {
                P += (D = m, 6 + 7 * t), P &= 7
            }, V.concat = function(m) {
                return m = (m = (m = I % 16 + 1, 1 * I * I * m + (W() | 0) * m + U[P + 27 & 7] * I * m + P - m * D - 48 * I * I * D - -3168 * I * D + 48 * D * D - 3552 * D), U[m]), D = void 0, U[(P + 37 & 7) + (t & 2)] = m, U[P + (t & 2)] = -66, m
            }, V
        },
        J = function(U, l) {
            if ((l = l.F[U], void 0) === l) throw [R, 30, U];
            if (l.value) return l.create();
            return (l.create(1 * U * U + -66 * U + 74), l).prototype
        },
        y0 = function(U, l) {
            return [(l(function(t) {
                t(U)
            }), function() {
                return U
            })]
        },
        w2 = function(U, l) {
            return z[l](z.prototype, {
                pop: U,
                length: U,
                propertyIsEnumerable: U,
                floor: U,
                replace: U,
                splice: U,
                call: U,
                document: U,
                stack: U,
                parent: U,
                console: U,
                prototype: U
            })
        },
        xa = function(U, l, t, I, D) {
            for (l = l[2] | (I = l[D = 0, 3] | 0, 0); 14 > D; D++) t = t >>> 8 | t << 24, t += U | 0, U = U << 3 | U >>> 29, t ^= l + 3261, I = I >>> 8 | I << 24, U ^= t, I += l | 0, l = l << 3 | l >>> 29, I ^= D + 3261, l ^= I;
            return [U >>> 24 & 255, U >>> 16 & 255, U >>> 8 & 255, U >>> 0 & 255, t >>> 24 & 255, t >>> 16 & 255, t >>> 8 & 255, t >>> 0 & 255]
        },
        cG = function(U, l, t, I, D, W) {
            function P() {
                if (U.I == U) {
                    if (U.F) {
                        var V = [Y, l, t, void 0, D, W, arguments];
                        if (2 == I) var m = C((f(U, V), false), U, false);
                        else if (1 == I) {
                            var q = !U.h.length;
                            (f(U, V), q) && C(false, U, false)
                        } else m = lY(V, U);
                        return m
                    }
                    D && W && D.removeEventListener(W, P, A)
                }
            }
            return P
        },
        B = function(U, l, t) {
            U[g(l, t, U), Ze] = 2796
        },
        g2 = n.requestIdleCallback ? function(U) {
            requestIdleCallback(function() {
                U()
            }, {
                timeout: 4
            })
        } : n.setImmediate ? function(U) {
            setImmediate(U)
        } : function(U) {
            setTimeout(U, 0)
        },
        Q0 = function(U, l) {
            if ((U = n.trustedTypes, l = null, !U) || !U.createPolicy) return l;
            try {
                l = U.createPolicy("bg", {
                    createHTML: Ki,
                    createScript: Ki,
                    createScriptURL: Ki
                })
            } catch (t) {
                n.console && n.console.error(t.message)
            }
            return l
        },
        Jk = function(U, l, t, I) {
            return (I = v[U.substring(0, 3) + "_"]) ? I(U.substring(3), l, t) : y0(U, l)
        },
        eV = function(U, l, t) {
            return ((t = z[U.i](U.ns), t)[U.i] = function() {
                return l
            }, t).concat = function(I) {
                l = I
            }, t
        },
        $a = function(U, l, t) {
            if (3 == U.length) {
                for (t = 0; 3 > t; t++) l[t] += U[t];
                for (t = [13, (U = 0, 8), 13, 12, 16, 5, 3, 10, 15]; 9 > U; U++) l[3](l, U % 3, t[U])
            }
        },
        Ci = function(U, l, t, I, D, W) {
            for (I = (l = u((D = (t = (W = U[Xi] || {}, u)(U), W.mN = u(U), W.o = [], U).I == U ? (E(U) | 0) - 1 : 1, U)), 0); I < D; I++) W.o.push(u(U));
            for (W.IS = J(l, U); D--;) W.o[D] = J(W.o[D], U);
            return W.v = J(t, U), W
        },
        S = function(U, l) {
            l.S = ((l.S ? l.S + "~" : "E:") + U.message + ":" + U.stack).slice(0, 2048)
        },
        Gm = function(U, l, t, I) {
            return J(212, (g(U, 99, (((I = J(99, U), U.l && I < U.H) ? (g(U, 99, U.H), sv(t, U)) : g(U, 99, t), mr)(l, U), I)), U))
        },
        Ki = function(U) {
            return U
        },
        Xi = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        d2 = [],
        Ze = [],
        iY = [],
        p = (x.prototype.Wv = void 0, x.prototype.hA = (x.prototype.xQ = void 0, false), []),
        Y = (x.prototype.X = "toString", []),
        IB = [],
        R = {},
        r = [],
        L = [],
        z = (((De, function() {})(H), function() {})(oB), $a, R.constructor),
        RB = (T = x.prototype, T.ps = function(U, l, t, I, D, W) {
            for (t = (D = I = 0, []); D < U.length; D++)
                for (I += l, W = W << l | U[D]; 7 < I;) I -= 8, t.push(W >> I & 255);
            return t
        }, void 0);
    T.rT = (T.DZ = ((T.u = function(U, l, t, I, D) {
        if ((t = "array" === bY(t) ? t : [t], this).S) U(this.S);
        else try {
            I = [], D = !this.h.length, f(this, [r, I, t]), f(this, [p, U, I]), l && !D || C(l, this, true)
        } catch (W) {
            S(W, this), U(this.S)
        }
    }, T).B = (window.performance || {}).now ? function() {
        return this.Eo + window.performance.now()
    } : function() {
        return +new Date
    }, T.Tb = function(U, l, t, I, D) {
        for (I = D = 0; I < U.length; I++) D += U.charCodeAt(I), D += D << 10, D ^= D >> 6;
        return (D = (U = (D += D << 3, D ^= D >> 11, D + (D << 15) >>> 0), new Number(U & (1 << l) - 1)), D)[0] = (U >>> l) % t, D
    }, T.RS = (x.prototype.i = "create", function() {
        return Math.floor(this.B())
    }), function() {
        return Math.floor(this.G + (this.B() - this.g))
    }), function(U, l, t) {
        return ((l ^= l << 13, l ^= l >> 17, l = (l ^ l << 5) & t) || (l = 1), U) ^ l
    }), x.prototype.A = function(U, l) {
        return U = (RB = function() {
                return l == U ? 74 : 111
            }, l = {}, {}),
            function(t, I, D, W, P, V, m, q, e, c, b, d, Z, Q, a) {
                Z = l, l = U;
                try {
                    if (W = t[0], W == L) {
                        P = t[1];
                        try {
                            for (b = (D = [], c = atob(P), q = 0); q < c.length; q++) d = c.charCodeAt(q), 255 < d && (D[b++] = d & 255, d >>= 8), D[b++] = d;
                            g(this, 467, [0, 0, (this.l = D, this.H = this.l.length << 3, 0)])
                        } catch (X) {
                            h(X, 17, this);
                            return
                        }
                        mr(8001, this)
                    } else if (W == r) t[1].push(J(253, this).length, J(263, this).length, J(91, this), J(32, this).length), g(this, 212, t[2]), this.F[175] && Gm(this, 8001, J(175, this));
                    else {
                        if (W == p) {
                            this.I = (I = (Q = M(((q = t[2], J(263, this)).length | 0) + 2, 2), this).I, this);
                            try {
                                e = J(223, this), 0 < e.length && K(263, this, M(e.length, 2).concat(e), 10), K(263, this, M(this.Y, 1), 109), K(263, this, M(this[p].length, 1)), c = 0, c -= (J(263, this).length | 0) + 5, c += J(391, this) & 2047, V = J(32, this), 4 < V.length && (c -= (V.length | 0) + 3), 0 < c && K(263, this, M(c, 2).concat(H(c)), 15), 4 < V.length && K(263, this, M(V.length, 2).concat(V), 156)
                            } finally {
                                this.I = I
                            }
                            if ((b = H(2).concat(J(263, this)), b[1] = b[0] ^ 6, b[3] = b[1] ^ Q[0], b)[4] = b[1] ^ Q[1], a = this.bC(b)) a = "!" + a;
                            else
                                for (c = 0, a = ""; c < b.length; c++) m = b[c][this.X](16), 1 == m.length && (m = "0" + m), a += m;
                            return J(32, (g(this, 91, ((J(253, (D = a, this)).length = q.shift(), J(263, this)).length = q.shift(), q.shift())), this)).length = q.shift(), D
                        }
                        if (W == d2) Gm(this, t[2], t[1]);
                        else if (W == Y) return Gm(this, 8001, t[1])
                    }
                } finally {
                    l = Z
                }
            }
    }();
    var qw, fi = /./,
        pi = L.pop.bind(x.prototype[x.prototype[iY] = [0, 0, 1, 1, 0, 1, 1], ((x.prototype.bC = function(U, l, t, I) {
            if (l = window.btoa) {
                for (I = (t = "", 0); I < U.length; I += 8192) t += String.fromCharCode.apply(null, U.slice(I, I + 8192));
                U = l(t).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else U = void 0;
            return U
        }, x.prototype).NT = 0, x).prototype.Bv = 0, r]),
        Ev = (qw = w2({get: pi
        }, (fi[x.prototype.X] = pi, x.prototype.i)), x.prototype.kQ = void 0, function(U, l) {
            return (l = Q0()) && 1 === U.eval(l.createScript("1")) ? function(t) {
                return l.createScript(t)
            } : function(t) {
                return "" + t
            }
        }(n));
    (40 < (v = n.botguard || (n.botguard = {}), v.m) || (v.m = 41, v.bg = hk, v.a = Jk), v).VBW_ = function(U, l, t) {
        return [(t = new x(l, U), function(I) {
            return aB(t, I)
        })]
    };
}).call(this);
                                    

