Overview

URLseguro.caixamisteriosa.net/cart?cart_token=f7c2dfba-6b9b-11ed-9ca5-0209f11817a0-637ed091e09c4&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=5eefb1a0-6b9c-11ed-8222-f97593481d41
IP 170.82.173.30 (Brazil)
ASN#266444 3L CLOUD INTERNET SERVICES LTDA - EPP
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-24 04:40:41 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (25)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
img-getpocket.cdn.mozilla.net (5) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-23 05:40:48 UTC 142.250.74.164
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-11-23 06:40:02 UTC 142.251.1.155
cdn.yampi.io (1) 402975 2021-08-15 19:04:52 UTC 2022-11-24 04:30:24 UTC 104.18.14.227
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.41.91.37
seguro.caixamisteriosa.net (5) 0 No data No data 170.82.174.30 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-23 05:36:46 UTC 34.117.237.239
fonts.dooki.com.br (2) 829308 2018-12-07 21:56:32 UTC 2022-11-21 08:08:50 UTC 104.18.0.53
analytics.tiktok.com (16) 1182 No data No data 23.36.79.32
awesome-assets.yampi.me (2) 708511 2019-08-08 18:25:49 UTC 2022-11-21 08:08:50 UTC 172.67.72.14
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-11-23 12:04:32 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
ocsp.digicert.com (12) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-23 05:36:31 UTC 34.102.187.140
js.upnid.com (1) 0 2020-06-23 15:36:07 UTC 2022-11-15 23:23:49 UTC 130.211.14.112 Unknown ranking
images.yampi.me (4) 955081 2019-07-25 14:01:06 UTC 2022-11-21 11:07:50 UTC 172.67.72.14
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-23 10:22:58 UTC 142.250.74.10
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
seguro.caixamisteriosa.net (5) 0 No data No data 170.82.173.30 Unknown ranking
ocsp.pki.goog (11) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-23 10:12:01 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.88
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-23 11:10:52 UTC 142.250.74.174
s3.sa-east-1.amazonaws.com (1) 60686 2017-11-14 13:15:14 UTC 2022-11-24 04:11:19 UTC 52.95.165.62
cdn.yampi.me (1) 309436 2019-12-08 15:51:20 UTC 2022-11-22 20:57:22 UTC 172.67.72.14
r3.o.lencr.org (7) 344 No data No data 23.36.77.32

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-24 2 seguro.caixamisteriosa.net/e/t Phishing
2022-11-24 2 seguro.caixamisteriosa.net/cart/recomm Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 170.82.173.30
Date UQ / IDS / BL URL IP
2023-02-04 05:55:59 +0000 0 - 2 - 0 seguro.lojafrancis.online/checkout/payment?ca (...) 170.82.173.30
2023-02-04 05:55:58 +0000 0 - 2 - 0 seguro.lojafrancis.online/cart?cart_token=sho (...) 170.82.173.30
2023-02-02 18:50:41 +0000 0 - 0 - 4 www.brinquedosbabebi.com.br/wp-includes/certi (...) 170.82.173.30
2023-02-02 16:18:53 +0000 0 - 0 - 2 seguro.king-ofertas.shop/cart?cart_token=55f8 (...) 170.82.173.30
2023-02-02 16:18:50 +0000 0 - 0 - 2 seguro.king-ofertas.shop/cart?cart_token=ab82 (...) 170.82.173.30


Last 5 reports on ASN: 3L CLOUD INTERNET SERVICES LTDA - EPP
Date UQ / IDS / BL URL IP
2023-02-04 05:56:07 +0000 0 - 0 - 5 seguro.liquidashoes.com.br/cart?cart_token=sh (...) 170.82.174.30
2023-02-04 05:56:06 +0000 0 - 0 - 5 seguro.liquidashoes.com.br/checkout/payment?c (...) 170.82.174.30
2023-02-04 05:55:59 +0000 0 - 2 - 0 seguro.lojafrancis.online/checkout/payment?ca (...) 170.82.173.30
2023-02-04 05:55:58 +0000 0 - 2 - 0 seguro.lojafrancis.online/cart?cart_token=sho (...) 170.82.173.30
2023-02-04 05:50:56 +0000 0 - 0 - 4 seguro.sg-multimarcas.com/checkout/payment?ca (...) 170.82.174.30


Last 5 reports on domain: caixamisteriosa.net
Date UQ / IDS / BL URL IP
2022-11-24 05:00:44 +0000 0 - 0 - 4 seguro.caixamisteriosa.net/checkout/payment?c (...) 170.82.173.30
2022-11-24 04:40:41 +0000 0 - 0 - 2 seguro.caixamisteriosa.net/cart?cart_token=f7 (...) 170.82.173.30
2022-11-06 13:46:14 +0000 0 - 0 - 3 seguro.caixamisteriosa.net/cart?cart_token=a0 (...) 170.82.173.30
2022-11-06 13:46:12 +0000 0 - 0 - 4 seguro.caixamisteriosa.net/checkout/payment?c (...) 170.82.173.30
2022-10-27 04:20:43 +0000 0 - 0 - 3 seguro.caixamisteriosa.net/cart?cart_token=90 (...) 170.82.174.30


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-10-27 04:20:43 +0000 0 - 0 - 3 seguro.caixamisteriosa.net/cart?cart_token=90 (...) 170.82.174.30
2022-10-27 04:20:42 +0000 0 - 0 - 3 seguro.caixamisteriosa.net/checkout/payment?c (...) 170.82.174.30
2022-10-26 04:30:23 +0000 0 - 0 - 4 linkcurto.co/5pcsz2s8ulgk0 172.67.157.46
2022-10-23 10:50:36 +0000 0 - 0 - 3 seguro.caixamisteriosa.net/cart?cart_token=ab (...) 170.82.174.30
2022-10-23 10:50:34 +0000 0 - 0 - 3 seguro.caixamisteriosa.net/checkout/payment?c (...) 170.82.174.30

JavaScript

Executed Scripts (57)