#3 JavaScript::Eval (size: 22, repeated: 1) - SHA256: cddf3e74bfb30b711ab78ab593d81b8eeaceb67583ef5cb097cb54dcb14f24ce

                                        0,
function(W) {
    uY(1, W)
}
                                    

#4 JavaScript::Eval (size: 64, repeated: 1) - SHA256: f9b61a95c5995b1614d5988fe5a9aeebaa6ed941137234bd00d42e77f5661756

                                        0,
function(W, P, V) {
    g(W, (V = (P = (V = u(W), u(W)), W.F[V] && J(V, W)), P), V)
}
                                    

#5 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 590040aae3e25b40a2c334846d348c384c60ede4211a4373be806ca2ee55d9f9

                                        0,
function(W) {
    uY(2, W)
}
                                    

Executed Writes (0)



HTTP Transactions (85)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 00:15:35 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fGv_CdeTzhLk7v8oZyd0IYAuF2Sfq_40VLCGj-kiNzvhX4_MxlauCw==
Age: 1556


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3378
Expires: Wed, 28 Sep 2022 01:37:49 GMT
Date: Wed, 28 Sep 2022 00:41:31 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8GQAh-4BdeFtChP5hz8s0h3dkxVQPBGcXTOvqodHfDBsAMc61IjF4Q==
age: 55038
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 28 Sep 2022 00:41:31 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /cart?cart_token=shopify-9aa94aff4c7cdcaaea2e830b6cf0c7cc&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=14ff4ff5f9af26f9f5ee151204a5531f29ab3dff&customerToken=998b10c0-3eb0-11ed-b47e-3fdebbc9a44c HTTP/1.1 
Host: seguro.ofertasdeverao.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         170.82.173.30
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Wed, 28 Sep 2022 00:41:31 GMT
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://seguro.ofertasdeverao.online:443/cart?cart_token=shopify-9aa94aff4c7cdcaaea2e830b6cf0c7cc&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=14ff4ff5f9af26f9f5ee151204a5531f29ab3dff&customerToken=998b10c0-3eb0-11ed-b47e-3fdebbc9a44c
X-GoCache-CacheStatus: BYPASS
Server: gocache


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   134
Md5:    4aa7a432bb447f094408f1bd6229c605
Sha1:   1965c4952cc8c082a6307ed67061a57aab6632fa
Sha256: 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 00:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 00:12:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mvLIFmQXpH3kYVc1SYNcDwgutiPwC1Epsj-f_3o7mQ5E_DTEhKQGRA==
Age: 1845


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E74A396B4726B61D9C91053F925B17E8B7927A082DF826CF4B71F3E460A44BDF"
Last-Modified: Wed, 28 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Wed, 28 Sep 2022 06:41:03 GMT
Date: Wed, 28 Sep 2022 00:41:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4288
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 00:41:32 GMT
Last-Modified: Tue, 27 Sep 2022 23:30:04 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: U5E4vqN63paSkSDjMs2HRw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         100.20.30.105
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +/C8JcoN15BwN8fSIEbz7Ylagxk=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10390
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Wed, 28 Sep 2022 00:41:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10390
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Wed, 28 Sep 2022 00:41:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10390
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Wed, 28 Sep 2022 00:41:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10390
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Wed, 28 Sep 2022 00:41:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10390
Expires: Wed, 28 Sep 2022 03:34:43 GMT
Date: Wed, 28 Sep 2022 00:41:33 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: y3DefdcXJyoDHpJXwz460gfWcv2JUboOFExNQmTFgy30B4mn54Xvuw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:30 GMT
age: 10623
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12016
Md5:    4b794c6812cb546de0295e087ebe66a7
Sha1:   a54803cca7d3c509c195f65961e1110c8ec56f55
Sha256: 6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a264fec-4624-4025-b0d1-044fc33e338f.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9780
x-amzn-requestid: 9938422e-12cd-4aab-9e58-c26b8fee53b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UOH3DoAMFZRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-37105d923f19437025abec71;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Halsx09hxT_sMRc2jy-fJA0tE85F6Bgz9P9Trx02Z9aMfIZVLkLW4g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:11:14 GMT
age: 9019
etag: "1a1139cff14aff6755b9e43ff4ef8c9ece1102c1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9780
Md5:    43d7c0db2af42ad4d0095324b2691f6c
Sha1:   1a1139cff14aff6755b9e43ff4ef8c9ece1102c1
Sha256: 42073c84e0c215109b54ab55a53cce9e6cce44f4619f5988fa4e2776ff70b362
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11314
x-amzn-requestid: 9f410158-cd1a-45a9-9e86-4005b25577e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4Hw7oAMFpAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-70683c681f22a3b6103fcb4a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l9IinQYCcQV_iymSArIEnOWgbmLlmVqz94402zcsmga5Bp3Sty7QRg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:49 GMT
age: 10844
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11314
Md5:    ee83d08d024d127fad5918e1ffacb78b
Sha1:   8ad289a77705358ab660b6123e9d90de991b6c13
Sha256: aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6157
x-amzn-requestid: a51846e4-4e25-455f-885b-acf2567f2e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlObH7XIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f28-4e6a68a74edb1ad850e17dac;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2g98EnyiFhkZTsqis2_ASfjM-YTJmcUJ-Mwcl1dWlruzrWDuojPA0w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:29:45 GMT
age: 61908
etag: "a6b1c3e0d506ac1c66405e061e9910fafb176a7d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6157
Md5:    b255b252ceed088d6f505e7e9acfcb55
Sha1:   a6b1c3e0d506ac1c66405e061e9910fafb176a7d
Sha256: b796a98834c7ecf220d13bfba61e81a9b90d472d2aa725ff66888cbddad731e7
                                        
                                            GET /cart?cart_token=shopify-9aa94aff4c7cdcaaea2e830b6cf0c7cc&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=14ff4ff5f9af26f9f5ee151204a5531f29ab3dff&customerToken=998b10c0-3eb0-11ed-b47e-3fdebbc9a44c HTTP/1.1 
Host: seguro.ofertasdeverao.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         170.82.174.30
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 00:41:32 GMT
location: https://seguro.ofertasdeverao.online/checkout/payment?cart_token=shopify-9aa94aff4c7cdcaaea2e830b6cf0c7cc&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=14ff4ff5f9af26f9f5ee151204a5531f29ab3dff&customerToken=998b10c0-3eb0-11ed-b47e-3fdebbc9a44c
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjdIZlhaaFdxMWtFMVM4UnFpclJiTnc9PSIsInZhbHVlIjoiYjRBZ0o0dVwvWHlSR2M3bDBRV2l2UG5EN05idUIwTm9QcTJ2MTFNREZSSW1hU0JhUUlZUXZBT2I0YnBVYjJjNVwvTGxURVZBSWhsYzFVdE92Ulowd3p1UT09IiwibWFjIjoiNmM1MGIyOGIwZDRhMjk2ODI3ZWNiNDIxZDdmOGU0MWU0ZWUyYzgwZjg3Nzc4MTE5ZGY5ZjBlMjIzNWI1NjMzNSJ9; expires=Wed, 28-Sep-2022 03:41:32 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6Inh1cFBSUWNnaGpmNlR6SkdqVHNxcGc9PSIsInZhbHVlIjoiXC9GMkdicEdCN1U0OGgxK0RBejhnTXVEUDF5bTVnYVcyNWEydVZNeFlDbHpQY2tYSlhIb01CWmwxUTdCR1o2MXBacXJPWFY2ZVdKUXBBNlpmeW1EXC8xQT09IiwibWFjIjoiYzUxOWYyZWZkMzVmZWRkOTMzYTdiOWRhYzAxZjFkYWYyOTEzYjhhNWQ0ZDUxMDczZTE2YjdkOGZjYzJkMWYyMiJ9; expires=Wed, 28-Sep-2022 03:41:32 GMT; Max-Age=10800; path=/; httponly ofertas-de-verao_cart=eyJpdiI6IjBOM2VLdVMwcmt0VDZPS3BTNndtRmc9PSIsInZhbHVlIjoiOFBvdDN0TGNySWtMNCt3THN6eEN5XC9LZGFYdkJEd1RUb1wvKzFHUXZqYUlzQlRVelZqaE5SWlJJbmhQMmc4bktRV2plZTdybDRMNjhPZDVybXlBK0ZmUT09IiwibWFjIjoiN2JiY2RkZGUzZGVkZWMwMWE4NzQwMzI2Y2NlZGY1MjQ0NGMxNjcxZjdmNGYyNDljMTEwOGNjYTg0NzFjMTAwYyJ9; expires=Mon, 03-Oct-2022 00:41:32 GMT; Max-Age=432000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10131
Md5:    47bd7e48cee322a201d646d795b56b4e
Sha1:   41f598c28624080878941b3b382e4901c1b4adea
Sha256: 356e1c28d358f6505c15dc5aa261deec33ec34b2d871b46a1762b6da64873c89
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10031
x-amzn-requestid: 0ac9a228-b6ce-4695-b269-f6a5ba959576
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4HTsoAMF8dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-1d1cacef2608d5820b2bc1b1;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: HKSCXbOStqMfD92WWwpkNF1l9euR9RkHTo2boSKqhPAunGl2u_YGlg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:48 GMT
age: 10485
etag: "e26e7e4f7c67d680f0c2d0fa84dcb77ffbef6a49"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10031
Md5:    07f06c54e3b1431203308e4134e7efcb
Sha1:   e26e7e4f7c67d680f0c2d0fa84dcb77ffbef6a49
Sha256: 2814f21c6a21623c189163672867272eb24f754d3d22a8285349e5dd9f6b49f7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 00:41:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 00:41:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Wed, 28 Sep 2022 00:41:34 GMT
date: Wed, 28 Sep 2022 00:41:34 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   585
Md5:    7d84c4456027d3c2e042f55c624444cb
Sha1:   ae1299213270a14574bac01f8f91d29a4c9ffd7c
Sha256: 5ac486ab075825fc510d276894e2a289866e243bbb1efe2f5246c710f307aae4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DC92B3FDCD34F33B5A7C901593BE6A677C01D38A9A76D63B5B012863BA2344DB"
Last-Modified: Mon, 26 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11880
Expires: Wed, 28 Sep 2022 03:59:34 GMT
Date: Wed, 28 Sep 2022 00:41:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 00:41:34 GMT
Server: ECS (amb/6B81)
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 00:41:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 00:41:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /s/gts1d4/pWyJAO6WNqQ HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 00:41:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v0.js HTTP/1.1 
Host: js.upnid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         130.211.14.112
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
vary: Origin
content-encoding: gzip
via: 1.1 google
content-length: 8884
date: Wed, 28 Sep 2022 00:37:41 GMT
age: 233
last-modified: Tue, 19 Jan 2021 20:16:07 GMT
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (23050)
Size:   8884
Md5:    960c2f02f796ed460b2c3911ee0f498d
Sha1:   862e007ff302286b83d9e5b4b880acdf5894ac1a
Sha256: d5112369b9ae06973e98285df7d92749ddae470430912d01fd70f7c45207592f
                                        
                                            GET /svg/card-elo.svg HTTP/1.1 
Host: icons.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
x-origin-cache: HIT
last-modified: Tue, 13 Sep 2022 16:24:23 GMT
access-control-allow-origin: *
etag: W/"6320aeb7-c43"
expires: Tue, 27 Sep 2022 18:16:47 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 21F6:7B16:7627A1:A81A20:6320B37D
via: 1.1 varnish
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663097931.063167,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: f023c773bee9415a21039ef215a05ef2473a235d
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwXg1pdIzX4%2BQI9rV9K183xjXQI62tjsef1HffyfamXc3KraxoUiiuJA0X9W4DB0vJ0Ez3tpxaCn%2BUVE%2B96%2FuvhTAGMT07In8YxhqBXttchI08DCRQs1XRxKOQ6PN0Zy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24ab481c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1575)
Size:   1796
Md5:    40c830e05f86289bb5f18cc05c2b8e1e
Sha1:   7c5b411acd64707deab8e3d95cee49918d18779a
Sha256: 4bc17ec388ffcc2e51311a1b4c5bc44896ed535077c2acf4c06ede7edfd12cc1
                                        
                                            GET /s/files/1/0664/3787/3898/products/11_18e9a9bd-c228-40fe-a598-5f3398307c6d_250x250.png HTTP/1.1 
Host: cdn.shopify.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.254.71
HTTP/2 200 OK
content-type: image/avif
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
content-length: 10782
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0664/3787/3898/products/11_18e9a9bd-c228-40fe-a598-5f3398307c6d_250x250.png>; rel="canonical"
server-timing: imagery;dur=742.551, imageryFetch;dur=72.621, imageryProcess;dur=668.997;desc="image"
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: d85d5fef-229c-4294-86f4-872da712e583
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Tue, 27 Sep 2022 18:24:03 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PedeZ7rLhCJ43CL48PyBZG3kGfch2tmPGiGnd9w1DZlbghKBvlThctCEISJDk2cpV7%2Bvj%2BkwbS62sPA353hdEI4qw3iN4j0lnIZc0jKzTnkPdHnb8mciTktNHuUlsNr%2B5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f252eaefac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, AVIF Image\012- data
Size:   10782
Md5:    873bba1f301e0f1c55dc7a6f02b5c8ed
Sha1:   282b6d26695e550973924a74aaf281677589e1f4
Sha256: 14a7d92442fb236d02fda082400f66f8decb1efc2f729db4d43aff397e2c9046
                                        
                                            GET /svg/card-amex.svg HTTP/1.1 
Host: icons.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
x-origin-cache: HIT
last-modified: Tue, 13 Sep 2022 16:24:23 GMT
access-control-allow-origin: *
etag: W/"6320aeb7-5f3"
expires: Wed, 28 Sep 2022 00:34:45 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 91A6:4F1E:78598A:A211A7:6320B35F
via: 1.1 varnish
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663097931.024635,VS0,VE113
vary: Accept-Encoding
x-fastly-request-id: 2f17251d5b4f449d5b870863801562998cd0f600
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43C50GeE3BRGXk%2FjMKCVlh%2BZbCU72LzyU3jagYycKl2aB0Qtdw%2FdRtVT%2BLp1IjGsBDiQP8lvBZAJRJvfhRw%2BytlAKhVQv4I43gV9bkHI5C9zN0f5kToux1SgZ%2BISCwJE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24ab411c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (856)
Size:   1224
Md5:    7de992c54db82f00e36d20c438c24641
Sha1:   a066b7f16df00ddb557f6dc3bb6febd7c7ba3715
Sha256: 0d4da26dcdd39031942e2040fd8c039918887ab6f63769bd5bcd2d4c4222b854
                                        
                                            GET /assets/stores/ofertas-de-verao/uploads/testimonies/63333825b76e1.jpg HTTP/1.1 
Host: images.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
content-length: 8861
x-amz-id-2: 5PQUe8YPz8dOdpUmd9nPm3UEmcbtoysoe8haEFHtEZ5S+S0UOyOP+W8zW7ayt1w+wUdg8fe26/A=
x-amz-request-id: KMKV7JKMKXV43JCH
last-modified: Tue, 27 Sep 2022 17:51:42 GMT
x-amz-version-id: tOpig3fG5u75flBtnm1eHKU494BJd1xb
etag: "98e12beda00d8224366152f1aedc8080"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXjs4sj0a%2FNYdR3dZKLNHRXFRdlYOTJG5%2FDUzIzaSHoyoh2kK4daq%2FYwUikso6TdEVnYxPuYPAxfqpbNH8lJ5JyTmi7LT4Ak1lHJXHFV1ytLFkbWKKWI3gSF3Rs6qMeHOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75186f24ab3e1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 150x150, components 3\012- data
Size:   8861
Md5:    98e12beda00d8224366152f1aedc8080
Sha1:   06cdcdbddbc8b5c97d469168c4c9cfbbb0512ef1
Sha256: 95947a74d7ae68d8a80e7d143a8c1b9662dd506dd4479ddef63775928ce11080
                                        