Executed Evals (5)
#1 JavaScript::Eval (size: 15595) - SHA256: a6ea689f7d9dad611f9b9128b7a88274629505eea048bdc0bfcf03552fec5d36
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var J = function(C) {
            return C
        },
        p = this || self,
        l = function(C, O) {
            if (!(C = (O = p.trustedTypes, null), O) || !O.createPolicy) return C;
            try {
                C = O.createPolicy("bg", {
                    createHTML: J,
                    createScript: J,
                    createScriptURL: J
                })
            } catch (v) {
                p.console && p.console.error(v.message)
            }
            return C
        };
    (0, eval)(function(C, O) {
        return (O = l()) && 1 === C.eval(O.createScript("1")) ? function(v) {
            return O.createScript(v)
        } : function(v) {
            return "" + v
        }
    }(p)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var A=function(C,O,J,p,L,v){if(C.C==C)for(L=w(C,J),9==J?(J=function(l,z,I,b){if(I=(b=L.length,(b|0)-4>>3),L.Fl!=I){I=(I<<3)-(z=[0,0,v[1],v[L.Fl=I,2]],4);try{L.G7=C8(z,Oc(I,L),Oc((I|0)+4,L))}catch(t){throw t;}}L.push(L.G7[b&7]^l)},v=w(C,498)):J=function(l){L.push(l)},p&&J(p&255),C=O.length,p=0;p<C;p++)J(O[p])},e=function(C,O){O.K.splice(0,0,C)},v_=function(C,O){return O=O.create().shift(),C.D.create().length||C.U.create().length||(C.D=void 0,C.U=void 0),O},Jx=function(C,O,J,p){for(p=(J=H(O),0);0<C;C--)p=p<<8|K(O);V(J,O,p)},n=function(C,O,J,p){for(p=(J=(O|0)-1,[]);0<=J;J--)p[(O|0)-1-(J|0)]=C>>8*J&255;return p},lo=function(C,O,J,p,L,v){function l(){if(p.C==p){if(p.X){var z=[Y,O,C,void 0,L,v,arguments];if(2==J)var I=W(p,(e(z,p),false),false);else if(1==J){var b=!p.K.length;e(z,p),b&&W(p,false,false)}else I=p8(z,p);return I}L&&v&&L.removeEventListener(v,l,G)}}return l},zN=function(C,O){return T[O](T.prototype,{prototype:C,pop:C,call:C,splice:C,floor:C,replace:C,propertyIsEnumerable:C,parent:C,length:C,stack:C,document:C,console:C})},N=function(C,O){for(O=[];C--;)O.push(255*Math.random()|0);return O},W=function(C,O,J,p,L,v){if(C.K.length){C.O=!(C.K3=(C.O&&0(),O),0);try{p=C.j(),C.o=p,C.R=p,C.u=0,v=$c(C,O),L=C.j()-C.o,C.J+=L,L<(J?0:10)||0>=C.S--||(L=Math.floor(L),C.W.push(254>=L?L:254))}finally{C.O=false}return v}},Ic=function(C,O,J,p,L,v){for(J=(L=((p=(O=C[L8]||{},H(C)),O).Xl=H(C),O.v=[],C).C==C?(K(C)|0)-1:1,H(C)),v=0;v<L;v++)O.v.push(H(C));for((O.i=w(C,p),O).C3=w(C,J);L--;)O.v[L]=w(C,O.v[L]);return O},P=function(C,O,J,p,L,v,l,z,I){if(C.C=(C.H+=((I=(l=(L=(O||C.u++,0<C.l&&C.O&&C.K3&&1>=C.P&&!C.D&&!C.B)&&(!O||1<C.Z-J)&&0==document.hidden,(v=4==C.u)||L?C.j():C.R),l)-C.R,z=I>>14,C).N&&(C.N^=z*(I<<2)),z),z||C.C),v||L)C.R=l,C.u=0;if(!L||l-C.o<C.l-(p?255:O?5:2))return false;return C.B=((V(286,(p=(C.Z=J,w(C,O?215:286)),C),C.F),C).K.push([bo,p,O?J+1:J]),E),true},wV=function(C,O){((O.push(C[0]<<24|C[1]<<16|C[2]<<8|C[3]),O).push(C[4]<<24|C[5]<<16|C[6]<<8|C[7]),O).push(C[8]<<24|C[9]<<16|C[10]<<8|C[11])},x=function(C,O,J,p,L,v){if(!J.I){if(3<(C=((0==(p=w(J,((v=void 0,C)&&C[0]===a&&(v=C[2],O=C[1],C=void 0),358)),p.length)&&(L=w(J,215)>>3,p.push(O,L>>8&255,L&255),void 0!=v&&p.push(v&255)),O="",C)&&(C.message&&(O+=C.message),C.stack&&(O+=":"+C.stack)),w(J,430)),C)){J.C=(v=(O=(C-=(O=O.slice(0,(C|0)-3),O.length|0)+3,Ax(O)),J.C),J);try{A(J,n(O.length,2).concat(O),9,9)}finally{J.C=v}}V(430,J,C)}},tx=function(C,O,J,p,L,v){if(!C.Y){C.P++;try{for(p=(v=0,void 0),J=C.F;--O;)try{if((L=void 0,C).D)p=v_(C,C.D);else{if(v=w(C,286),v>=J)break;p=w(C,(L=(V(215,C,v),H(C)),L))}(p&&p[ew]&2048?p(C,O):x([a,21,L],0,C),P)(C,false,O,false)}catch(l){w(C,391)?x(l,22,C):V(391,C,l)}if(!O){if(C.Da){C.P--,tx(C,261929697120);return}x([a,33],0,C)}}catch(l){try{x(l,22,C)}catch(z){m(z,C)}}C.P--}},$c=function(C,O,J,p){for(;C.K.length;){p=(C.B=null,C.K.pop());try{J=p8(p,C)}catch(L){m(L,C)}if(O&&C.B){(O=C.B,O)(function(){W(C,true,true)});break}}return J},B_=function(C,O,J,p){function L(){}return p=H_(C,function(v){L&&(O&&E(O),J=v,L(),L=void 0)},(J=void 0,!!O))[0],{invoke:function(v,l,z,I){function b(){J(function(t){E(function(){v(t)})},z)}if(!l)return l=p(z),v&&v(l),l;J?b():(I=L,L=function(){E((I(),b))})}}},Qz=function(C,O){if(!(O=(C=null,c.trustedTypes),O)||!O.createPolicy)return C;try{C=O.createPolicy("bg",{createHTML:f8,createScript:f8,createScriptURL:f8})}catch(J){c.console&&c.console.error(J.message)}return C},rV=function(C,O,J){if("object"==(O=typeof C,O))if(C){if(C instanceof Array)return"array";if(C instanceof Object)return O;if("[object Window]"==(J=Object.prototype.toString.call(C),J))return"object";if("[object Array]"==J||"number"==typeof C.length&&"undefined"!=typeof C.splice&&"undefined"!=typeof C.propertyIsEnumerable&&!C.propertyIsEnumerable("splice"))return"array";if("[object Function]"==J||"undefined"!=typeof C.call&&"undefined"!=typeof C.propertyIsEnumerable&&!C.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==O&&"undefined"==typeof C.call)return"object";return O},Oc=function(C,O){return O[C]<<24|O[(C|0)+1]<<16|O[(C|0)+2]<<8|O[(C|0)+3]},K8=function(C,O,J,p){A(O,n((p=H((J=H(O),O)),w(O,J)),C),p)},G={passive:true,capture:true},Ax=function(C,O,J,p,L){for(C=C.replace(/\\r\\n/g,"\\n"),O=[],p=L=0;L<C.length;L++)J=C.charCodeAt(L),128>J?O[p++]=J:(2048>J?O[p++]=J>>6|192:(55296==(J&64512)&&L+1<C.length&&56320==(C.charCodeAt(L+1)&64512)?(J=65536+((J&1023)<<10)+(C.charCodeAt(++L)&1023),O[p++]=J>>18|240,O[p++]=J>>12&63|128):O[p++]=J>>12|224,O[p++]=J>>6&63|128),O[p++]=J&63|128);return O},H=function(C,O){if(C.D)return v_(C,C.U);return(O=D(true,C,8),O)&128&&(O^=128,C=D(true,C,2),O=(O<<2)+(C|0)),O},sc=function(C,O,J){if(3==C.length){for(J=0;3>J;J++)O[J]+=C[J];for(J=(C=0,[13,8,13,12,16,5,3,10,15]);9>C;C++)O[3](O,C%3,J[C])}},Vz=function(C,O,J,p,L){J=w(O,(L=H((J=(C&=(p=C&3,4),H(O)),O)),J)),C&&(J=Ax(""+J)),p&&A(O,n(J.length,2),L),A(O,J,L)},TN=function(C,O,J,p,L){for(L=(p=(O.j8=(O.wZ=zN({get:(O.El=(O.NL=O[R],O.c6=Yc,n8),function(){return this.concat()})},O.G),T[O.G](O.wZ,{value:{value:{}}})),0),[]);128>p;p++)L[p]=String.fromCharCode(p);W(O,true,(e(((e([(F((V((V(107,O,(V(443,O,(F(O,40,(V(430,(F(O,35,(F((F(O,(F(O,(V(9,(F(O,(V(265,O,(V(358,O,(F(O,(V(466,(F((F(O,387,(F(O,(F((F(O,(F(O,489,(F(O,((F(O,(F(O,457,(F(O,64,(F(O,261,(F(((F(O,287,(F(O,485,(V((F(O,477,(V(391,(F((F(O,(V(22,(F(O,496,(F(O,(V(498,O,(V(215,(V(286,((O.f3=function(v){this.C=v},O.H=(O.Y=void 0,O.l=0,p=window.performance||{},O.K=[],1),O).X=(O.W=[],O.L=void 0,O.I=false,(O.h=void 0,O).J=(O.K3=(O.S=25,O.D=void 0,false),O.B=null,O.C=O,O.Yx=(O.O=false,[]),(O.Z=8001,O.o=0,O).A=[],0),O.P=0,(O.F=0,O).g=(O.sl=(O.U=void 0,0),[]),O.R=0,O.u=(O.N=void 0,void 0),[]),O.hU=p.timeOrigin||(p.timing||{}).navigationStart||0,O),0),O),0),[0,0,0])),411),function(v,l,z,I,b,t,B,Q,r,Z,q,f){function k(u,S){for(;Z<u;)f|=K(v)<<Z,Z+=8;return f>>=(Z-=u,S=f&(1<<u)-1,u),S}for(Q=(z=(r=(f=Z=(t=H(v),0),(k(3)|0)+1),l=k(5),0),[]),I=0;z<l;z++)B=k(1),Q.push(B),I+=B?0:1;for(q=(z=((I|0)-1).toString(2).length,[]),I=0;I<l;I++)Q[I]||(q[I]=k(z));for(z=0;z<l;z++)Q[z]&&(q[z]=H(v));for(b=[];r--;)b.push(w(v,H(v)));F(v,t,function(u,S,io,d,y){for(io=(d=(S=0,[]),[]);S<l;S++){if(!(y=q[S],Q)[S]){for(;y>=d.length;)d.push(H(u));y=d[y]}io.push(y)}u.U=(u.D=uo(u,b.slice()),uo(u,io))})}),function(v,l){(v=(l=H(v),w(v.C,l)),v[0]).removeEventListener(v[1],v[2],G)})),O),{}),68),function(v){K8(4,v)}),O),230,function(v,l,z,I,b){0!==(l=w(v,(z=(I=w(v,(b=(l=(I=H((z=(b=H(v),H)(v),v)),H(v)),w(v.C,b)),I)),w(v,z)),l)),b)&&(l=lo(l,I,1,v,b,z),b.addEventListener(z,l,G),V(471,v,[b,z,l]))}),O),677),function(v,l,z,I){(I=(l=(z=H(v),K)(v),H)(v),V)(I,v,w(v,z)>>>l)})),417),O,[]),function(v,l){W_((l=w(v,H(v)),l),v.C)})),function(v,l,z,I){!P(v,true,l,false)&&(l=Ic(v),z=l.i,I=l.C3,v.C==v||z==v.f3&&I==v)&&(V(l.Xl,v,z.apply(I,l.v)),v.R=v.j())})),O).xx=0,O),3,function(v){K8(1,v)}),function(v,l,z,I,b){(l=H((b=(z=H(v),H(v)),v)),v.C==v)&&(I=w(v,z),l=w(v,l),b=w(v,b),I[b]=l,373==z&&(v.h=void 0,2==b&&(v.N=D(false,v,32),v.h=void 0)))})),function(v,l,z){(l=H((z=H(v),v)),V)(l,v,""+w(v,z))})),function(v,l,z,I){V((l=w(v,(I=w(v,(l=H((I=H(v),v)),z=H(v),I)),l)),z),v,+(I==l))})),O.gZ=0,347),function(v,l,z,I){V((l=w(v,(I=w((z=(I=H(v),H(v)),v),I),z)),z),v,l+I)}),O).bm=0,112),function(v){Jx(4,v)}),function(v,l,z,I){if(l=v.Yx.pop()){for(z=K(v);0<z;z--)I=H(v),l[I]=v.X[I];v.X=(l[l[358]=v.X[358],430]=v.X[430],l)}else V(286,v,v.F)})),17),function(v,l,z,I,b){for(l=(I=GN((b=H(v),v)),z=0,[]);z<I;z++)l.push(K(v));V(b,v,l)}),O),181,function(v){Vz(4,v)}),376),function(v,l,z,I,b,t){P(v,true,l,false)||(b=Ic(v.C),l=b.Xl,z=b.i,t=b.C3,b=b.v,I=b.length,z=0==I?new t[z]:1==I?new t[z](b[0]):2==I?new t[z](b[0],b[1]):3==I?new t[z](b[0],b[1],b[2]):4==I?new t[z](b[0],b[1],b[2],b[3]):2(),V(l,v,z))}),function(v,l,z,I){V((l=w((z=(I=(l=(z=H(v),H(v)),H)(v),w(v,z)),v),l),I),v,z in l|0)})),O),351,function(v,l,z){V((l=(l=w(v,(l=H(v),z=H(v),l)),rV(l)),z),v,l)}),O),0),252),function(v,l,z){P(v,true,l,false)||(l=H(v),z=H(v),V(z,v,function(I){return eval(I)}(ZC(w(v.C,l)))))}),[])),F(O,244,function(v,l,z,I,b,t){if(!P(v,true,l,true)){if("object"==(v=w((t=(b=(b=(t=(l=H((z=H(v),v)),H(v)),H(v)),l=w(v,l),w(v,b)),w)(v,t),v),z),rV(v))){for(I in z=[],v)z.push(I);v=z}for(z=(t=0<(I=0,t)?t:1,v.length);I<z;I+=t)l(v.slice(I,(I|0)+(t|0)),b)}}),[160,0,0])),504),function(v,l,z){0!=w((z=w(v,(z=H((l=H(v),v)),z)),v),l)&&V(286,v,z)}),O),N(4)),322),function(v,l,z,I,b,t,B){for(B=(t=(z=w(v,(I=(b=H(v),GN)(v),l="",484)),z).length,0);I--;)B=((B|0)+(GN(v)|0))%t,l+=L[z[B]];V(b,v,l)}),393),function(v,l,z,I){l=w(v,(I=(z=H((I=(l=H(v),H)(v),v)),w(v,I)),l)),V(z,v,l[I])}),O),442,function(v,l,z,I){(l=(z=H((I=H(v),v)),H(v)),V)(l,v,w(v,I)||w(v,z))}),function(){})),O),2048),function(v){Vz(3,v)})),O)),c)),471),O,0),O),486,function(v,l,z,I,b){V((l=w(v,(z=w(v,(b=H((z=(I=H(v),H(v)),l=H(v),v)),z)),b=w(v,b),l)),I),v,lo(l,z,b,v))}),qs)],O),e)([h,J],O),[Sw,C]),O),true))},Ns=function(C,O,J,p){try{p=C[((O|0)+2)%3],C[O]=(C[O]|0)-(C[((O|0)+1)%3]|0)-(p|0)^(1==O?p<<J:p>>>J)}catch(L){throw L;}},GN=function(C,O){return(O=K(C),O&128)&&(O=O&127|K(C)<<7),O},H_=function(C,O,J,p){return(p=g[C.substring(0,3)+"_"])?p(C.substring(3),O,J):Ec(O,C)},F=function(C,O,J){J[V(O,C,J),qs]=2796},g,V=function(C,O,J){if(286==C||215==C)O.X[C]?O.X[C].concat(J):O.X[C]=uo(O,J);else{if(O.I&&373!=C)return;265==C||9==C||417==C||358==C||498==C?O.X[C]||(O.X[C]=P_(118,C,J,O)):O.X[C]=P_(9,C,J,O)}373==C&&(O.N=D(false,O,32),O.h=void 0)},kc=function(C,O,J){return C.V(function(p){J=p},false,O),J},f8=function(C){return C},Ec=function(C,O){return C(function(J){J(O)}),[function(){return O}]},uo=function(C,O,J){return(J=T[C.G](C.j8),J)[C.G]=function(){return O},J.concat=function(p){O=p},J},C8=function(C,O,J,p,L){for(p=(C=(L=C[2]|0,C)[3]|0,0);14>p;p++)J=J>>>8|J<<24,J+=O|0,J^=L+2298,O=O<<3|O>>>29,C=C>>>8|C<<24,C+=L|0,L=L<<3|L>>>29,C^=p+2298,L^=C,O^=J;return[O>>>24&255,O>>>16&255,O>>>8&255,O>>>0&255,J>>>24&255,J>>>16&255,J>>>8&255,J>>>0&255]},K=function(C){return C.D?v_(C,C.U):D(true,C,8)},W_=function(C,O){(O.Yx.push(O.X.slice()),O.X)[286]=void 0,V(286,O,C)},ac=function(C,O,J,p){return(V(286,C,((p=w(C,286),C.g)&&p<C.F?(V(286,C,C.F),W_(J,C)):V(286,C,J),tx(C,O),p)),w)(C,22)},X,w=function(C,O){if((C=C.X[O],void 0)===C)throw[a,30,O];if(C.value)return C.create();return(C.create(4*O*O+-12*O+4),C).prototype},U=function(C,O,J){J=this;try{TN(O,this,C)}catch(p){m(p,this),O(function(L){L(J.Y)})}},P_=function(C,O,J,p,L,v,l,z){return J=[87,-12,-24,-71,(v=C&7,z=xc,14),-5,J,-72,-32,90],l=T[p.G](p.wZ),l[p.G]=function(I){v+=6+7*C,v&=(L=I,7)},l.concat=function(I){return(I=(I=(I=O%16+1,-224*L+(z()|0)*I-I*L+56*L*L+v+J[v+51&7]*O*I- -672*O*L-224*O*O*L+4*O*O*I),J[I]),L=void 0,J[(v+29&7)+(C&2)]=I,J)[v+(C&2)]=-12,I},l},D=function(C,O,J,p,L,v,l,z,I,b,t,B,Q,r){if(t=w(O,286),t>=O.F)throw[a,31];for(r=(v=(B=0,L=O.NL.length,J),t);0<v;)Q=r>>3,I=r%8,p=8-(I|0),p=p<v?p:v,l=O.g[Q],C&&(b=O,b.h!=r>>6&&(b.h=r>>6,z=w(b,373),b.L=C8([0,0,z[1],z[2]],b.N,b.h)),l^=O.L[Q&L]),B|=(l>>8-(I|0)-(p|0)&(1<<p)-1)<<(v|0)-(p|0),v-=p,r+=p;return V(286,(C=B,O),(t|0)+(J|0)),C},m=function(C,O){O.Y=((O.Y?O.Y+"~":"E:")+C.message+":"+C.stack).slice(0,2048)},c=this||self,E=c.requestIdleCallback?function(C){requestIdleCallback(function(){C()},{timeout:4})}:c.setImmediate?function(C){setImmediate(C)}:function(C){setTimeout(C,0)},p8=function(C,O,J,p,L){if((L=C[0],L)==M)O.S=25,O.s(C);else if(L==R){J=C[1];try{p=O.Y||O.s(C)}catch(v){m(v,O),p=O.Y}J(p)}else if(L==bo)O.s(C);else if(L==h)O.s(C);else if(L==Sw){try{for(p=0;p<O.A.length;p++)try{J=O.A[p],J[0][J[1]](J[2])}catch(v){}}catch(v){}(0,C[1])(function(v,l){O.V(v,true,l)},(O.A=[],function(v){(e((v=!O.K.length,[ew]),O),v)&&W(O,true,false)}))}else{if(L==Y)return p=C[2],V(247,O,C[6]),V(22,O,p),O.s(C);L==ew?(O.g=[],O.W=[],O.X=null):L==qs&&"loading"===c.document.readyState&&(O.B=function(v,l){function z(){l||(l=true,v())}(c.document.addEventListener("DOMContentLoaded",z,(l=false,G)),c).addEventListener("load",z,G)})}},L8=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),bo=[],ew=[],M=(U.prototype.kx=void 0,U.prototype.T="toString",[]),R=[],a=(U.prototype.Da=false,U.prototype.RF=void 0,{}),h=[],Sw=[],qs=[],Y=[],xc=(((wV,function(){})(N),Ns,function(){})(sc),void 0),T=a.constructor,n8=(((((((X=U.prototype,U).prototype.G="create",X.m5=function(C,O,J,p,L){for(L=p=0;L<C.length;L++)p+=C.charCodeAt(L),p+=p<<10,p^=p>>6;return(p=(p+=p<<3,p^=p>>11,C=p+(p<<15)>>>0,new Number(C&(1<<O)-1)),p)[0]=(C>>>O)%J,p},X.V=function(C,O,J,p,L){if((J="array"===rV(J)?J:[J],this).Y)C(this.Y);else try{p=!this.K.length,L=[],e([M,L,J],this),e([R,C,L],this),O&&!p||W(this,O,true)}catch(v){m(v,this),C(this.Y)}},X).aF=function(C,O,J,p,L,v){for(L=v=(p=[],0);L<C.length;L++)for(J=J<<O|C[L],v+=O;7<v;)v-=8,p.push(J>>v&255);return p},X.B6=function(C,O,J){return C^(O^=O<<13,O^=O>>17,(O=(O^O<<5)&J)||(O=1),O)},X).ML=function(){return Math.floor(this.J+(this.j()-this.o))},X.j=(window.performance||{}).now?function(){return this.hU+window.performance.now()}:function(){return+new Date},X).Ul=function(){return Math.floor(this.j())},U).prototype.s=function(C,O){return O=(xc=function(){return C==O?4:-46},C={},{}),function(J,p,L,v,l,z,I,b,t,B,Q,r,Z,q,f){t=C,C=O;try{if(B=J[0],B==h){I=J[1];try{for(f=(L=[],v=atob(I),Z=0);Z<v.length;Z++)p=v.charCodeAt(Z),255<p&&(L[f++]=p&255,p>>=8),L[f++]=p;V(373,this,(this.F=(this.g=L,this.g.length<<3),[0,0,0]))}catch(k){x(k,17,this);return}tx(this,8001)}else if(B==M)J[1].push(w(this,265).length,w(this,417).length,w(this,430),w(this,9).length),V(22,this,J[2]),this.X[101]&&ac(this,8001,w(this,101));else{if(B==R){b=(q=(L=J[2],n((w(this,265).length|0)+2,2)),this.C),this.C=this;try{z=w(this,358),0<z.length&&A(this,n(z.length,2).concat(z),265,10),A(this,n(this.H,1),265,109),A(this,n(this[R].length,1),265),v=0,v+=w(this,466)&2047,r=w(this,9),v-=(w(this,265).length|0)+5,4<r.length&&(v-=(r.length|0)+3),0<v&&A(this,n(v,2).concat(N(v)),265,15),4<r.length&&A(this,n(r.length,2).concat(r),265,156)}finally{this.C=b}if(Q=(((f=N(2).concat(w(this,265)),f)[1]=f[0]^6,f)[3]=f[1]^q[0],f[4]=f[1]^q[1],this).dZ(f))Q="!"+Q;else for(Q="",v=0;v<f.length;v++)l=f[v][this.T](16),1==l.length&&(l="0"+l),Q+=l;return w(this,(V(430,((w(this,(Z=Q,265)).length=L.shift(),w)(this,417).length=L.shift(),this),L.shift()),9)).length=L.shift(),Z}if(B==bo)ac(this,J[2],J[1]);else if(B==Y)return ac(this,8001,J[1])}}finally{C=t}}}(),U.prototype.oF=0,U.prototype).tU=0,/./);U.prototype.dZ=function(C,O,J,p){if(O=window.btoa){for(p=0,J="";p<C.length;p+=8192)J+=String.fromCharCode.apply(null,C.slice(p,p+8192));C=O(J).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else C=void 0;return C};var Yc,jw=(U.prototype[Sw]=[0,0,1,1,0,1,1],h).pop.bind(U.prototype[M]),ZC=((Yc=zN({get:jw},(n8[U.prototype.T]=jw,U.prototype.G)),U).prototype.v6=void 0,function(C,O){return(O=Qz())&&1===C.eval(O.createScript("1"))?function(J){return O.createScript(J)}:function(J){return""+J}}(c));(40<(g=c.botguard||(c.botguard={}),g).m||(g.m=41,g.bg=B_,g.a=H_),g).hDL_=function(C,O,J){return[(J=new U(C,O),function(p){return kc(J,p)})]};}).call(this);'));
}).call(this);
#2 JavaScript::Eval (size: 20140) - SHA256: 67d75f2c7508fcca1a99fa9c7f97f512f07a6d188fabf8d105dce385d03af93a
(function() {
    var A = function(C, O, J, p, L, v) {
            if (C.C == C)
                for (L = w(C, J), 9 == J ? (J = function(l, z, I, b) {
                        if (I = (b = L.length, (b | 0) - 4 >> 3), L.Fl != I) {
                            I = (I << 3) - (z = [0, 0, v[1], v[L.Fl = I, 2]], 4);
                            try {
                                L.G7 = C8(z, Oc(I, L), Oc((I | 0) + 4, L))
                            } catch (t) {
                                throw t;
                            }
                        }
                        L.push(L.G7[b & 7] ^ l)
                    }, v = w(C, 498)) : J = function(l) {
                        L.push(l)
                    }, p && J(p & 255), C = O.length, p = 0; p < C; p++) J(O[p])
        },
        e = function(C, O) {
            O.K.splice(0, 0, C)
        },
        v_ = function(C, O) {
            return O = O.create().shift(), C.D.create().length || C.U.create().length || (C.D = void 0, C.U = void 0), O
        },
        Jx = function(C, O, J, p) {
            for (p = (J = H(O), 0); 0 < C; C--) p = p << 8 | K(O);
            V(J, O, p)
        },
        n = function(C, O, J, p) {
            for (p = (J = (O | 0) - 1, []); 0 <= J; J--) p[(O | 0) - 1 - (J | 0)] = C >> 8 * J & 255;
            return p
        },
        lo = function(C, O, J, p, L, v) {
            function l() {
                if (p.C == p) {
                    if (p.X) {
                        var z = [Y, O, C, void 0, L, v, arguments];
                        if (2 == J) var I = W(p, (e(z, p), false), false);
                        else if (1 == J) {
                            var b = !p.K.length;
                            e(z, p), b && W(p, false, false)
                        } else I = p8(z, p);
                        return I
                    }
                    L && v && L.removeEventListener(v, l, G)
                }
            }
            return l
        },
        zN = function(C, O) {
            return T[O](T.prototype, {
                prototype: C,
                pop: C,
                call: C,
                splice: C,
                floor: C,
                replace: C,
                propertyIsEnumerable: C,
                parent: C,
                length: C,
                stack: C,
                document: C,
                console: C
            })
        },
        N = function(C, O) {
            for (O = []; C--;) O.push(255 * Math.random() | 0);
            return O
        },
        W = function(C, O, J, p, L, v) {
            if (C.K.length) {
                C.O = !(C.K3 = (C.O && 0(), O), 0);
                try {
                    p = C.j(), C.o = p, C.R = p, C.u = 0, v = $c(C, O), L = C.j() - C.o, C.J += L, L < (J ? 0 : 10) || 0 >= C.S-- || (L = Math.floor(L), C.W.push(254 >= L ? L : 254))
                } finally {
                    C.O = false
                }
                return v
            }
        },
        Ic = function(C, O, J, p, L, v) {
            for (J = (L = ((p = (O = C[L8] || {}, H(C)), O).Xl = H(C), O.v = [], C).C == C ? (K(C) | 0) - 1 : 1, H(C)), v = 0; v < L; v++) O.v.push(H(C));
            for ((O.i = w(C, p), O).C3 = w(C, J); L--;) O.v[L] = w(C, O.v[L]);
            return O
        },
        P = function(C, O, J, p, L, v, l, z, I) {
            if (C.C = (C.H += ((I = (l = (L = (O || C.u++, 0 < C.l && C.O && C.K3 && 1 >= C.P && !C.D && !C.B) && (!O || 1 < C.Z - J) && 0 == document.hidden, (v = 4 == C.u) || L ? C.j() : C.R), l) - C.R, z = I >> 14, C).N && (C.N ^= z * (I << 2)), z), z || C.C), v || L) C.R = l, C.u = 0;
            if (!L || l - C.o < C.l - (p ? 255 : O ? 5 : 2)) return false;
            return C.B = ((V(286, (p = (C.Z = J, w(C, O ? 215 : 286)), C), C.F), C).K.push([bo, p, O ? J + 1 : J]), E), true
        },
        wV = function(C, O) {
            ((O.push(C[0] << 24 | C[1] << 16 | C[2] << 8 | C[3]), O).push(C[4] << 24 | C[5] << 16 | C[6] << 8 | C[7]), O).push(C[8] << 24 | C[9] << 16 | C[10] << 8 | C[11])
        },
        x = function(C, O, J, p, L, v) {
            if (!J.I) {
                if (3 < (C = ((0 == (p = w(J, ((v = void 0, C) && C[0] === a && (v = C[2], O = C[1], C = void 0), 358)), p.length) && (L = w(J, 215) >> 3, p.push(O, L >> 8 & 255, L & 255), void 0 != v && p.push(v & 255)), O = "", C) && (C.message && (O += C.message), C.stack && (O += ":" + C.stack)), w(J, 430)), C)) {
                    J.C = (v = (O = (C -= (O = O.slice(0, (C | 0) - 3), O.length | 0) + 3, Ax(O)), J.C), J);
                    try {
                        A(J, n(O.length, 2).concat(O), 9, 9)
                    } finally {
                        J.C = v
                    }
                }
                V(430, J, C)
            }
        },
        tx = function(C, O, J, p, L, v) {
            if (!C.Y) {
                C.P++;
                try {
                    for (p = (v = 0, void 0), J = C.F; --O;) try {
                        if ((L = void 0, C).D) p = v_(C, C.D);
                        else {
                            if (v = w(C, 286), v >= J) break;
                            p = w(C, (L = (V(215, C, v), H(C)), L))
                        }(p && p[ew] & 2048 ? p(C, O) : x([a, 21, L], 0, C), P)(C, false, O, false)
                    } catch (l) {
                        w(C, 391) ? x(l, 22, C) : V(391, C, l)
                    }
                    if (!O) {
                        if (C.Da) {
                            C.P--, tx(C, 261929697120);
                            return
                        }
                        x([a, 33], 0, C)
                    }
                } catch (l) {
                    try {
                        x(l, 22, C)
                    } catch (z) {
                        m(z, C)
                    }
                }
                C.P--
            }
        },
        $c = function(C, O, J, p) {
            for (; C.K.length;) {
                p = (C.B = null, C.K.pop());
                try {
                    J = p8(p, C)
                } catch (L) {
                    m(L, C)
                }
                if (O && C.B) {
                    (O = C.B, O)(function() {
                        W(C, true, true)
                    });
                    break
                }
            }
            return J
        },
        B_ = function(C, O, J, p) {
            function L() {}
            return p = H_(C, function(v) {
                L && (O && E(O), J = v, L(), L = void 0)
            }, (J = void 0, !!O))[0], {
                invoke: function(v, l, z, I) {
                    function b() {
                        J(function(t) {
                            E(function() {
                                v(t)
                            })
                        }, z)
                    }
                    if (!l) return l = p(z), v && v(l), l;
                    J ? b() : (I = L, L = function() {
                        E((I(), b))
                    })
                }
            }
        },
        Qz = function(C, O) {
            if (!(O = (C = null, c.trustedTypes), O) || !O.createPolicy) return C;
            try {
                C = O.createPolicy("bg", {
                    createHTML: f8,
                    createScript: f8,
                    createScriptURL: f8
                })
            } catch (J) {
                c.console && c.console.error(J.message)
            }
            return C
        },
        rV = function(C, O, J) {
            if ("object" == (O = typeof C, O))
                if (C) {
                    if (C instanceof Array) return "array";
                    if (C instanceof Object) return O;
                    if ("[object Window]" == (J = Object.prototype.toString.call(C), J)) return "object";
                    if ("[object Array]" == J || "number" == typeof C.length && "undefined" != typeof C.splice && "undefined" != typeof C.propertyIsEnumerable && !C.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == J || "undefined" != typeof C.call && "undefined" != typeof C.propertyIsEnumerable && !C.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == O && "undefined" == typeof C.call) return "object";
            return O
        },
        Oc = function(C, O) {
            return O[C] << 24 | O[(C | 0) + 1] << 16 | O[(C | 0) + 2] << 8 | O[(C | 0) + 3]
        },
        K8 = function(C, O, J, p) {
            A(O, n((p = H((J = H(O), O)), w(O, J)), C), p)
        },
        G = {
            passive: true,
            capture: true
        },
        Ax = function(C, O, J, p, L) {
            for (C = C.replace(/\r\n/g, "\n"), O = [], p = L = 0; L < C.length; L++) J = C.charCodeAt(L), 128 > J ? O[p++] = J : (2048 > J ? O[p++] = J >> 6 | 192 : (55296 == (J & 64512) && L + 1 < C.length && 56320 == (C.charCodeAt(L + 1) & 64512) ? (J = 65536 + ((J & 1023) << 10) + (C.charCodeAt(++L) & 1023), O[p++] = J >> 18 | 240, O[p++] = J >> 12 & 63 | 128) : O[p++] = J >> 12 | 224, O[p++] = J >> 6 & 63 | 128), O[p++] = J & 63 | 128);
            return O
        },
        H = function(C, O) {
            if (C.D) return v_(C, C.U);
            return (O = D(true, C, 8), O) & 128 && (O ^= 128, C = D(true, C, 2), O = (O << 2) + (C | 0)), O
        },
        sc = function(C, O, J) {
            if (3 == C.length) {
                for (J = 0; 3 > J; J++) O[J] += C[J];
                for (J = (C = 0, [13, 8, 13, 12, 16, 5, 3, 10, 15]); 9 > C; C++) O[3](O, C % 3, J[C])
            }
        },
        Vz = function(C, O, J, p, L) {
            J = w(O, (L = H((J = (C &= (p = C & 3, 4), H(O)), O)), J)), C && (J = Ax("" + J)), p && A(O, n(J.length, 2), L), A(O, J, L)
        },
        TN = function(C, O, J, p, L) {
            for (L = (p = (O.j8 = (O.wZ = zN({get: (O.El = (O.NL = O[R], O.c6 = Yc, n8), function() {
                        return this.concat()
                    })
                }, O.G), T[O.G](O.wZ, {
                    value: {
                        value: {}
                    }
                })), 0), []); 128 > p; p++) L[p] = String.fromCharCode(p);
            W(O, true, (e(((e([(F((V((V(107, O, (V(443, O, (F(O, 40, (V(430, (F(O, 35, (F((F(O, (F(O, (V(9, (F(O, (V(265, O, (V(358, O, (F(O, (V(466, (F((F(O, 387, (F(O, (F((F(O, (F(O, 489, (F(O, ((F(O, (F(O, 457, (F(O, 64, (F(O, 261, (F(((F(O, 287, (F(O, 485, (V((F(O, 477, (V(391, (F((F(O, (V(22, (F(O, 496, (F(O, (V(498, O, (V(215, (V(286, ((O.f3 = function(v) {
                this.C = v
            }, O.H = (O.Y = void 0, O.l = 0, p = window.performance || {}, O.K = [], 1), O).X = (O.W = [], O.L = void 0, O.I = false, (O.h = void 0, O).J = (O.K3 = (O.S = 25, O.D = void 0, false), O.B = null, O.C = O, O.Yx = (O.O = false, []), (O.Z = 8001, O.o = 0, O).A = [], 0), O.P = 0, (O.F = 0, O).g = (O.sl = (O.U = void 0, 0), []), O.R = 0, O.u = (O.N = void 0, void 0), []), O.hU = p.timeOrigin || (p.timing || {}).navigationStart || 0, O), 0), O), 0), [0, 0, 0])), 411), function(v, l, z, I, b, t, B, Q, r, Z, q, f) {
                function k(u, S) {
                    for (; Z < u;) f |= K(v) << Z, Z += 8;
                    return f >>= (Z -= u, S = f & (1 << u) - 1, u), S
                }
                for (Q = (z = (r = (f = Z = (t = H(v), 0), (k(3) | 0) + 1), l = k(5), 0), []), I = 0; z < l; z++) B = k(1), Q.push(B), I += B ? 0 : 1;
                for (q = (z = ((I | 0) - 1).toString(2).length, []), I = 0; I < l; I++) Q[I] || (q[I] = k(z));
                for (z = 0; z < l; z++) Q[z] && (q[z] = H(v));
                for (b = []; r--;) b.push(w(v, H(v)));
                F(v, t, function(u, S, io, d, y) {
                    for (io = (d = (S = 0, []), []); S < l; S++) {
                        if (!(y = q[S], Q)[S]) {
                            for (; y >= d.length;) d.push(H(u));
                            y = d[y]
                        }
                        io.push(y)
                    }
                    u.U = (u.D = uo(u, b.slice()), uo(u, io))
                })
            }), function(v, l) {
                (v = (l = H(v), w(v.C, l)), v[0]).removeEventListener(v[1], v[2], G)
            })), O), {}), 68), function(v) {
                K8(4, v)
            }), O), 230, function(v, l, z, I, b) {
                0 !== (l = w(v, (z = (I = w(v, (b = (l = (I = H((z = (b = H(v), H)(v), v)), H(v)), w(v.C, b)), I)), w(v, z)), l)), b) && (l = lo(l, I, 1, v, b, z), b.addEventListener(z, l, G), V(471, v, [b, z, l]))
            }), O), 677), function(v, l, z, I) {
                (I = (l = (z = H(v), K)(v), H)(v), V)(I, v, w(v, z) >>> l)
            })), 417), O, []), function(v, l) {
                W_((l = w(v, H(v)), l), v.C)
            })), function(v, l, z, I) {
                !P(v, true, l, false) && (l = Ic(v), z = l.i, I = l.C3, v.C == v || z == v.f3 && I == v) && (V(l.Xl, v, z.apply(I, l.v)), v.R = v.j())
            })), O).xx = 0, O), 3, function(v) {
                K8(1, v)
            }), function(v, l, z, I, b) {
                (l = H((b = (z = H(v), H(v)), v)), v.C == v) && (I = w(v, z), l = w(v, l), b = w(v, b), I[b] = l, 373 == z && (v.h = void 0, 2 == b && (v.N = D(false, v, 32), v.h = void 0)))
            })), function(v, l, z) {
                (l = H((z = H(v), v)), V)(l, v, "" + w(v, z))
            })), function(v, l, z, I) {
                V((l = w(v, (I = w(v, (l = H((I = H(v), v)), z = H(v), I)), l)), z), v, +(I == l))
            })), O.gZ = 0, 347), function(v, l, z, I) {
                V((l = w(v, (I = w((z = (I = H(v), H(v)), v), I), z)), z), v, l + I)
            }), O).bm = 0, 112), function(v) {
                Jx(4, v)
            }), function(v, l, z, I) {
                if (l = v.Yx.pop()) {
                    for (z = K(v); 0 < z; z--) I = H(v), l[I] = v.X[I];
                    v.X = (l[l[358] = v.X[358], 430] = v.X[430], l)
                } else V(286, v, v.F)
            })), 17), function(v, l, z, I, b) {
                for (l = (I = GN((b = H(v), v)), z = 0, []); z < I; z++) l.push(K(v));
                V(b, v, l)
            }), O), 181, function(v) {
                Vz(4, v)
            }), 376), function(v, l, z, I, b, t) {
                P(v, true, l, false) || (b = Ic(v.C), l = b.Xl, z = b.i, t = b.C3, b = b.v, I = b.length, z = 0 == I ? new t[z] : 1 == I ? new t[z](b[0]) : 2 == I ? new t[z](b[0], b[1]) : 3 == I ? new t[z](b[0], b[1], b[2]) : 4 == I ? new t[z](b[0], b[1], b[2], b[3]) : 2(), V(l, v, z))
            }), function(v, l, z, I) {
                V((l = w((z = (I = (l = (z = H(v), H(v)), H)(v), w(v, z)), v), l), I), v, z in l | 0)
            })), O), 351, function(v, l, z) {
                V((l = (l = w(v, (l = H(v), z = H(v), l)), rV(l)), z), v, l)
            }), O), 0), 252), function(v, l, z) {
                P(v, true, l, false) || (l = H(v), z = H(v), V(z, v, function(I) {
                    return eval(I)
                }(ZC(w(v.C, l)))))
            }), [])), F(O, 244, function(v, l, z, I, b, t) {
                if (!P(v, true, l, true)) {
                    if ("object" == (v = w((t = (b = (b = (t = (l = H((z = H(v), v)), H(v)), H(v)), l = w(v, l), w(v, b)), w)(v, t), v), z), rV(v))) {
                        for (I in z = [], v) z.push(I);
                        v = z
                    }
                    for (z = (t = 0 < (I = 0, t) ? t : 1, v.length); I < z; I += t) l(v.slice(I, (I | 0) + (t | 0)), b)
                }
            }), [160, 0, 0])), 504), function(v, l, z) {
                0 != w((z = w(v, (z = H((l = H(v), v)), z)), v), l) && V(286, v, z)
            }), O), N(4)), 322), function(v, l, z, I, b, t, B) {
                for (B = (t = (z = w(v, (I = (b = H(v), GN)(v), l = "", 484)), z).length, 0); I--;) B = ((B | 0) + (GN(v) | 0)) % t, l += L[z[B]];
                V(b, v, l)
            }), 393), function(v, l, z, I) {
                l = w(v, (I = (z = H((I = (l = H(v), H)(v), v)), w(v, I)), l)), V(z, v, l[I])
            }), O), 442, function(v, l, z, I) {
                (l = (z = H((I = H(v), v)), H(v)), V)(l, v, w(v, I) || w(v, z))
            }), function() {})), O), 2048), function(v) {
                Vz(3, v)
            })), O)), c)), 471), O, 0), O), 486, function(v, l, z, I, b) {
                V((l = w(v, (z = w(v, (b = H((z = (I = H(v), H(v)), l = H(v), v)), z)), b = w(v, b), l)), I), v, lo(l, z, b, v))
            }), qs)], O), e)([h, J], O), [Sw, C]), O), true))
        },
        Ns = function(C, O, J, p) {
            try {
                p = C[((O | 0) + 2) % 3], C[O] = (C[O] | 0) - (C[((O | 0) + 1) % 3] | 0) - (p | 0) ^ (1 == O ? p << J : p >>> J)
            } catch (L) {
                throw L;
            }
        },
        GN = function(C, O) {
            return (O = K(C), O & 128) && (O = O & 127 | K(C) << 7), O
        },
        H_ = function(C, O, J, p) {
            return (p = g[C.substring(0, 3) + "_"]) ? p(C.substring(3), O, J) : Ec(O, C)
        },
        F = function(C, O, J) {
            J[V(O, C, J), qs] = 2796
        },
        g, V = function(C, O, J) {
            if (286 == C || 215 == C) O.X[C] ? O.X[C].concat(J) : O.X[C] = uo(O, J);
            else {
                if (O.I && 373 != C) return;
                265 == C || 9 == C || 417 == C || 358 == C || 498 == C ? O.X[C] || (O.X[C] = P_(118, C, J, O)) : O.X[C] = P_(9, C, J, O)
            }
            373 == C && (O.N = D(false, O, 32), O.h = void 0)
        },
        kc = function(C, O, J) {
            return C.V(function(p) {
                J = p
            }, false, O), J
        },
        f8 = function(C) {
            return C
        },
        Ec = function(C, O) {
            return C(function(J) {
                J(O)
            }), [function() {
                return O
            }]
        },
        uo = function(C, O, J) {
            return (J = T[C.G](C.j8), J)[C.G] = function() {
                return O
            }, J.concat = function(p) {
                O = p
            }, J
        },
        C8 = function(C, O, J, p, L) {
            for (p = (C = (L = C[2] | 0, C)[3] | 0, 0); 14 > p; p++) J = J >>> 8 | J << 24, J += O | 0, J ^= L + 2298, O = O << 3 | O >>> 29, C = C >>> 8 | C << 24, C += L | 0, L = L << 3 | L >>> 29, C ^= p + 2298, L ^= C, O ^= J;
            return [O >>> 24 & 255, O >>> 16 & 255, O >>> 8 & 255, O >>> 0 & 255, J >>> 24 & 255, J >>> 16 & 255, J >>> 8 & 255, J >>> 0 & 255]
        },
        K = function(C) {
            return C.D ? v_(C, C.U) : D(true, C, 8)
        },
        W_ = function(C, O) {
            (O.Yx.push(O.X.slice()), O.X)[286] = void 0, V(286, O, C)
        },
        ac = function(C, O, J, p) {
            return (V(286, C, ((p = w(C, 286), C.g) && p < C.F ? (V(286, C, C.F), W_(J, C)) : V(286, C, J), tx(C, O), p)), w)(C, 22)
        },
        X, w = function(C, O) {
            if ((C = C.X[O], void 0) === C) throw [a, 30, O];
            if (C.value) return C.create();
            return (C.create(4 * O * O + -12 * O + 4), C).prototype
        },
        U = function(C, O, J) {
            J = this;
            try {
                TN(O, this, C)
            } catch (p) {
                m(p, this), O(function(L) {
                    L(J.Y)
                })
            }
        },
        P_ = function(C, O, J, p, L, v, l, z) {
            return J = [87, -12, -24, -71, (v = C & 7, z = xc, 14), -5, J, -72, -32, 90], l = T[p.G](p.wZ), l[p.G] = function(I) {
                v += 6 + 7 * C, v &= (L = I, 7)
            }, l.concat = function(I) {
                return (I = (I = (I = O % 16 + 1, -224 * L + (z() | 0) * I - I * L + 56 * L * L + v + J[v + 51 & 7] * O * I - -672 * O * L - 224 * O * O * L + 4 * O * O * I), J[I]), L = void 0, J[(v + 29 & 7) + (C & 2)] = I, J)[v + (C & 2)] = -12, I
            }, l
        },
        D = function(C, O, J, p, L, v, l, z, I, b, t, B, Q, r) {
            if (t = w(O, 286), t >= O.F) throw [a, 31];
            for (r = (v = (B = 0, L = O.NL.length, J), t); 0 < v;) Q = r >> 3, I = r % 8, p = 8 - (I | 0), p = p < v ? p : v, l = O.g[Q], C && (b = O, b.h != r >> 6 && (b.h = r >> 6, z = w(b, 373), b.L = C8([0, 0, z[1], z[2]], b.N, b.h)), l ^= O.L[Q & L]), B |= (l >> 8 - (I | 0) - (p | 0) & (1 << p) - 1) << (v | 0) - (p | 0), v -= p, r += p;
            return V(286, (C = B, O), (t | 0) + (J | 0)), C
        },
        m = function(C, O) {
            O.Y = ((O.Y ? O.Y + "~" : "E:") + C.message + ":" + C.stack).slice(0, 2048)
        },
        c = this || self,
        E = c.requestIdleCallback ? function(C) {
            requestIdleCallback(function() {
                C()
            }, {
                timeout: 4
            })
        } : c.setImmediate ? function(C) {
            setImmediate(C)
        } : function(C) {
            setTimeout(C, 0)
        },
        p8 = function(C, O, J, p, L) {
            if ((L = C[0], L) == M) O.S = 25, O.s(C);
            else if (L == R) {
                J = C[1];
                try {
                    p = O.Y || O.s(C)
                } catch (v) {
                    m(v, O), p = O.Y
                }
                J(p)
            } else if (L == bo) O.s(C);
            else if (L == h) O.s(C);
            else if (L == Sw) {
                try {
                    for (p = 0; p < O.A.length; p++) try {
                        J = O.A[p], J[0][J[1]](J[2])
                    } catch (v) {}
                } catch (v) {}(0, C[1])(function(v, l) {
                    O.V(v, true, l)
                }, (O.A = [], function(v) {
                    (e((v = !O.K.length, [ew]), O), v) && W(O, true, false)
                }))
            } else {
                if (L == Y) return p = C[2], V(247, O, C[6]), V(22, O, p), O.s(C);
                L == ew ? (O.g = [], O.W = [], O.X = null) : L == qs && "loading" === c.document.readyState && (O.B = function(v, l) {
                    function z() {
                        l || (l = true, v())
                    }(c.document.addEventListener("DOMContentLoaded", z, (l = false, G)), c).addEventListener("load", z, G)
                })
            }
        },
        L8 = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        bo = [],
        ew = [],
        M = (U.prototype.kx = void 0, U.prototype.T = "toString", []),
        R = [],
        a = (U.prototype.Da = false, U.prototype.RF = void 0, {}),
        h = [],
        Sw = [],
        qs = [],
        Y = [],
        xc = (((wV, function() {})(N), Ns, function() {})(sc), void 0),
        T = a.constructor,
        n8 = (((((((X = U.prototype, U).prototype.G = "create", X.m5 = function(C, O, J, p, L) {
            for (L = p = 0; L < C.length; L++) p += C.charCodeAt(L), p += p << 10, p ^= p >> 6;
            return (p = (p += p << 3, p ^= p >> 11, C = p + (p << 15) >>> 0, new Number(C & (1 << O) - 1)), p)[0] = (C >>> O) % J, p
        }, X.V = function(C, O, J, p, L) {
            if ((J = "array" === rV(J) ? J : [J], this).Y) C(this.Y);
            else try {
                p = !this.K.length, L = [], e([M, L, J], this), e([R, C, L], this), O && !p || W(this, O, true)
            } catch (v) {
                m(v, this), C(this.Y)
            }
        }, X).aF = function(C, O, J, p, L, v) {
            for (L = v = (p = [], 0); L < C.length; L++)
                for (J = J << O | C[L], v += O; 7 < v;) v -= 8, p.push(J >> v & 255);
            return p
        }, X.B6 = function(C, O, J) {
            return C ^ (O ^= O << 13, O ^= O >> 17, (O = (O ^ O << 5) & J) || (O = 1), O)
        }, X).ML = function() {
            return Math.floor(this.J + (this.j() - this.o))
        }, X.j = (window.performance || {}).now ? function() {
            return this.hU + window.performance.now()
        } : function() {
            return +new Date
        }, X).Ul = function() {
            return Math.floor(this.j())
        }, U).prototype.s = function(C, O) {
            return O = (xc = function() {
                    return C == O ? 4 : -46
                }, C = {}, {}),
                function(J, p, L, v, l, z, I, b, t, B, Q, r, Z, q, f) {
                    t = C, C = O;
                    try {
                        if (B = J[0], B == h) {
                            I = J[1];
                            try {
                                for (f = (L = [], v = atob(I), Z = 0); Z < v.length; Z++) p = v.charCodeAt(Z), 255 < p && (L[f++] = p & 255, p >>= 8), L[f++] = p;
                                V(373, this, (this.F = (this.g = L, this.g.length << 3), [0, 0, 0]))
                            } catch (k) {
                                x(k, 17, this);
                                return
                            }
                            tx(this, 8001)
                        } else if (B == M) J[1].push(w(this, 265).length, w(this, 417).length, w(this, 430), w(this, 9).length), V(22, this, J[2]), this.X[101] && ac(this, 8001, w(this, 101));
                        else {
                            if (B == R) {
                                b = (q = (L = J[2], n((w(this, 265).length | 0) + 2, 2)), this.C), this.C = this;
                                try {
                                    z = w(this, 358), 0 < z.length && A(this, n(z.length, 2).concat(z), 265, 10), A(this, n(this.H, 1), 265, 109), A(this, n(this[R].length, 1), 265), v = 0, v += w(this, 466) & 2047, r = w(this, 9), v -= (w(this, 265).length | 0) + 5, 4 < r.length && (v -= (r.length | 0) + 3), 0 < v && A(this, n(v, 2).concat(N(v)), 265, 15), 4 < r.length && A(this, n(r.length, 2).concat(r), 265, 156)
                                } finally {
                                    this.C = b
                                }
                                if (Q = (((f = N(2).concat(w(this, 265)), f)[1] = f[0] ^ 6, f)[3] = f[1] ^ q[0], f[4] = f[1] ^ q[1], this).dZ(f)) Q = "!" + Q;
                                else
                                    for (Q = "", v = 0; v < f.length; v++) l = f[v][this.T](16), 1 == l.length && (l = "0" + l), Q += l;
                                return w(this, (V(430, ((w(this, (Z = Q, 265)).length = L.shift(), w)(this, 417).length = L.shift(), this), L.shift()), 9)).length = L.shift(), Z
                            }
                            if (B == bo) ac(this, J[2], J[1]);
                            else if (B == Y) return ac(this, 8001, J[1])
                        }
                    } finally {
                        C = t
                    }
                }
        }(), U.prototype.oF = 0, U.prototype).tU = 0, /./);
    U.prototype.dZ = function(C, O, J, p) {
        if (O = window.btoa) {
            for (p = 0, J = ""; p < C.length; p += 8192) J += String.fromCharCode.apply(null, C.slice(p, p + 8192));
            C = O(J).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
        } else C = void 0;
        return C
    };
    var Yc, jw = (U.prototype[Sw] = [0, 0, 1, 1, 0, 1, 1], h).pop.bind(U.prototype[M]),
        ZC = ((Yc = zN({get: jw
        }, (n8[U.prototype.T] = jw, U.prototype.G)), U).prototype.v6 = void 0, function(C, O) {
            return (O = Qz()) && 1 === C.eval(O.createScript("1")) ? function(J) {
                return O.createScript(J)
            } : function(J) {
                return "" + J
            }
        }(c));
    (40 < (g = c.botguard || (c.botguard = {}), g).m || (g.m = 41, g.bg = B_, g.a = H_), g).hDL_ = function(C, O, J) {
        return [(J = new U(C, O), function(p) {
            return kc(J, p)
        })]
    };
}).call(this);
#3 JavaScript::Eval (size: 22) - SHA256: 1bb4b16c7de163ff866b60976156d8c769e3cd8f2b5bdea3c85e854c986003d6
0,
function(v) {
    Jx(1, v)
}
#4 JavaScript::Eval (size: 62) - SHA256: 656ddb7093a608f140df5a991c579e27ad31e247a6ded28fa406e948965cf12a
0,
function(v, l, z) {
    z = (l = (z = H(v), H(v)), v.X[z]) && w(v, z), V(l, v, z)
}
#5 JavaScript::Eval (size: 22) - SHA256: 96bc32102142a2b26979b51faca0349f415898ceeba6ca594e7498b337aa0808
0,
function(v) {
    Jx(2, v)
}