                                            GET /assets/stores/ofertas-de-verao/uploads/testimonies/633337f578804.jpg HTTP/1.1 
Host: images.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
content-length: 9905
x-amz-id-2: MrTvznARhr8pQReXd2ngkdk2qhro4+I0Tw96rRWrn7hnGnWAbMDsvP4fQvJG9chfVflYU32zU5A=
x-amz-request-id: KMKGEMTRWJK7QPMZ
last-modified: Tue, 27 Sep 2022 17:51:42 GMT
x-amz-version-id: zJZuY2zUP4nir6Hn9iYXIF00pvr6WKX6
etag: "be9a92e29512c6b4820f27b77366d4e2"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxnK7bj6KFZ7oRlU8F1QX3Kxcq4jRmdQLNpHxFQvkJgq%2FFNGQuXa7G4hCaXNhdC7tkKhE58%2FxMeqWnVNUKIebgaGF0oc9k4Xhg6MsBf4bAGIkIEjxTB7MEinwaFxLqq%2B2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75186f24ab3f1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 150x150, components 3\012- data
Size:   9905
Md5:    be9a92e29512c6b4820f27b77366d4e2
Sha1:   343c45ddb72d0db8c10b9a1524ce16b78cf7d470
Sha256: 4da53534971e8fbb761d25aa675e0879cc5ca7f8ca3b06371307d0d24b76eb93
                                        
                                            GET /assets/stores/ofertas-de-verao/uploads/testimonies/633337e444cbd.jpg HTTP/1.1 
Host: images.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
content-length: 9913
x-amz-id-2: I/QWkn5MIfnOzKe3+oZORTzXYtAgTr3IYmtBk/XSjeRNrY3C5NHiLRLdiLag77MFxMVPW9KhsLE=
x-amz-request-id: KMKXXQ0YHVVXZTE6
last-modified: Tue, 27 Sep 2022 17:51:42 GMT
x-amz-version-id: bHnPBSvwRyalTnMzOmzXGb.0GaU.7X8I
etag: "98a93c64f09844453c3978d25098cf86"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfU4F%2BF3z50fTcg2ZwPKAhyVOhV6Fxi4mtwoPbY5Cu4Pn25EF9oap57VK9olVRI2%2B2CqTS%2FSrieDgOjtnBdCQkMiK%2BHUYX%2F4c9NhAd6F7DB8YWMLY7gFzkHJkk9d240slg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75186f24ab3d1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 150x150, components 3\012- data
Size:   9913
Md5:    98a93c64f09844453c3978d25098cf86
Sha1:   9bff6ab848dd3bd73a7db3fdd7de4d99882f35c0
Sha256: 1a985efd37d81a258add296588197e5c36948e4e1a754e5cce4e0535e1291dad
                                        
                                            GET /svg/card-aura.svg HTTP/1.1 
Host: icons.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
last-modified: Tue, 13 Sep 2022 16:24:23 GMT
access-control-allow-origin: *
etag: W/"6320aeb7-111a"
expires: Mon, 26 Sep 2022 10:09:27 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 5584:34DD:777128:A962BB:6320B37D
via: 1.1 varnish
x-served-by: cache-bma1669-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663097931.024064,VS0,VE111
vary: Accept-Encoding
x-fastly-request-id: c27fb302a9d18223e7250a0b2b4fc0f9a948568d
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cG0CKS%2BFOR7VsNr%2FW9qRKT5udUV3IYY6r%2F3VvrmmaoJ33hgSK4QfEn1PbB9SFJY1GD6KEl6MUbgHDzbamfeTuCB1%2FRC03XV3q7CsKSf1jVdoLPCJLD1XSVli6DfWFmxr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24bb4e1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3016)
Size:   2312
Md5:    8970a0c95ff7af7059f9ed1707bf9bdb
Sha1:   534165f73d9eb389dac2a69dbdcb077d2b4afcd4
Sha256: 40f2bdeb6d56d5f6761bbb0c3809d00bcf2862ceaeb48aab5473c1e5a7c1f700
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 00:41:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 00:41:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 00:41:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.ofertasdeverao.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:08:19 GMT
expires: Tue, 26 Sep 2023 21:08:19 GMT
cache-control: public, max-age=31536000
age: 99196
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Size:   33580
Md5:    848cd2ecd011428969dc6b90431bc482
Sha1:   6b1a7b562a56bd54510e0f6f95e26babca331a1b
Sha256: 981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 00:41:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /fa/4.7.0/fa.woff2?v=4.7.0 HTTP/1.1 
Host: fonts.dooki.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.ofertasdeverao.online
Connection: keep-alive
Referer: https://fonts.dooki.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.1.53
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Wed, 28 Sep 2022 00:41:35 GMT
content-length: 77160
x-amz-id-2: CEV+ZCx0RZam57zJ/zCIJE28/8Zb8q2eZh+jb/AdIh3ntrJ4cu5yo5NImd/zq5bV0LPI9RnXUt4=
x-amz-request-id: 1ZVJHRTMEX333YMF
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 1800
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 10 Nov 2018 14:21:40 GMT
x-amz-version-id: null
etag: "af7ae505a9eed503f8b8e6982036873e"
cf-cache-status: MISS
expires: Thu, 06 Oct 2022 00:41:35 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 75186f2c6f73b509-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
                                        
                                            GET /king-assets.yampi.me/dooki/632219b370e33/632219b370e38.png HTTP/1.1 
Host: s3.sa-east-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.95.163.112
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: 4kqVJrW4XQO3jl0X61JRphcqRhC7iNYjgVjRi249zI23x+aZxvPFXUtNmPN9ZAKuaBb85CWGmBE=
x-amz-request-id: 1ZVY4FTK3MDRB0XV
Date: Wed, 28 Sep 2022 00:41:36 GMT
Last-Modified: Wed, 14 Sep 2022 18:13:08 GMT
ETag: "992452d4f6b48dee685307942fa02796"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 91337


--- Additional Info ---
Magic:  PNG image data, 736 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size:   91337
Md5:    992452d4f6b48dee685307942fa02796
Sha1:   e71a76de95aef62d32ee6057a1cc08f4421472f7
Sha256: a8eefacfe3dcd19a123bdd7be78dd32bf2514c1d8266bb5e858d4d4bc6b93e15
                                        
                                            GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.ofertasdeverao.online
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
age: 180941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (826)
Size:   158248
Md5:    db1b5789e9915e9c82f5df92e5982980
Sha1:   2e193e502995501c85f45fd89d9f83707a7f9573
Sha256: db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5708
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 00:41:36 GMT
Last-Modified: Tue, 27 Sep 2022 23:06:28 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 00:41:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /svg/card-diners.svg HTTP/1.1 
Host: icons.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
x-origin-cache: HIT
last-modified: Tue, 13 Sep 2022 16:24:23 GMT
access-control-allow-origin: *
etag: W/"6320aeb7-99b"
expires: Tue, 27 Sep 2022 08:09:03 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 0805:3666:720576:A3F3F5:6320B37D
via: 1.1 varnish
x-served-by: cache-bma1635-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663097931.024806,VS0,VE117
vary: Accept-Encoding
x-fastly-request-id: 3173e43038aaed1f5c4d9cd688593e370db124d3
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XiE6TKfGWTfuXHOacdfq%2FsxBS50sGTduwlPF8PHRxbb5bIfTyyTXsWYaeakQXcW87LQWnSRoAcGCJY2zgAWE66uqpWzsJ97zfPdB%2Bkc9nrKuS%2BTfiM2iyejk9tcpG1B%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24ab441c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1368)
Size:   23632
Md5:    3b77cf505cbceb12d021930af96866d0
Sha1:   44fdbd068fe7929fbd6aa384ef5854705e78ef81
Sha256: 6ddab1b911d1ffbd5e4134290ac749fa0479003652d09e4c685c33c79d458c93
                                        