Executed Writes (0)


HTTP Transactions (80)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8527
Expires: Thu, 24 Nov 2022 07:02:36 GMT
Date: Thu, 24 Nov 2022 04:40:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2495
Expires: Thu, 24 Nov 2022 05:22:04 GMT
Date: Thu, 24 Nov 2022 04:40:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3488
Cache-Control: max-age=110935
Date: Thu, 24 Nov 2022 04:40:29 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 11:29:24 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: Y/UafJqcRfpMrdWJpPBMgGTh0oq6an33nVBJPtwKT1GurXiO77xoERXwDuhuP81JrPHFmDpWkP8=
x-amz-request-id: 541CNQTFJXBD8XAS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 03:43:14 GMT
age: 3435
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 04:18:55 GMT
cache-control: public,max-age=3600
age: 1294
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /cart?cart_token=f7c2dfba-6b9b-11ed-9ca5-0209f11817a0-637ed091e09c4&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=5eefb1a0-6b9c-11ed-8222-f97593481d41 HTTP/1.1 
Host: seguro.caixamisteriosa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         170.82.174.30
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Thu, 24 Nov 2022 04:40:29 GMT
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://seguro.caixamisteriosa.net:443/cart?cart_token=f7c2dfba-6b9b-11ed-9ca5-0209f11817a0-637ed091e09c4&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=5eefb1a0-6b9c-11ed-8222-f97593481d41
X-GoCache-CacheStatus: BYPASS
Server: gocache