                                            GET /svg/card-pix.svg HTTP/1.1 
Host: icons.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
x-origin-cache: HIT
last-modified: Tue, 13 Sep 2022 16:24:23 GMT
access-control-allow-origin: *
etag: W/"6320aeb7-a56"
expires: Wed, 28 Sep 2022 00:18:51 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: D8D4:5ABE:77069E:9FE713:6320B554
via: 1.1 varnish
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663097932.845241,VS0,VE109
vary: Accept-Encoding
x-fastly-request-id: ce75b40802cb9a31d490012c9ba03c2b82439614
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flWxyAnNc45x0dfMs%2BDXd%2FDJCZPj%2BFPRXwq9guzxnQos97WZ%2BRxvmoyYmWsy4CRhEgiffSu7UBPQsqfIhbaPymbWBto6GYvJcXoR12quxj1n62fmQJmVakKYuC49rDLi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24ab451c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1048)
Size:   28001
Md5:    6b031b1f7ddba654120b77d2e4c1c9df
Sha1:   c6436c6c4e8c9a276655c4d4c1b7b068ed834798
Sha256: fac5aecdb4b1720f3cd939ba96ddff770335b32cce5f718bf68cfd6a6a3fa574
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5708
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 00:41:36 GMT
Last-Modified: Tue, 27 Sep 2022 23:06:28 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 00:41:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?v=1&_v=j97&a=1699571218&t=pageview&_s=1&dl=https%3A%2F%2Fseguro.ofertasdeverao.online%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D998b10c0-3eb0-11ed-b47e-3fdebbc9a44c&ul=en-us&de=UTF-8&dt=Finalizar%20compra%20-%20Ofertas%20de%20Ver%C3%A3o&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEDAAAATAAAAAC~&jid=672671801&gjid=144688163&cid=471637102.1664325694&tid=UA-45745009-5&_gid=2093582838.1664325694&_r=1&_slc=1&z=444809563 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.ofertasdeverao.online
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://seguro.ofertasdeverao.online
date: Wed, 28 Sep 2022 00:41:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    9e92e190700c1af4539b40c2171320a9
Sha1:   209bcdb79e6067b51091ce8586d4b977f25b67d8
Sha256: aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 00:41:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /checkout/build/mix/assets/js/app.js?id=9b6bc316d16463b544cdc0e695ce9d7c HTTP/1.1 
Host: awesome-assets.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
x-amz-id-2: kiKMcAr44hCS/h/HVY248HvVsZ8c++jxSbplSUA+eauwmt5HsWg8UBb9Ul0Y6kT3rAvxJVfXLU0=
x-amz-request-id: CY4BWHFC5C676757
last-modified: Mon, 26 Sep 2022 19:44:15 GMT
x-amz-version-id: dI9F0vCOZifuvcVSKZO43mZnYXF0Vwno
etag: W/"20baf997b7e31a089f0a9544550cf45a"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1895
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shATEdDHSu8Hrp46n40soNb0RjckuloP7CdDqxG2OmJ5V16QZU%2FRQxwBDN4y6XhS3Hdd%2FZeYdSPDqVoN%2Fj2IplG1N5j3hJbA4XIrtV2CaHI66f2qjt0LaGGEyy9Kxtsu7uryXy38BzyX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75186f24ab3c1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   88272
Md5:    59e3018178da4ca951a1489b6de8bfa3
Sha1:   6465e9b2854eec4e213f4c46d971566ceb8d2b0f
Sha256: 38878cd596cc10603bee7984bab8e73e01276ca7b6a2735312f7c623d6f4bc45
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 28 Sep 2022 00:41:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /e/t HTTP/1.1 
Host: seguro.ofertasdeverao.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjllODVhM2FlNTA5YWQ0MDYiLCJ0ciI6IjkyNjJiODdjZTQyMDg4MjBmYmYyYWRkYjgzYWU2ZGE3IiwidGkiOjE2NjQzMjU2OTMxNjh9fQ==
traceparent: 00-9262b87ce4208820fbf2addb83ae6da7-9e85a3ae509ad406-01
tracestate: 2935249@nr=0-1-2935249-1134170823-9e85a3ae509ad406----1664325693168
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 366
Origin: https://seguro.ofertasdeverao.online
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=998b10c0-3eb0-11ed-b47e-3fdebbc9a44c
Cookie: XSRF-TOKEN=eyJpdiI6IkZMQmJlb1dUZmZONDlnemVtTFY1WXc9PSIsInZhbHVlIjoiMmQ1bERvYVlcL2NEclVJRlVESmplek5nVjZIanJlanpVN1pJMHd4aUlIMDI0a0MySkxqY0NBZ21DdTJiZVZUNGpLSlRjSEx4S3d3QUk2R2VBZmp1UUR3PT0iLCJtYWMiOiI2NDQ2MWI0NWVhMTQ1YjY1OTU2ODc4ODUxZjYzMzNmODZkYmVlZDVkNjU0YTNhZjUzMTZkZmE1MmRiMmQyYWFjIn0%3D; bubbstore_checkout=eyJpdiI6IktoSzdzOWd4cjBhdXdQWDBIbzdGdXc9PSIsInZhbHVlIjoiQ1luelFJaDQ2V3NJMlo2d0NEK2JabFlwV0xpRG1pR0g0SHVpMEw2Y1ZuY3VWQ2JcLzdEaGsxOUl3MU96MFlZN0pLYklUSm15N1diSE1rNSsyR0RYY3pnPT0iLCJtYWMiOiJjMDczNTYyOTllNDE0ZGViOGY3OWFmNjU3ZjFhM2I4ZDg2YzU3NjNkNTU3ZDc0ZTQxMTkwOGQxNThjODc1MTRiIn0%3D; ofertas-de-verao_cart=eyJpdiI6IjBOM2VLdVMwcmt0VDZPS3BTNndtRmc9PSIsInZhbHVlIjoiOFBvdDN0TGNySWtMNCt3THN6eEN5XC9LZGFYdkJEd1RUb1wvKzFHUXZqYUlzQlRVelZqaE5SWlJJbmhQMmc4bktRV2plZTdybDRMNjhPZDVybXlBK0ZmUT09IiwibWFjIjoiN2JiY2RkZGUzZGVkZWMwMWE4NzQwMzI2Y2NlZGY1MjQ0NGMxNjcxZjdmNGYyNDljMTEwOGNjYTg0NzFjMTAwYyJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         170.82.174.30
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 00:41:36 GMT
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IlYrK3lmVllGK0hZQmwreTVwUkJZdEE9PSIsInZhbHVlIjoiV0NwVUJlQkpYNEhiN0RKWW9cL3dmMERmOFJJMVZvQjVRaWN3eG1xY201MWlweWRGRjl2TW9JcjlPaFwvTnpVQnlQNmI0R0ZHRTYrZkIzS3hHMWRVcFBPZz09IiwibWFjIjoiMzY4YmY5Mzk5Nzg3YWU3NDgzMTk5Mjc3ZDViMGNlOWIwNzc3ODRlZjIwNTkyZDhiNjM4NWUyYTUzMjI4N2EyMCJ9; expires=Wed, 28-Sep-2022 03:41:36 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6IlMxYmNLeE5SOUwzaGhlSU5NY3pEaEE9PSIsInZhbHVlIjoiRDJhUHhVUDZ6UXpQRDVQalwvdmV5SlQyYWkyNHIxaW1GMTFhRzU4WXU4Y2ZYRVRsNVJaYWxQa3ZwMW9tSE1mdzhxcmZOUHVrWnBQbUtDTG5GSmphXC96Zz09IiwibWFjIjoiOTllMjk0ZTJjMDkzZTVhM2QyNDUyYTM0MzgyYTAyNmEzM2M0OTY2MmNjZjUyOTRiZDM5MzNlNDEyMDM1ZGUyYSJ9; expires=Wed, 28-Sep-2022 03:41:36 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZGRTVABKIl4PRxALWlsEFCNMQVEHCgtZVhVKVB8GA1JWU04ATApVDgwEHh5UFUNUAFdUVFIBVFFRDlEBAVhTFR1RBwhCU24=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (745)
Size:   758
Md5:    6c00257598db422eda38f1a0bd53637d
Sha1:   58a1d6fa76fe3d41f959c70229c7e58391310a6d
Sha256: 57ddbe563741eae4d5f7a6d63c4a91eff17975122159d14bc3db5287a8996fd8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /svg/card-discover.svg HTTP/1.1 
Host: icons.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
x-origin-cache: HIT
last-modified: Tue, 13 Sep 2022 16:24:23 GMT
access-control-allow-origin: *
etag: W/"6320aeb7-f89"
expires: Mon, 26 Sep 2022 21:25:08 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 31EE:5763:DCEFB4:E47F30:6320BAA0
via: 1.1 varnish
x-served-by: cache-bma1672-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663097931.067513,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: fd79095f655c2a734a7e320fca9bb582f1e29d1d
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufx4Zrr93bV5ZoXlAloyJWEmsZKqj7yeI8kMbcE0nmt1YxRmMdCbCA2qqUnrk0gCenbvYInV9MCdN9qMM5lxMIAFyTmk1HI8zJ1%2B07TaCWYpr39eHkDE8qBAKGph%2BPIM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24bb4f1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2127)
Size:   181402
Md5:    cc8e48e778c48370123ec33018125d11
Sha1:   11cbf8e942289fa254c19075c2238da303a820b9
Sha256: aa9f594ca086a390a004c0cef46ee1f400883769153ddf02b8e9723a06b0f065
                                        
                                            GET /tr/?id=475609647795069&ev=PageView&dl=https%3A%2F%2Fseguro.ofertasdeverao.online%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D998b10c0-3eb0-11ed-b47e-3fdebbc9a44c&rl=&if=false&ts=1664325694665&cd[content_ids]=%5B%227922469732586%22%5D&cd[content_type]=product_group&cd[value]=129.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664325694664.2027247697&it=1664325693879&coo=false&eid=PageView_eyxw2d1hk&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 28 Sep 2022 00:41:37 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   257496
Md5:    0f2e98b6a6412a89b761486c74db37ee
Sha1:   a774291a11690005f85b2f1f2bf6a93e5111022b
Sha256: 69cd1dd543dcdd78790fed5b83926bee6813667c8a42ae469b953e9395b89aae
                                        