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   134
Md5:    4aa7a432bb447f094408f1bd6229c605
Sha1:   1965c4952cc8c082a6307ed67061a57aab6632fa
Sha256: 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 24 Nov 2022 04:40:29 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 04:08:53 GMT
cache-control: public,max-age=3600
age: 1897
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D7548296332965340531C7DF22969B5DA03E77BBA41AB7FCD154FF85C1E1CE04"
Last-Modified: Tue, 22 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21559
Expires: Thu, 24 Nov 2022 10:39:49 GMT
Date: Thu, 24 Nov 2022 04:40:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2940
Cache-Control: max-age=105323
Date: Thu, 24 Nov 2022 04:40:30 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 09:55:53 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1QlOjPiEe9yMyOYUkFz1aw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.41.91.37
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1rmmYBGIVuUbjpcCsx0wIqV4Lpc=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6491
Expires: Thu, 24 Nov 2022 06:28:42 GMT
Date: Thu, 24 Nov 2022 04:40:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6491
Expires: Thu, 24 Nov 2022 06:28:42 GMT
Date: Thu, 24 Nov 2022 04:40:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6491
Expires: Thu, 24 Nov 2022 06:28:42 GMT
Date: Thu, 24 Nov 2022 04:40:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6491
Expires: Thu, 24 Nov 2022 06:28:42 GMT
Date: Thu, 24 Nov 2022 04:40:31 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ngJvyUydpRDSiYy9kfeh8JmydmR_K8mjfZtGLgT0qeE2JaABbDMSaQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:06:51 GMT
age: 23620
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8089
Md5:    c8f6118fc03f31862ff68fef8a2b9a7f
Sha1:   318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
Sha256: cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:22:09 GMT
age: 76702
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6789
Md5:    d9d93b2a6875d446c3467eb49767eef5
Sha1:   303c571b13b05fcf27ee1159d8fdf6369aaef0a2
Sha256: 2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
                                        
                                            GET /cart?cart_token=f7c2dfba-6b9b-11ed-9ca5-0209f11817a0-637ed091e09c4&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=5eefb1a0-6b9c-11ed-8222-f97593481d41 HTTP/1.1 
Host: seguro.caixamisteriosa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         170.82.173.30
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Thu, 24 Nov 2022 04:40:30 GMT
location: https://seguro.caixamisteriosa.net/checkout/payment?cart_token=f7c2dfba-6b9b-11ed-9ca5-0209f11817a0-637ed091e09c4&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=5eefb1a0-6b9c-11ed-8222-f97593481d41
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InpMUDhrbHV6M0diZ0tHYlhoRGEyZVE9PSIsInZhbHVlIjoiaHFkSjFkaFJma1VnQlIza0Jsa1JyZVJibmV2UmJoSEFvSGh1Z2U4K3lmNjNUdExCdzhsOElsYzRhQU9OZkdtWnVlNkZvajZtSUJ5WitibXR2MVVadmc9PSIsIm1hYyI6ImMxMWQyMmFmOTkxYWY2MzQ3NGMxZjhhZmNmNzA5NmRkYmRhYzdjNDFjZDNlZWYxMTQ0ODc2OTg5NGI0MzQxNzYifQ%3D%3D; expires=Thu, 24-Nov-2022 07:40:30 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6ImFXR1wvbHhHd2M2RHBSc3dYUDFYSkhBPT0iLCJ2YWx1ZSI6InhjbDhtQ3RDV2dNcTVITkprQnNhRDBHQmVXdWhhOElOZ2pRTVwvck9TY291dTFWNHlxNlRjQnRHWlZ2WW5CRmtUbjJkSlROODBPWUdcL1RYc1lMK1NTeFE9PSIsIm1hYyI6ImM2M2VkNDM2ZDAwNDg2NTE4Y2I3MDJlZTBjZTZlNjNjNmY1MzBlNjgwNTZhNWQ3OGQwNDQ5YTAxMjk5YTEwOTYifQ%3D%3D; expires=Thu, 24-Nov-2022 07:40:30 GMT; Max-Age=10800; path=/; httponly caixa-misteriosa9_cart=eyJpdiI6IjltR0hZalZyV3owU0krRDBveXptbUE9PSIsInZhbHVlIjoibnlXcmk0Wm5cL1grcm0zc1c4eFpmVlBhWDBlU1RwcnZSR1UrSnp0SVdzXC80ejFJNGVWMjFhWjFVU1c1S2p2b1ZPV2ltRkJHZ1FJSytxdW1FeWZMQVlHdz09IiwibWFjIjoiNDQzZGU1YjVlN2ZjODhhODZlNTFiOWNiM2E5ODU1ZWI5ZTM2ZGJkNWQzNDYzNDE0ZDhkYjdkODIzYWUyZjUwNSJ9; expires=Tue, 29-Nov-2022 04:40:30 GMT; Max-Age=432000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   17645
Md5:    9f93e3c3e357dcbd0bae2c2fbadaea7d
Sha1:   ca5bc48ddaa8446adda420d040c6dde7361be188
Sha256: 04fd2e0ce619f4d2b333c0d9096548f03720a3cab36dae02840fc6d413c770c7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DYBcunpyI0FBJsJGh1kKpFI3X8kzCkO3mCxzUtWnaMKBT-Bv-zkq3Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:59:18 GMT
age: 24073
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13882
Md5:    64d79191f005c9876b952c5f948aa0f7
Sha1:   1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
Sha256: 00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11401
x-amzn-requestid: 3bc374eb-7d70-4b95-94a7-2ad06cae4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtHcmoAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-333793987245ff9e741b9aed;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K4A6bdVv0gauO3YWTEPWMS6fhuB9CZ6o5dUL-O6G5-NzqOGQRzQLUw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:04 GMT
age: 24687
etag: "4b131a189db1b615e2519a28cad83d78297ab67f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11401
Md5:    eb94ecb5881a7e49d964e4287d11e7a4
Sha1:   4b131a189db1b615e2519a28cad83d78297ab67f
Sha256: f3693e29eb7b72361093434142e3f18969c1a0b02350fab430fa29c7c127bd1a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ed43-823b-41a5-9073-733ac15040d1.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10667
x-amzn-requestid: 985ed1c6-49ed-4851-8a79-f700bbe027c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsGkSIAMFvDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-260dc99256e117e85643b441;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _fs5EfJzWkPQB-Ur7_YVmCHySMj_WXiHUCK8w2nWYvrJSkDaquq37g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:50:57 GMT
etag: "10a988580bb7a1be72be5dd50d2aef9789f36b62"
age: 24574
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10667
Md5:    f0dfc05d73111c498bb0e844105a02f6
Sha1:   10a988580bb7a1be72be5dd50d2aef9789f36b62
Sha256: 3852f331fe12a0a8e6007409f043da6aabadbb8f2883e87ae72ca8d70d31727f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 543
Cache-Control: max-age=124888
Date: Thu, 24 Nov 2022 04:40:32 GMT
Etag: "637e3879-118"
Expires: Fri, 25 Nov 2022 15:22:00 GMT
Last-Modified: Wed, 23 Nov 2022 15:12:57 GMT
Server: ECS (amb/6B92)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 04:40:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 04:40:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5534
Cache-Control: max-age=90616
Date: Thu, 24 Nov 2022 04:40:32 GMT
Etag: "637d9f1a-116"
Expires: Fri, 25 Nov 2022 05:50:48 GMT
Last-Modified: Wed, 23 Nov 2022 04:18:34 GMT
Server: ECS (amb/6BA0)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Thu, 24 Nov 2022 04:40:32 GMT
date: Thu, 24 Nov 2022 04:40:32 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   583
Md5:    6b3cb5bbe301fdd0a49c69f1f7c55f2b
Sha1:   b7718b95e61ec3f794d358fc292dcee74f395dde
Sha256: 505ac8bc7638a897b56c0c13295f4694c8a6830beb4daaea67131ba553b0197b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=171483
Date: Thu, 24 Nov 2022 04:40:32 GMT
Etag: "637ef09b-117"
Expires: Sat, 26 Nov 2022 04:18:35 GMT
Last-Modified: Thu, 24 Nov 2022 04:18:35 GMT
Server: nginx
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3074
Cache-Control: max-age=88156
Date: Thu, 24 Nov 2022 04:40:32 GMT
Etag: "637d9f1a-116"
Expires: Fri, 25 Nov 2022 05:09:48 GMT
Last-Modified: Wed, 23 Nov 2022 04:18:34 GMT
Server: ECS (amb/6BBA)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=171483
Date: Thu, 24 Nov 2022 04:40:32 GMT
Etag: "637ef09b-117"
Expires: Sat, 26 Nov 2022 04:18:35 GMT
Last-Modified: Thu, 24 Nov 2022 04:18:35 GMT
Server: nginx
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=171483
Date: Thu, 24 Nov 2022 04:40:32 GMT
Etag: "637ef09b-117"
Expires: Sat, 26 Nov 2022 04:18:35 GMT
Last-Modified: Thu, 24 Nov 2022 04:18:35 GMT
Server: nginx
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=171483
Date: Thu, 24 Nov 2022 04:40:32 GMT
Etag: "637ef09b-117"
Expires: Sat, 26 Nov 2022 04:18:35 GMT
Last-Modified: Thu, 24 Nov 2022 04:18:35 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 04:40:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 04:40:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /fa/4.7.0/fa.css HTTP/1.1 
Host: fonts.dooki.com.br
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.0.53
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 24 Nov 2022 04:40:32 GMT
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: HIT
age: 608
expires: Fri, 02 Dec 2022 04:40:32 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef7794999db518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   7358
Md5:    45b79cc98afbd00481ccf791041ef637
Sha1:   759d19cef3d629eb984cd8b0e020f8f92e962ea6
Sha256: 2be017ae7a36876a64188a986ee052b866bc200bfbff03081df93abe5ca8ae25
                                        
                                            GET /v0.js HTTP/1.1 
Host: js.upnid.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         130.211.14.112
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
vary: Origin
content-encoding: br
via: 1.1 google
content-length: 8310
date: Thu, 24 Nov 2022 00:40:16 GMT
age: 14416
last-modified: Tue, 19 Jan 2021 20:16:07 GMT
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (23050)
Size:   8310
Md5:    49fa980f95bb3bbff8b7a2857a727d5d
Sha1:   9e931943f03079522318820948018d78610eaca4
Sha256: 4e295d58275798f67bf7b9c48b8cae16238c9a3dabca082238e7bab8eaa34943
                                        
                                            POST /s/gts1d4/T24lFG9LNcQ HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 04:40:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3075
Cache-Control: max-age=124156
Date: Thu, 24 Nov 2022 04:40:33 GMT
Etag: "637e2bba-116"
Expires: Fri, 25 Nov 2022 15:09:49 GMT
Last-Modified: Wed, 23 Nov 2022 14:18:34 GMT
Server: ECS (amb/6B92)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /assets/stores/caixa-misteriosa9/uploads/testimonies/62e96354775ca.jpeg HTTP/1.1 
Host: images.yampi.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 24 Nov 2022 04:40:33 GMT
content-length: 8822
x-amz-id-2: Bo7a2FiffHzk9Gmf/XHbcWOvTTU1o7vI+Fa8xCvRk8eiO6SZrQMbW+6BldwzxYkd+lKm9iMYwAc=
x-amz-request-id: 8WBWCTMC7X2EMG9G
last-modified: Tue, 02 Aug 2022 17:48:39 GMT
x-amz-version-id: xeytj2tGe9ZE1VBrjh._yFfBsbQCZQQP
etag: "64d0d3cf4cf12b175c2bfde2b119fd73"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkHU%2FkXzo%2F%2F1rCQ4klJB8kXrnH1t81sLWs%2FVwhq7%2Fhcp6vFa8unmB0QxzpCbBi%2FqUcrQazzbiaoKC9mNlTLxM6SEqWIwXN5MB4ApW7fNnDKJvqlq7RCvm2XXSmeKUgoheg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef7794e9bfb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 150x150, components 3\012- data
Size:   8822
Md5:    64d0d3cf4cf12b175c2bfde2b119fd73
Sha1:   04019ff621b4532ba77c40e18eae785e97e3b93d
Sha256: 90ecdbd3950f57dbb96db2644984870891e9627af8da6794452a8259c86a7997
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 04:40:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/stores/caixa-misteriosa9/uploads/testimonies/62e9635ebe532.jpeg HTTP/1.1 
Host: images.yampi.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 24 Nov 2022 04:40:33 GMT
content-length: 10320
x-amz-id-2: wfNSWLBb8LRKt2vASYWjGYe1dSTUjqQIqUt4u3t6XFbCvh3LIamA5NtwYW0bvbwj9Kuwkqx/X0M=
x-amz-request-id: 8WBJYF11HGW8A11X
last-modified: Tue, 02 Aug 2022 17:48:39 GMT
x-amz-version-id: AatCE1mkRL6z1GEYqQay5AQrkz_0GlQk
etag: "04572c76d141851db42a1a6e13d38b71"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lU1ibjoEKG7nVquYnZ9zP4WODwGy%2BAcKV%2Bn07NLcs9W7Ozg1sk2aHQyvg09yx%2FSC2VtiWMTgPG%2FPh6sQzl6I6CeazNISi%2Bk4gYbHAc9FGN7K8apXAAJ2Y9Yg%2BndQ5T5T4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef7794e9c0b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 150x150, components 3\012- data
Size:   10320
Md5:    04572c76d141851db42a1a6e13d38b71
Sha1:   aee88a71a5c7a780c6fb9aad074674ea7caab126
Sha256: f97dc1da935583662b69ee9320a707de02f9c9ae32c6c825fdcaf51ee0618d50
                                        
                                            GET /assets/stores/caixa-misteriosa9/uploads/testimonies/62e9636950b51.jpeg HTTP/1.1 
Host: images.yampi.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Thu, 24 Nov 2022 04:40:33 GMT
content-length: 9336
x-amz-id-2: WOHDPEOS7Kbw/Km7fgrMUKXv1a3r8dMiE8f0aqP8mo6e5MGwSdp4/yE9cPklR6rn7tsh4Y4JqBI=
x-amz-request-id: 8WBW12YAK1CEPG4V
last-modified: Tue, 02 Aug 2022 17:48:39 GMT
x-amz-version-id: HfrtBnZFXQLQQPWMe2SSfAQyOFUNAZMA
etag: "8220257871413a2a14ab3d6b964f6abf"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4z3JAOq4Mx5x85VwM0%2BGFqMe8Bt7VzuySXKqJHwYhUIhZDvB3PjfvveVSVywH3kDlbPmAqWzA%2FLznfa9yl22QgaXfTOL6I7qKMi%2BFY52Fnoo%2FGPJrJmrQgEL4rTTd6HFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef7794e9bdb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 150x150, components 3\012- data
Size:   9336
Md5:    8220257871413a2a14ab3d6b964f6abf
Sha1:   28a022b80018a30a0660cb2f87a0cb754133ef7a
Sha256: efda84dc3eaf3d6233cbd4f75430f5cfebc5926f06ffc195929fa8c671a12746
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3075
Cache-Control: max-age=124156
Date: Thu, 24 Nov 2022 04:40:33 GMT
Etag: "637e2bba-116"
Expires: Fri, 25 Nov 2022 15:09:49 GMT
Last-Modified: Wed, 23 Nov 2022 14:18:34 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:38:57 GMT
expires: Fri, 17 Nov 2023 21:38:57 GMT
cache-control: public, max-age=31536000
age: 543696
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Size:   33580
Md5:    848cd2ecd011428969dc6b90431bc482
Sha1:   6b1a7b562a56bd54510e0f6f95e26babca331a1b
Sha256: 981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 04:40:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=146997
Date: Thu, 24 Nov 2022 04:40:33 GMT
Etag: "637e7a7e-1d7"
Expires: Fri, 25 Nov 2022 21:30:30 GMT
Last-Modified: Wed, 23 Nov 2022 19:54:38 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tzlbl2Kon5zNE8v4cWKP1F23qI4JFEYitqamtYuX-nbytOsNmBu_og==
Age: 5752

                                        
                                            GET /i18n/pixel/config.js?sdkid=CDK4VU3C77U9GFT2SN80&hostname=seguro.caixamisteriosa.net HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202211240440333CB03F8B50A21E07660B
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f173f4e39a8ee9b793447051d492f0845087ab35ec8b8fd833bfa879063c82d1b19ca962df53a593201e30f3c9d15bf93765df69619f833596236c7bb8a53cdc4cf
content-encoding: gzip
content-length: 1833
x-origin-response-time: 6,104.96.220.13
x-akamai-request-id: 22bcd002.4b6bcd34
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a104-96-220-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=6, inner; dur=4
x-parent-response-time: 106,23.36.79.28
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (3948)
Size:   1833
Md5:    8654c2c9857a5aa7b5d2ce9618ca2f2f
Sha1:   372a424e2fa3817888f3e5b4f65d791a8ef927bf
Sha256: a78b3ee1fc7ef4d17a3f83978be8436317bb99e818cdb325dc693352add20b69
                                        
                                            GET /i18n/pixel/config.js?sdkid=CDUVI73C77UAFLPMLING&hostname=seguro.caixamisteriosa.net HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202211240440332021BEA953BCCF8F25A3
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f178b5bf5f300578692991b1213a8b8b24417576e39e7c509e30ace0f8a8605cba7e5b8b35395af52078ba915c44a60fdba1abd851133dece913bb2a1fe58c11305
content-encoding: gzip
content-length: 347
x-origin-response-time: 6,104.96.220.21
x-akamai-request-id: 16edbab1.4b6bcd36
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2HykhySUwHmknGsgSnYDDeGWPKA; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a104-96-220-21.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=6, inner; dur=5
x-parent-response-time: 106,23.36.79.28
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   347
Md5:    5cf900d78e41def37017bd375551cbfd
Sha1:   56ffd0e2a45e563c15667f179410521c8bdab33f
Sha256: 4fb1d6444df8406e392a54e13132c7bfae70aa8e796b7dc5f8a0378e29d99111
                                        