                                            GET /tr/?id=1686103548439989&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.ofertasdeverao.online%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D998b10c0-3eb0-11ed-b47e-3fdebbc9a44c&rl=&if=false&ts=1664325694676&cd[content_ids]=%5B%227922469732586%22%5D&cd[content_type]=product_group&cd[value]=129.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664325694664.2027247697&it=1664325693879&coo=false&eid=AddPaymentInfo_xjuc9ule6&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 28 Sep 2022 00:41:37 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=1497427834094100&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.ofertasdeverao.online%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D998b10c0-3eb0-11ed-b47e-3fdebbc9a44c&rl=&if=false&ts=1664325694679&cd[content_ids]=%5B%227922469732586%22%5D&cd[content_type]=product_group&cd[value]=129.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664325694664.2027247697&it=1664325693879&coo=false&eid=AddPaymentInfo_bfqu8nu71&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 28 Sep 2022 00:41:37 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=618450783161563&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.ofertasdeverao.online%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D998b10c0-3eb0-11ed-b47e-3fdebbc9a44c&rl=&if=false&ts=1664325694682&cd[content_ids]=%5B%227922469732586%22%5D&cd[content_type]=product_group&cd[value]=129.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664325694664.2027247697&it=1664325693879&coo=false&eid=AddPaymentInfo_bvpf8jbg2&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 28 Sep 2022 00:41:37 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=1686103548439989&ev=PageView&dl=https%3A%2F%2Fseguro.ofertasdeverao.online%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D998b10c0-3eb0-11ed-b47e-3fdebbc9a44c&rl=&if=false&ts=1664325694667&cd[content_ids]=%5B%227922469732586%22%5D&cd[content_type]=product_group&cd[value]=129.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664325694664.2027247697&it=1664325693879&coo=false&eid=PageView_eyxw2d1hk&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 28 Sep 2022 00:41:37 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=1497427834094100&ev=PageView&dl=https%3A%2F%2Fseguro.ofertasdeverao.online%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D998b10c0-3eb0-11ed-b47e-3fdebbc9a44c&rl=&if=false&ts=1664325694669&cd[content_ids]=%5B%227922469732586%22%5D&cd[content_type]=product_group&cd[value]=129.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664325694664.2027247697&it=1664325693879&coo=false&eid=PageView_eyxw2d1hk&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 28 Sep 2022 00:41:37 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=618450783161563&ev=PageView&dl=https%3A%2F%2Fseguro.ofertasdeverao.online%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D998b10c0-3eb0-11ed-b47e-3fdebbc9a44c&rl=&if=false&ts=1664325694672&cd[content_ids]=%5B%227922469732586%22%5D&cd[content_type]=product_group&cd[value]=129.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=29&fbp=fb.1.1664325694664.2027247697&it=1664325693879&coo=false&eid=PageView_eyxw2d1hk&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 28 Sep 2022 00:41:37 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=475609647795069&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.ofertasdeverao.online%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D998b10c0-3eb0-11ed-b47e-3fdebbc9a44c&rl=&if=false&ts=1664325694674&cd[content_ids]=%5B%227922469732586%22%5D&cd[content_type]=product_group&cd[value]=129.9&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.84&r=stable&ec=1&o=29&fbp=fb.1.1664325694664.2027247697&it=1664325693879&coo=false&eid=AddPaymentInfo_qmho2upmy&tm=1&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 28 Sep 2022 00:41:37 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /nr-spa-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 00:41:37 GMT
via: 1.1 varnish
x-served-by: cache-bma1679-BMA
x-cache: HIT
x-cache-hits: 862
x-timer: S1664325697.104937,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32010)
Size:   18216
Md5:    6561a2403142205f966207d61576f1a6
Sha1:   1310e72f494e12ab63a4280fc1600a2c89dc9bb8
Sha256: 0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
                                        
                                            GET /svg/card-aura.svg HTTP/1.1 
Host: github.bubbstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.29.224
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-111a"
expires: Tue, 27 Sep 2022 23:07:45 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 080D:589B:DA93C2:E0F454:63335F0B
via: 1.1 varnish
x-served-by: cache-bma1670-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664311052.705802,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: 639b16a75cf3927223360bf9b62f5c91a3aebeb2
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHtSWjBnMlWUreA9q%2Bk5ttFMhj6Z%2FY%2BkJhOQ2XRdi56atSYDR%2Fdf2JThK5FNgchzXknPmK87bFJ5j4WWVOUqneE084UWYuvoZV8ZD6XRIuuRkxXS9dbJSnS%2BZLfgxXanqrNNar1EWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24fa0afab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3016)
Size:   2312
Md5:    1a8734b2ed8c9a35c1c97437eff205fb
Sha1:   1dafdf87d57ed106faba53179821cb7abaca66e0
Sha256: e386775cbc682605025983bcf5c79e8dfe588ea5b41a5a4c552c2717f107ae75
                                        
                                            GET /1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHkMDG1gAXUQ%3D&rst=5914&ck=1&ref=https://seguro.ofertasdeverao.online/checkout/payment&ap=256&be=2822&fe=5839&dc=4243&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664325688903,%22n%22:0,%22f%22:1616,%22dn%22:1616,%22dne%22:1616,%22c%22:1616,%22s%22:1616,%22ce%22:1616,%22rq%22:1618,%22rp%22:2803,%22rpe%22:2803,%22dl%22:2809,%22di%22:4159,%22ds%22:4242,%22de%22:4322,%22dc%22:5838,%22l%22:5838,%22le%22:5840%7D,%22navigation%22:%7B%7D%7D&fcp=4316&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 28 Sep 2022 00:41:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 75186f3739e4b515-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=cae1f20f176ed9e4; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            POST /events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHkMDG1gAXUQ%3D&rst=6118&ck=1&ref=https://seguro.ofertasdeverao.online/checkout/payment HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 612
Origin: https://seguro.ofertasdeverao.online
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 28 Sep 2022 00:41:37 GMT
Content-Length: 24
Connection: keep-alive
CF-Ray: 75186f385aa1b515-OSL
Access-Control-Allow-Origin: https://seguro.ofertasdeverao.online
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   24
Md5:    bc32ed98d624acb4008f986349a20d26
Sha1:   2d3df8c11d2168ce2c27e0937421d11d85016361
Sha256: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
                                        