                                            GET /checkout/build/mix/assets/js/app.js?id=e004bdab01653a468c960c3569c402cb HTTP/1.1 
Host: awesome-assets.yampi.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.72.14
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 24 Nov 2022 04:40:32 GMT
x-amz-id-2: NRHsa6qucHQaiD3sC5dsd4mSTMl5ptA1rb1WB9pZudapWSWc7E9FXAqQiJ6YpdV9UR90y0pT+ZM=
x-amz-request-id: P200TN7ZJ2GWP78Q
last-modified: Fri, 04 Nov 2022 18:19:16 GMT
x-amz-version-id: vBH8I8U4Fk_cBjCH4K7uyIx8AtomnPkt
etag: W/"634f1880f47f3e97d885f3f34d5bf07b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 608
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5p%2BciL%2FcOoLDb8IlEQeaufVQaWqAHXMxXi2%2FToWzh%2FJsBck19Kj%2FGJIF2mFNoA18Sq5lAq51E3t%2BqQvXWSo53UDQqxXio40O0xkNQvT4G5jZq90BnLtQ3Eo%2FN4sijKbvFRS6WteCei9U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef779529dab518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   90448
Md5:    6b5b03a24fc8e56795d4c4747d153e75
Sha1:   ba7f68b256391041c160150992cd0cf8b4e2240d
Sha256: 7c10fc588816efbf40a86a2d1a2027b529a917819eeee4b902c25e7a1a84eaef
                                        
                                            GET /i18n/pixel/identify.js HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202211240440330368282E90371599E4BB
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebc0f278655a820d547eceeb1b49db66fad1e9f0d58eebf76213b5e837ae5607ee9e6c408469629777f3fc7b768fff304c8aa59ef91e99fbd15d26d82119f567e7
content-encoding: gzip
content-length: 30893
x-origin-response-time: 29,23.218.220.150
x-akamai-request-id: a4d06e0c.4b6bcd2f
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-220-150.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=159, origin; dur=28, inner; dur=3
x-parent-response-time: 186,23.36.79.28
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   30893
Md5:    e515ac1dcdf990a2f4cbae262abb14e6
Sha1:   f606e635deb76d029cc0870e112385b71c235465
Sha256: aa5ca6a548ebc4a572c6e77d1a3ef40dd2455f17f2c1c8fe0ee2d44bfdfeaaac
                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 734
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Cookie: _ttp=2Hyki0L9aoPUIr9jHesIe5kg8jd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221124044033425FC3F21B56E99BEA86
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f17bca6b02df9b37b7af32f39561a0e7022b54662177507466f3d38379df82dc87a3a8ea23fc3a09ae521cd00e13b59dcd284baa421d58d06c72824ebb4f8b5c730
x-origin-response-time: 18,104.96.220.39
x-akamai-request-id: 100135a8.4b6bcd7e
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a104-96-220-39.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=18, inner; dur=16
x-parent-response-time: 120,23.36.79.28
X-Firefox-Spdy: h2

                                        
                                            GET /assets/stores/caixa-misteriosa9/uploads/images/caixa-misteriosa-edicao-limitada-62e956810efef-thumb.png HTTP/1.1 
Host: images.yampi.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.67.72.14
HTTP/2 200 OK
content-type: image/png
                                        
date: Thu, 24 Nov 2022 04:40:33 GMT
content-length: 117743
x-amz-id-2: vOa8owwEgZ87vwoe6DrBr094NiyP+SuktQeVNRhoYidLwVyGSfnCLEyVnH0hGCkr+jg1yhmzuYI=
x-amz-request-id: 8WBW0NHJMYJJ0427
last-modified: Tue, 02 Aug 2022 16:53:23 GMT
x-amz-version-id: wxueA8hLCjwh4ss.lHtzFO4OeJGoc8G3
etag: "c5a167df4f433c249cb974e00f55de3f"
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ps4fnR%2FdZjCi7Zp7y3eU0xfjIO9dpqx8OsAaBRi%2ByawD5KEaHFb3pYMcxD8R41NfSlhp3BbQM8hsf0ko6gP5xG2YGxUrcjPGpGbsM60G%2BS2uONelC%2FtAR60mX8Q88wyAjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef7794e9beb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 290 x 247, 8-bit/color RGBA, non-interlaced\012- data
Size:   117743
Md5:    c5a167df4f433c249cb974e00f55de3f
Sha1:   0fdbc7b9bda3c0885fb55020b14ea919f2df40e8
Sha256: 25c6c5a4710bc8608fe80c63712c812d1d03a01caa6ff038254851525fa08878
                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 787
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Cookie: _ttp=2Hyki0L9aoPUIr9jHesIe5kg8jd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202211240440330368282E90371599E4C4
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebc0f278655a820d547eceeb1b49db66fa5bf8ba382ee6e76d645666de8b9f319449129f84f93fa46152b8f8d48ad724f63f26eb5928a909b81662b92d72b83893
x-origin-response-time: 18,23.218.220.150
x-akamai-request-id: a4d07a71.4b6bcd8d
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a23-218-220-150.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=18, inner; dur=15
x-parent-response-time: 118,23.36.79.28
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 787
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Cookie: _ttp=2Hyki0L9aoPUIr9jHesIe5kg8jd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221124044033AFAE01F6018B619BAA06
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb410876a1f960c1093ec15d696f5d075c536571590c0763fa958d5035518621cc184a155acdeaa7ede14bec3c2be903a70661a33baa3ceb5a15c45ce5d4fe7d3a
x-origin-response-time: 36,23.218.220.152
x-akamai-request-id: 146ac55.4b6bcd92
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a23-218-220-152.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=110, origin; dur=36, inner; dur=18
x-parent-response-time: 143,23.36.79.28
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 888
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Cookie: _ttp=2Hyki0L9aoPUIr9jHesIe5kg8jd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221124044033C37E220DF5C25396FB4A
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1bebc0f278655a820d547eceeb1b49db66fa751607adfb2437b7dcc78e867e7a1a07ef5ab894f16b342da3f0f249b90009889e5a7bdb7da099e2f4478bf3df9a5eba
x-origin-response-time: 24,23.218.220.150
x-akamai-request-id: a4d068e3.4b6bcd8c
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a23-218-220-150.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=136, origin; dur=24, inner; dur=17
x-parent-response-time: 149,23.36.79.28
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 941
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Cookie: _ttp=2Hyki0L9aoPUIr9jHesIe5kg8jd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221124044033C1C66EDDD73416984206
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb78f461edea52c08d6017cfa79fc0b9d348444c4e6bb1268b97512ea0f0a08d87578a243390dd48e64f289f7535484d93696a56d46eab441e95c6c2a88665b9d2
x-origin-response-time: 23,23.218.220.133
x-akamai-request-id: af0c3fd0.4b6bcd94
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a23-218-220-133.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=136, origin; dur=23, inner; dur=17
x-parent-response-time: 156,23.36.79.28
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 779
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Cookie: _ttp=2Hyki0L9aoPUIr9jHesIe5kg8jd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221124044033DEDFCC1CAC8FF2A12176
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f17bca6b02df9b37b7af32f39561a0e7022fc3f6f858b62fb0dceb08b4d2c19fb481785e05db8ed73ce5128ac0c3b89ac470ac05eb9e57634721b29e568411ec45a
x-origin-response-time: 47,104.96.220.39
x-akamai-request-id: 1001354b.4b6bcd96
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a104-96-220-39.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=121, origin; dur=47, inner; dur=18
x-parent-response-time: 166,23.36.79.28
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 941
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Cookie: _ttp=2Hyki0L9aoPUIr9jHesIe5kg8jd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022112404403378AC581CB14DF3A9F7BD
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f17bca6b02df9b37b7af32f39561a0e70229782b37127abd42fed6620cf5e20f54c92bf426ab4face0db31b1617a2d821c54652659dbe4837eaf5d77c981cae5faa
x-origin-response-time: 37,104.96.220.39
x-akamai-request-id: 1001358b.4b6bcd8e
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a104-96-220-39.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=217, origin; dur=37, inner; dur=16
x-parent-response-time: 251,23.36.79.28
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 933
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Cookie: _ttp=2Hyki0L9aoPUIr9jHesIe5kg8jd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221124044033DEDFCC1CAC8FF2A12177
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f17bca6b02df9b37b7af32f39561a0e70224fc87c48407aef3a428619fde9e2caab029740c948e8e1b1079c14d8c95a548c1a5d77d17090a5fd158c1b86f886af31
x-origin-response-time: 35,104.96.220.39
x-akamai-request-id: 10013540.4b6bcd9a
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a104-96-220-39.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=198, origin; dur=34, inner; dur=30
x-parent-response-time: 229,23.36.79.28
X-Firefox-Spdy: h2

                                        
                                            GET /fa/4.7.0/fa.woff2?v=4.7.0 HTTP/1.1 
Host: fonts.dooki.com.br
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://fonts.dooki.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.18.0.53
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
date: Thu, 24 Nov 2022 04:40:33 GMT
content-length: 77160
x-amz-id-2: iUTOwFydP8RsPO1NtKniPNpqiMLObq0cuz8gcTZQCkYwx3XGTMO5MTYO/ALP2qMWyl1S6/86k/I=
x-amz-request-id: W2P7JD2NHFG77EAJ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 1800
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 10 Nov 2018 14:21:40 GMT
x-amz-version-id: null
etag: "af7ae505a9eed503f8b8e6982036873e"
cf-cache-status: MISS
expires: Fri, 02 Dec 2022 04:40:33 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 76ef77968ce3b500-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 04:40:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2862
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 04:40:34 GMT
Last-Modified: Thu, 24 Nov 2022 03:52:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:58:48 GMT
expires: Thu, 23 Nov 2023 14:58:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
age: 49306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (730)
Size:   162976
Md5:    79d18cf4265108d7cecca1bf4ada6109
Sha1:   e51d0285a545381d4c39e9e0292a650ffeeecbb9
Sha256: 59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 02:41:08 GMT
expires: Thu, 24 Nov 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 7166
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 04:40:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /e/t HTTP/1.1 
Host: seguro.caixamisteriosa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 376
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IjFXUDFyUWxENlE2MzMwN2FrT0JjYWc9PSIsInZhbHVlIjoiOUpDMnZQOGlxNFY5Zlgxd2x5SElSYUlhOHNnM3ZsOHZ2dk4wbzBUV1hGbDlmdk1cL1dXeTNlMEx2U1EyYkE1d0xHV2t6UTE1RHhmQ3VoYk1ESkJodVNnPT0iLCJtYWMiOiI1MjEzMWZkYzk3YzhhNDg4YzM1NTU5YzYxNWNmZjQ2NTMxM2YxYmRiOWY0ZGVhNzNkODAyMWNjZjllODYzYjA4In0%3D; bubbstore_checkout=eyJpdiI6InVWdVNMMldsRFRcL0djXC91Ym0yTDhsUT09IiwidmFsdWUiOiJiSEp5eERVcTRiS1g3NVpqWGhNdGlpZlFTOUlLNW5uSVpBeUZ2U2pKWCs1Q09OSDhwSnFkZTZlRHVPZnBRc01lWEVQZ09neWFmajV1MzFZdk00NXNuUT09IiwibWFjIjoiOGEzMDdmOGNiNWIyYWUxMTcyMGZhNGY2ZGYzNzdkNmMwOGNlMDZjYmI4YzQ4OTFlZjA2NzNlMGQ4MjQxNzlkNSJ9; caixa-misteriosa9_cart=eyJpdiI6IjltR0hZalZyV3owU0krRDBveXptbUE9PSIsInZhbHVlIjoibnlXcmk0Wm5cL1grcm0zc1c4eFpmVlBhWDBlU1RwcnZSR1UrSnp0SVdzXC80ejFJNGVWMjFhWjFVU1c1S2p2b1ZPV2ltRkJHZ1FJSytxdW1FeWZMQVlHdz09IiwibWFjIjoiNDQzZGU1YjVlN2ZjODhhODZlNTFiOWNiM2E5ODU1ZWI5ZTM2ZGJkNWQzNDYzNDE0ZDhkYjdkODIzYWUyZjUwNSJ9; cart_auth_282505829=eyJpdiI6IlVSdWhRT01VVHNwSHZNT0VmK3VpQnc9PSIsInZhbHVlIjoiQU83cDRNNldEV0dnd2ZOMG5tdDBJYnZ5TFJONGpSQWZKWFlWZExuT0d2VXh5OU1FazEwWEo4dUpvK0JOQXFISUJ3MXZadFlWa04wSDJxK3lSTmhCYnVkcVwvZEpFelN3UU9lSDN5OVhTVGRiaFwvMmpNTklMMjBoRExhMFlJaXIzZ1YzZzAreHh4RTRwNDFHNG5PMFQxNkNlK1N3WFliM3RkdGVIQ0FidmlBb1hnSDRxTStyQmgwc3IwQjBKQm1ZaEdOTk1LYW1WbDl6dW90Um5QMVwvTktjSlorcE1wRHN6VWFMWTdzSE9cLzJ1UkJQa1l6eTdvY2ljc2l2dTA5WXVCdG5cL29laGpTZDNcLytSV3NBNnQ2Tm5WYjJjRFBhN1l0bDM4dmdzTmFzREUrTFdreGVpNjdsYTc3Z0xPXC9wWFRhbkFaTDJ4ZEJtaXJiTWsyaEZXYnpTdHNiWEtja3RybDBLTnFqVldHazJwR0VIZWR1UlwvM1BxenpcL3JMMThLcDVOalBCY0FvbXc0eWlEUkdSYmZHczZYVnBsRnlaM0lHVysxZEtmUHhoQVFnWUpGS29QRG0xeGRqUGJEcGVpRXJXdDVEZXF0V1FXNkM5UWw3S3BnVDlsXC9FOEpuejBHTjRiVjBWNWRSdlwvS05DZCtIRk85bUc4UmwyYWlGRUZUWmpQZ0MxSlJcL1dpN0JGWWpHRjRNcjNGbGFcL1VWNzRjQjdFeFFpXC9OZ3c1MENwWTk0WG9vUUFoQnJRMjJjbGg3VU1LcjhTWWNOcVo2QkdEXC9KNUJmNE5IeTNaMGtmUT09IiwibWFjIjoiYTVjMTYwNDk3NTFlYjAyMzY1OGVkOTMyZGNlMDJmYzkxY2Y0Y2FiMWIzOWE3OTE3YzQ5MmU1ZDFiMjgzNmJiNiJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         170.82.173.30
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Thu, 24 Nov 2022 04:40:33 GMT
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6Inprd3VSRkVNWmdiMmx3K2I5Yyt1V0E9PSIsInZhbHVlIjoiRUJJelFcL0pzNDF5emx0VTZ1TjZPRER1UkdvSVFmd1FtXC9qRUkwWGdoMldmMEFzTHVlY3Y5TitBSHg5YXdodUtvSGJyQTNLcFh1XC94c081K0hyS2JYVFE9PSIsIm1hYyI6IjBjNGNhMzkwYTEyMDIxZGM5NTM1YjEzZGE3MWJmMDE4OWZjY2ExNTA0NTJlNzI2NzRjM2UwMzRlMjZkMmU5OGIifQ%3D%3D; expires=Thu, 24-Nov-2022 07:40:33 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6IlEycEhNa2xSeWQycDRJWFU4TEhmREE9PSIsInZhbHVlIjoiMjNPbXJYTGpPK2JudHFjV3BkSGNoMFBDcDZPOUJ1WTlEY0EraUFNTWJHeEhaUEFRQWZQUmowUHBkYjdDamxKZEE5XC9EbXNyOFhROVFwSDdRNWJPSXhnPT0iLCJtYWMiOiJkMDczNTVlMmYzZDQ1NjhkN2YzOTMwNTBhNDMzNDI3OTU2OWZkODc4ZDY1ZWM0ZjdmZjg3OWVkMzM5YjE5ZWIyIn0%3D; expires=Thu, 24-Nov-2022 07:40:33 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   491
Md5:    75ee4520af16f130e195790b6ccd7641
Sha1:   b8f26adff830446b0111a4e7b31e0149e37fe7d8
Sha256: e9ea53ac6d37932a71af4ed9a7b64ee8e35d9008624720a0ae82def8214d5747