                                            GET /svg/card-discover.svg HTTP/1.1 
Host: github.bubbstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.29.224
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-f89"
expires: Tue, 27 Sep 2022 23:07:45 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 1014:0A90:4B789E:D04ADA:629E764A
via: 1.1 varnish
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1654556035.983946,VS0,VE101
vary: Accept-Encoding
x-fastly-request-id: d0464c181bd44a3b4ddea5e69abcb252f448f82a
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdWNzD6%2BiinLUXGjvxqeO92NPGYD15dF9tCMNGDRbdp%2FGl0ZKdaBSYerQaxuwo%2Bc2hthIp8f4BhTx8BrnxDc5SfAJFHyjcWuVQ6rVZYKgs0VntXjT04awnG0gwX2pSrQPdDiJqinHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24fa09fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Rubik:wght@400;500;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 00:41:34 GMT
date: Wed, 28 Sep 2022 00:41:34 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /svg/card-hipercard.svg HTTP/1.1 
Host: github.bubbstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.29.224
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-54bc"
expires: Tue, 27 Sep 2022 23:07:45 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 1F7C:4FA9:A2485E:A7FA72:631CED48
via: 1.1 varnish
x-served-by: cache-bma1680-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662840137.860379,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: 5a9873bf3e3be401e007339ec8459d7c1527e216
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRGbEvKJ6FjbKIFOcTsHB%2B%2FbXcyxgE1pel9idda3IDH7z0e12iVHfN3WEHt3%2BOARWJHXXN5D%2FuWn%2FbmHy8bFW84YIQ0crMdmHJZdj06QwTXCXSgB7uu4nicIPmPCUPnBLKdCCcletA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24fa02fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /svg/card-mastercard.svg HTTP/1.1 
Host: icons.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
x-origin-cache: HIT
last-modified: Tue, 13 Sep 2022 16:24:23 GMT
access-control-allow-origin: *
etag: W/"6320aeb7-5b3"
expires: Tue, 27 Sep 2022 08:09:03 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: C870:2D21:780010:A9F3D9:6320B37D
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663097931.049285,VS0,VE123
vary: Accept-Encoding
x-fastly-request-id: 2b8147f241789884e26825ded5048f2450716653
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IoV8J21vcBlE241nwnPFBfI8%2FbbdzUm59kBkvHQe%2B0qkAqpAu2pHIwExWFgvj%2BC4Z1IIYzZqxMnKkwD7gOjFzRA1ISuJ2NW%2Bv9koZSlj3MIvLm9qYa6XO4G43VZVzItn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24cb5b1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /svg/card-amex.svg HTTP/1.1 
Host: github.bubbstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.29.224
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-5f3"
expires: Tue, 27 Sep 2022 18:19:59 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 5EA6:132CD:1652233:17113BE:632E163E
via: 1.1 varnish
x-served-by: cache-bma1646-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663964735.864231,VS0,VE126
vary: Accept-Encoding
x-fastly-request-id: 6d985dfbefad384748332539c39d62a9c358f376
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jd%2FBAcdcq3hkTEMqV4wJ3cRmRgBL48jDSBcQC76ek6TiQB2V%2BUUPGy9PSXti5DfDCS2FllTEjf1JLT9AL%2BUtlL0AfjZPN%2BN7cAlOgPpypqyVi8lS%2B9FdLvmD5DM3JXndJyoN%2Ftt4fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24fa04fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /svg/card-mastercard.svg HTTP/1.1 
Host: github.bubbstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.29.224
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-5b3"
expires: Tue, 27 Sep 2022 23:07:45 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 0806:B85F:1B57AC3:1C37171:632E163E
via: 1.1 varnish
x-served-by: cache-bma1650-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663964735.866228,VS0,VE189
vary: Accept-Encoding
x-fastly-request-id: a75574c12ed1c2655df1b723e6ed59a44d72e3a5
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R13%2BdyLix0nuoifzHWP3%2ByK8dP%2BS5eNytfntc3duHGK0T97Hn27H9iWPjnlgEgm7RLDTfSPoHGacoL29k8YhFjSdIY1%2FbtA7BCQwhwGZcsLmYPFxRVP0zuIbsZCaYKvdCazTJfp6Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24fa08fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /svg/card-visa.svg HTTP/1.1 
Host: github.bubbstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.29.224
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-1288"
expires: Tue, 27 Sep 2022 23:07:20 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 080F:BA4A:C12DCF:C7B63A:631CED48
via: 1.1 varnish
x-served-by: cache-bma1677-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662840137.862588,VS0,VE111
vary: Accept-Encoding
x-fastly-request-id: bc9167c4d57cb1243a401a61289361b6ca04bef8
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5OJ0wKYCuVPzJpBIjaVy04uHM6Q%2FSSl1XXex2DKG0lkpZX5FfIKvqKgYPoxa8i2dTmkzeIdtYeZo4Pt8505iDkduZ2FZXJdasIqTl7kc6TH40r%2BQbrWe68d8OjdTfzPhGGh50DYbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24fa06fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /checkout/build/mix/assets/css/app.css?id=c1cb1b608993e42920393f83d30bc32b HTTP/1.1 
Host: awesome-assets.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 28 Sep 2022 00:41:35 GMT
x-amz-id-2: T/Ko5unCE3htRvL+YuuLTuRiYKQUSEu64pQqIoSxpuiXsQxEoLqEOgp7tP2eFJf8Mb3owXvzxFg=
x-amz-request-id: KMKWMNJZFXQ8GEZC
last-modified: Mon, 26 Sep 2022 19:44:15 GMT
x-amz-version-id: sk8GhqbtozvgmZdvBhWo.6c8nigPYGNS
etag: W/"c1cb1b608993e42920393f83d30bc32b"
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkNolfKvavi8k3hUYrjRTKmAtEI%2BXCrEXYCTBPWl%2FQjUL6IJULK7fRbqtCaRW7Hgn2G1Q%2BFhq6Pc%2FS7xcOpfs6y6Xw51hOQwfT3mQaob8SETtge3Bc1jfns1M7rOQWqpC7mgdA89cqTV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75186f244b161c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /jquery/jquery.js HTTP/1.1 
Host: cdn.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
x-amz-id-2: 7gxTttBd/kCkn0bd/hyRfHdpqJ9gzq8f1yoBkZ3x5D4QwamXpqfrXGunCOTo8cwqgRppri0a9Bk=
x-amz-request-id: 98FT7W7KHGHEXVPW
last-modified: Tue, 24 Sep 2019 11:23:34 GMT
x-amz-version-id: 6XhfNvj9UGB1eWzPJf8PFJnclFrAQqDF
etag: W/"9f7c65c84c8e8c3e317945e8fd89899b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1895
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9U8jVTwKj%2BwAhn3D%2FYaSbT3%2Bm%2BammVPla2osnxBojCaADI1%2BCT%2FTrOpMq%2FiY38tWfxIizKf2%2BfcdLb5pW1vnhqzI%2BLGxennskyhKWVp0haBc9abVZs0GRf0Qcky9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75186f24fb651c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /svg/card-visa.svg HTTP/1.1 
Host: icons.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
last-modified: Tue, 13 Sep 2022 16:24:23 GMT
access-control-allow-origin: *
etag: W/"6320aeb7-1288"
expires: Tue, 27 Sep 2022 18:46:03 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 2158:78B3:779989:A98D45:6320B37D
via: 1.1 varnish
x-served-by: cache-bma1683-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663097931.055223,VS0,VE182
vary: Accept-Encoding
x-fastly-request-id: a6a72833805510b10cdc9527a348d2304550d705
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0YoFI%2BndUc1t9KvMRgfA4AVbYpcLN8cJMhz0OG098r%2B2fjKHtBcDx3DqIeaKGx9FWftpkAECBIlNVGkzRv%2BLCCyVADYLKvpCUJduQ%2BsIjIVMEazOQsrmHxvDC36xgx4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24ab431c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /svg/card-billet.svg HTTP/1.1 
Host: icons.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
x-origin-cache: HIT
last-modified: Tue, 13 Sep 2022 16:24:23 GMT
access-control-allow-origin: *
etag: W/"6320aeb7-537"
expires: Mon, 26 Sep 2022 23:06:29 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 704C:739C:7638A9:A828EA:6320B37D
via: 1.1 varnish
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663097931.041790,VS0,VE117
vary: Accept-Encoding
x-fastly-request-id: b29a2ef028a2a3de333273d123f51c2969f04977
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwMIUa8WA9ZhQhbAxbPpxzHlPYnvszeTOjTamubDfcjHMWMhFtxreyV1n4IxUZ2DDk0scoPxcW9oXIp3vOgdTEupyCsMi1scrQD2W%2B1PMbIsVnSpDXItZJyJWd9gjNI%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24ab471c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /svg/card-diners.svg HTTP/1.1 
Host: github.bubbstore.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.29.224
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-99b"
expires: Tue, 27 Sep 2022 23:07:45 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 8F4A:505A:DB19D7:E1C089:63337FE9
via: 1.1 varnish
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664325694.247709,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: 308f2f4639b22af5a7d138ce87b66df8b1a2126a
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4qmCXuJQJXJuB%2Bg%2FF9RB90Rz8Hktelsujl6TdJTNXbaB8LfeneRSw38f77m3l5%2BiNeGn%2FisyqX%2FqaxluFsW9MAjkicS%2BRsZF3LfbEfPMSsRh9TPRRbljDOEmEv7yF8IILtubfS%2BUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24fa07fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /fa/4.7.0/fa.css HTTP/1.1 
Host: fonts.dooki.com.br
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.1.53
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: HIT
age: 1895
expires: Thu, 06 Oct 2022 00:41:34 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 75186f253a30b506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /svg/card-hipercard.svg HTTP/1.1 
Host: icons.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
x-origin-cache: HIT
last-modified: Tue, 13 Sep 2022 16:24:23 GMT
access-control-allow-origin: *
etag: W/"6320aeb7-54bc"
expires: Tue, 27 Sep 2022 20:09:48 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 0802:9B4E:6CAA5C:8E98C9:63335634
via: 1.1 varnish
x-served-by: cache-bma1653-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664325694.192974,VS0,VE122
vary: Accept-Encoding
x-fastly-request-id: 93b120f484305827165b3e52d91919b754705808
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIeFsbsJ0jt48fN2wm5O%2Fjt3o0CPeMKK9ncnO%2FF9wSaEozRHJLcLPoOtJ5M4j2PDiEhadCKIktHxfpF64CdzjOJZY2DQP0YLJDZOQMvS%2BDMKtssTD%2BP0T3hGLLlOp7sV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24ab401c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /svg/card-hiper.svg HTTP/1.1 
Host: icons.yampi.me
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Wed, 28 Sep 2022 00:41:34 GMT
x-origin-cache: HIT
last-modified: Tue, 13 Sep 2022 16:24:23 GMT
access-control-allow-origin: *
etag: W/"6320aeb7-2392"
expires: Tue, 27 Sep 2022 01:04:14 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 3900:70E3:7684AF:A8BDE3:6320B37D
via: 1.1 varnish
x-served-by: cache-bma1661-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1663088051.774291,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 664db6e5293d478d130a0457b0af91c864fdebc9
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFuJsr6pyu%2BqndG6O9pMxsFOieCyXzmiH%2FbiazmYDEUcVtrSYOmuV7nfH1qz2tUOuhTziw3lHxemzY1Us8S68A1BI6HlerD7e8FzTcdCh%2FMobX%2F%2BYwwCj36Wkn2m15nu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75186f24ab461c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cart/recomm HTTP/1.1 
Host: seguro.ofertasdeverao.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjNmN2I1MjZjNjRiMGEyMDQiLCJ0ciI6IjIxNWQ1ZmE0NjBiNDcxMmNlNzIyNTk5NDVkMmViNjU5IiwidGkiOjE2NjQzMjU2OTMxNTl9fQ==
traceparent: 00-215d5fa460b4712ce72259945d2eb659-3f7b526c64b0a204-01
tracestate: 2935249@nr=0-1-2935249-1134170823-3f7b526c64b0a204----1664325693159
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://seguro.ofertasdeverao.online/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=998b10c0-3eb0-11ed-b47e-3fdebbc9a44c
Cookie: XSRF-TOKEN=eyJpdiI6IkZMQmJlb1dUZmZONDlnemVtTFY1WXc9PSIsInZhbHVlIjoiMmQ1bERvYVlcL2NEclVJRlVESmplek5nVjZIanJlanpVN1pJMHd4aUlIMDI0a0MySkxqY0NBZ21DdTJiZVZUNGpLSlRjSEx4S3d3QUk2R2VBZmp1UUR3PT0iLCJtYWMiOiI2NDQ2MWI0NWVhMTQ1YjY1OTU2ODc4ODUxZjYzMzNmODZkYmVlZDVkNjU0YTNhZjUzMTZkZmE1MmRiMmQyYWFjIn0%3D; bubbstore_checkout=eyJpdiI6IktoSzdzOWd4cjBhdXdQWDBIbzdGdXc9PSIsInZhbHVlIjoiQ1luelFJaDQ2V3NJMlo2d0NEK2JabFlwV0xpRG1pR0g0SHVpMEw2Y1ZuY3VWQ2JcLzdEaGsxOUl3MU96MFlZN0pLYklUSm15N1diSE1rNSsyR0RYY3pnPT0iLCJtYWMiOiJjMDczNTYyOTllNDE0ZGViOGY3OWFmNjU3ZjFhM2I4ZDg2YzU3NjNkNTU3ZDc0ZTQxMTkwOGQxNThjODc1MTRiIn0%3D; ofertas-de-verao_cart=eyJpdiI6IjBOM2VLdVMwcmt0VDZPS3BTNndtRmc9PSIsInZhbHVlIjoiOFBvdDN0TGNySWtMNCt3THN6eEN5XC9LZGFYdkJEd1RUb1wvKzFHUXZqYUlzQlRVelZqaE5SWlJJbmhQMmc4bktRV2plZTdybDRMNjhPZDVybXlBK0ZmUT09IiwibWFjIjoiN2JiY2RkZGUzZGVkZWMwMWE4NzQwMzI2Y2NlZGY1MjQ0NGMxNjcxZjdmNGYyNDljMTEwOGNjYTg0NzFjMTAwYyJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         170.82.174.30
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 28 Sep 2022 00:41:35 GMT
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IjViTmRhUXpSNjhiZWlrR0d2Y3VHeEE9PSIsInZhbHVlIjoiXC9NZDI2NjBuM3R1RWdBNngyV0lyM1RUODF2S0JvSVB1c0tOZ043T1N6S3VOQ3R5MVZaUlVsemthK0JHV0NUdzFXaGVZZm04UkZhSEEyTUZKZG1xNHJnPT0iLCJtYWMiOiIwYWE1YzUyZWYzNDI0ZGE5MDkwNmNhMWM5YjM3YzQ3NGY3ZGVmMDUwYzU1YTg2ZjkzY2U4OTdjMmY5YTIxNmY4In0%3D; expires=Wed, 28-Sep-2022 03:41:35 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6IlhrVlBmN3NmWG9nOTIzWUJnUjRlQ2c9PSIsInZhbHVlIjoiVzFzVUNcL3ZwVjVvUW1FRlBYTlllSlZpMjFMUTJOdXZCSEs4WGxnNHN1dFwvbnRCSE5iNE9YODZYZTBQT0lcL0hkMWVwNmIydDJMRGM5UGhiM3BEeU5RM3c9PSIsIm1hYyI6ImZhOTQ2YzA1NDE4MWQ2ZDJkNGZlMDBkMThkZDVkNmFiNDkzY2Y0MWVkMzdlNjk4MWY2MTVlZjU5YWNmYTYwMTcifQ%3D%3D; expires=Wed, 28-Sep-2022 03:41:35 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPEFJSWAsJExoDTFZTUgBSFFIWCAcCA1UVTABNEQMFVQICXlsOA1RTV1EPBgBESFdXXxEDPg==
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /checkout/payment?cart_token=shopify-9aa94aff4c7cdcaaea2e830b6cf0c7cc&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=14ff4ff5f9af26f9f5ee151204a5531f29ab3dff&customerToken=998b10c0-3eb0-11ed-b47e-3fdebbc9a44c HTTP/1.1 
Host: seguro.ofertasdeverao.online
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjdIZlhaaFdxMWtFMVM4UnFpclJiTnc9PSIsInZhbHVlIjoiYjRBZ0o0dVwvWHlSR2M3bDBRV2l2UG5EN05idUIwTm9QcTJ2MTFNREZSSW1hU0JhUUlZUXZBT2I0YnBVYjJjNVwvTGxURVZBSWhsYzFVdE92Ulowd3p1UT09IiwibWFjIjoiNmM1MGIyOGIwZDRhMjk2ODI3ZWNiNDIxZDdmOGU0MWU0ZWUyYzgwZjg3Nzc4MTE5ZGY5ZjBlMjIzNWI1NjMzNSJ9; bubbstore_checkout=eyJpdiI6Inh1cFBSUWNnaGpmNlR6SkdqVHNxcGc9PSIsInZhbHVlIjoiXC9GMkdicEdCN1U0OGgxK0RBejhnTXVEUDF5bTVnYVcyNWEydVZNeFlDbHpQY2tYSlhIb01CWmwxUTdCR1o2MXBacXJPWFY2ZVdKUXBBNlpmeW1EXC8xQT09IiwibWFjIjoiYzUxOWYyZWZkMzVmZWRkOTMzYTdiOWRhYzAxZjFkYWYyOTEzYjhhNWQ0ZDUxMDczZTE2YjdkOGZjYzJkMWYyMiJ9; ofertas-de-verao_cart=eyJpdiI6IjBOM2VLdVMwcmt0VDZPS3BTNndtRmc9PSIsInZhbHVlIjoiOFBvdDN0TGNySWtMNCt3THN6eEN5XC9LZGFYdkJEd1RUb1wvKzFHUXZqYUlzQlRVelZqaE5SWlJJbmhQMmc4bktRV2plZTdybDRMNjhPZDVybXlBK0ZmUT09IiwibWFjIjoiN2JiY2RkZGUzZGVkZWMwMWE4NzQwMzI2Y2NlZGY1MjQ0NGMxNjcxZjdmNGYyNDljMTEwOGNjYTg0NzFjMTAwYyJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

                                         
                                         170.82.174.30
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 28 Sep 2022 00:41:33 GMT
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IkZMQmJlb1dUZmZONDlnemVtTFY1WXc9PSIsInZhbHVlIjoiMmQ1bERvYVlcL2NEclVJRlVESmplek5nVjZIanJlanpVN1pJMHd4aUlIMDI0a0MySkxqY0NBZ21DdTJiZVZUNGpLSlRjSEx4S3d3QUk2R2VBZmp1UUR3PT0iLCJtYWMiOiI2NDQ2MWI0NWVhMTQ1YjY1OTU2ODc4ODUxZjYzMzNmODZkYmVlZDVkNjU0YTNhZjUzMTZkZmE1MmRiMmQyYWFjIn0%3D; expires=Wed, 28-Sep-2022 03:41:33 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6IktoSzdzOWd4cjBhdXdQWDBIbzdGdXc9PSIsInZhbHVlIjoiQ1luelFJaDQ2V3NJMlo2d0NEK2JabFlwV0xpRG1pR0g0SHVpMEw2Y1ZuY3VWQ2JcLzdEaGsxOUl3MU96MFlZN0pLYklUSm15N1diSE1rNSsyR0RYY3pnPT0iLCJtYWMiOiJjMDczNTYyOTllNDE0ZGViOGY3OWFmNjU3ZjFhM2I4ZDg2YzU3NjNkNTU3ZDc0ZTQxMTkwOGQxNThjODc1MTRiIn0%3D; expires=Wed, 28-Sep-2022 03:41:33 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---