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /cart/recomm HTTP/1.1 
Host: seguro.caixamisteriosa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/checkout/address
Cookie: XSRF-TOKEN=eyJpdiI6IjFXUDFyUWxENlE2MzMwN2FrT0JjYWc9PSIsInZhbHVlIjoiOUpDMnZQOGlxNFY5Zlgxd2x5SElSYUlhOHNnM3ZsOHZ2dk4wbzBUV1hGbDlmdk1cL1dXeTNlMEx2U1EyYkE1d0xHV2t6UTE1RHhmQ3VoYk1ESkJodVNnPT0iLCJtYWMiOiI1MjEzMWZkYzk3YzhhNDg4YzM1NTU5YzYxNWNmZjQ2NTMxM2YxYmRiOWY0ZGVhNzNkODAyMWNjZjllODYzYjA4In0%3D; bubbstore_checkout=eyJpdiI6InVWdVNMMldsRFRcL0djXC91Ym0yTDhsUT09IiwidmFsdWUiOiJiSEp5eERVcTRiS1g3NVpqWGhNdGlpZlFTOUlLNW5uSVpBeUZ2U2pKWCs1Q09OSDhwSnFkZTZlRHVPZnBRc01lWEVQZ09neWFmajV1MzFZdk00NXNuUT09IiwibWFjIjoiOGEzMDdmOGNiNWIyYWUxMTcyMGZhNGY2ZGYzNzdkNmMwOGNlMDZjYmI4YzQ4OTFlZjA2NzNlMGQ4MjQxNzlkNSJ9; caixa-misteriosa9_cart=eyJpdiI6IjltR0hZalZyV3owU0krRDBveXptbUE9PSIsInZhbHVlIjoibnlXcmk0Wm5cL1grcm0zc1c4eFpmVlBhWDBlU1RwcnZSR1UrSnp0SVdzXC80ejFJNGVWMjFhWjFVU1c1S2p2b1ZPV2ltRkJHZ1FJSytxdW1FeWZMQVlHdz09IiwibWFjIjoiNDQzZGU1YjVlN2ZjODhhODZlNTFiOWNiM2E5ODU1ZWI5ZTM2ZGJkNWQzNDYzNDE0ZDhkYjdkODIzYWUyZjUwNSJ9; cart_auth_282505829=eyJpdiI6IlVSdWhRT01VVHNwSHZNT0VmK3VpQnc9PSIsInZhbHVlIjoiQU83cDRNNldEV0dnd2ZOMG5tdDBJYnZ5TFJONGpSQWZKWFlWZExuT0d2VXh5OU1FazEwWEo4dUpvK0JOQXFISUJ3MXZadFlWa04wSDJxK3lSTmhCYnVkcVwvZEpFelN3UU9lSDN5OVhTVGRiaFwvMmpNTklMMjBoRExhMFlJaXIzZ1YzZzAreHh4RTRwNDFHNG5PMFQxNkNlK1N3WFliM3RkdGVIQ0FidmlBb1hnSDRxTStyQmgwc3IwQjBKQm1ZaEdOTk1LYW1WbDl6dW90Um5QMVwvTktjSlorcE1wRHN6VWFMWTdzSE9cLzJ1UkJQa1l6eTdvY2ljc2l2dTA5WXVCdG5cL29laGpTZDNcLytSV3NBNnQ2Tm5WYjJjRFBhN1l0bDM4dmdzTmFzREUrTFdreGVpNjdsYTc3Z0xPXC9wWFRhbkFaTDJ4ZEJtaXJiTWsyaEZXYnpTdHNiWEtja3RybDBLTnFqVldHazJwR0VIZWR1UlwvM1BxenpcL3JMMThLcDVOalBCY0FvbXc0eWlEUkdSYmZHczZYVnBsRnlaM0lHVysxZEtmUHhoQVFnWUpGS29QRG0xeGRqUGJEcGVpRXJXdDVEZXF0V1FXNkM5UWw3S3BnVDlsXC9FOEpuejBHTjRiVjBWNWRSdlwvS05DZCtIRk85bUc4UmwyYWlGRUZUWmpQZ0MxSlJcL1dpN0JGWWpHRjRNcjNGbGFcL1VWNzRjQjdFeFFpXC9OZ3c1MENwWTk0WG9vUUFoQnJRMjJjbGg3VU1LcjhTWWNOcVo2QkdEXC9KNUJmNE5IeTNaMGtmUT09IiwibWFjIjoiYTVjMTYwNDk3NTFlYjAyMzY1OGVkOTMyZGNlMDJmYzkxY2Y0Y2FiMWIzOWE3OTE3YzQ5MmU1ZDFiMjgzNmJiNiJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         170.82.173.30
HTTP/2 200 OK
content-type: application/json
                                        
date: Thu, 24 Nov 2022 04:40:33 GMT
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IjJ1djdzcWs5Ulwva1wvV0pxOXdhc2dGdz09IiwidmFsdWUiOiIwN3B5RWc0UVwvSCtXREVsZ3YrS1VcL0h1KzdMSzRVXC9xbWttWjhWXC8rRGtzWFZpK21well2ZGVTN0JmampQVXpqeWFpQkZ3MldJb1JPSWlTV2Y0YmYrQ0E9PSIsIm1hYyI6ImM2ODE1MGQ4ZjRlNzI5MGZkNjY5NWJlZTY1OGM4ZDA0NTA1MDBhN2ZlYzBiMTcxMWZiN2UyYTU2N2JkNDZlNGQifQ%3D%3D; expires=Thu, 24-Nov-2022 07:40:33 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6InhGQzZ4NDkxc2libVdQVG5PNVRnTlE9PSIsInZhbHVlIjoiNFwvVVFNUHFuSGhyNzJCakdNMjVzNFZ2bzduaWpwOGprd2dNNmpkbUdVdkxWNSsxNTVOTVR2OFpvVTBVNFJLOWhMYmQxREhMRTRCR1c2MGZRc3lEZ0tnPT0iLCJtYWMiOiIwMjlmYjE3MmFkZjI5ODFhZTY5MjgwZjM1YTNiM2ZkMWRlYWVkYzhmYzYyMzg5YTg4M2JlY2M4NDI1MGMxYzliIn0%3D; expires=Thu, 24-Nov-2022 07:40:33 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1363)
Size:   1075
Md5:    2a2f06fdc912cdc6301be31e27e31b10
Sha1:   7d7a2506602d7b8a049981a118d2d32114c43738
Sha256: 00d0f4aa6282ee8f42dc06eecd03c7f214e9935784e4c8bfcbbfa05fd768f480

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 04:40:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-45745009-5&cid=1397276838.1669264834&jid=750240301&gjid=1039915754&_gid=1308401298.1669264834&_u=IEDAAAASAAAAAC~&z=5162545 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.caixamisteriosa.net
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.251.1.155
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://seguro.caixamisteriosa.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 24 Nov 2022 04:40:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /king-assets.yampi.me/dooki/62e95d312bc5a/62e95d312bc60.png HTTP/1.1 
Host: s3.sa-east-1.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         52.95.165.62
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: jtDn/zttuS9a1nHApNthF2OY0YzKMmVQxZDPGajtJGoNldccLRCZcH4x4kXUwZRTT3lqtIiLiSc=
x-amz-request-id: W2P6HJ2CAEFHGAF3
Date: Thu, 24 Nov 2022 04:40:34 GMT
Last-Modified: Tue, 02 Aug 2022 17:21:54 GMT
ETag: "42653495a27a747f3deff05ead6ab0f1"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 190952


--- Additional Info ---
Magic:  PNG image data, 1628 x 1083, 8-bit/color RGBA, non-interlaced\012- data
Size:   190952
Md5:    42653495a27a747f3deff05ead6ab0f1
Sha1:   7f774f610fb12f312daeb5d49c5cc88af7dd1dc1
Sha256: 3ce6c07440b880752a44c423832b8a6691d7b22898871e08b38f0abe62b92fc4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 24 Nov 2022 04:40:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ana/ana.min.js?t=1669334400000 HTTP/1.1 
Host: cdn.yampi.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.14.227
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 24 Nov 2022 04:40:33 GMT
x-amz-id-2: YYcFlHvBsjZMxS9pNosiFSJszKXyIQM//8jhHBR1C7WdA0LhW23x6LnOHZRkaZBR+AdDW+U7TgI=
x-amz-request-id: 77211RQ8TENBBWG7
last-modified: Sun, 26 Jun 2022 23:28:17 GMT
x-amz-version-id: QVByH4DoJS5uOcK0PZ6NhcCV1oJEdR5U
etag: W/"e7cabc20ce5d56c20d8c4577a36e2525"
cf-cache-status: HIT
age: 2410
expires: Fri, 24 Nov 2023 04:40:33 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef779699f5b4f9-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/events.js?sdkid=CDUVI73C77UAFLPMLING&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202211240440334ECB539A64A79FA036FA
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f179be2c00a82ad1c0c8d4c9bdb44ce0af5899560c73bc22243bf11dbbceb6ae8fa3ae68e7636b50e1822e042ff414a063bac2cb3ccad51f65895bd9b0f0e3645ae
content-encoding: gzip
x-origin-response-time: 8,104.96.220.140
x-akamai-request-id: 661fff5.4b6bccb4
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a104-96-220-140.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=8, inner; dur=4
x-parent-response-time: 107,23.36.79.28
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/config.js?sdkid=419295709021341305&hostname=seguro.caixamisteriosa.net HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20221124044033926121FC391CF7A1F52B
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f175182ef87ef8b7fe7a96d9d27c90c83c99cb5e2e6e05de65063bd0bb39c437ba80b7b6b5438c4e8d79ca4837fd65493f29ecac068de51c5d8a20fd787ab9f91bc
content-encoding: gzip
x-origin-response-time: 6,104.96.220.14
x-akamai-request-id: 198b128f.4b6bcd35
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Hyki0L9aoPUIr9jHesIe5kg8jd; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a104-96-220-14.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=6, inner; dur=3
x-parent-response-time: 108,23.36.79.28
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/events.js?sdkid=CDK4CUJC77UEMNFPVPVG&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 2022112404403370C9F2FBF747D08FD648
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f1750ae84edb74557b558de9df9557b32fa87a685fee776748cde5638588c7772ee8dc52073861cbc075133581ed0f262630b14c84e9ebdceac25cf3e01a80bba64
content-encoding: gzip
x-origin-response-time: 6,104.96.220.135
x-akamai-request-id: 1ec1927a.4b6bccb0
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a104-96-220-135.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=6, inner; dur=3
x-parent-response-time: 105,23.36.79.28
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /jquery/jquery.js HTTP/1.1 
Host: cdn.yampi.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.72.14
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Thu, 24 Nov 2022 04:40:32 GMT
x-amz-id-2: 6rUk2JDrWUHbmSyZclIHS8+VegbRVfihQeD4Jd8T/P/up0mCsSmBDVs4VTCyH3Q5VekHaZtZrug=
x-amz-request-id: BGZG7S6KVW8D2S4Q
last-modified: Tue, 24 Sep 2019 11:23:34 GMT
x-amz-version-id: 6XhfNvj9UGB1eWzPJf8PFJnclFrAQqDF
etag: W/"9f7c65c84c8e8c3e317945e8fd89899b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 608
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihohemqdD20f5sGArbQBS2%2FXR4%2B8OSNOuUzRCbg%2BeAMgMdOW2vPKm7De0uRQc6jKi751HHoEKFICdgxQnrUEcl4l2QKbUcOSMXmzrq5SibzCJOo5OCFJFTkxEHNdJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef779529dcb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Rubik:wght@400;500;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 04:40:32 GMT
date: Thu, 24 Nov 2022 04:40:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /checkout/build/mix/assets/css/app.css?id=78c7a473b51f1cc2067d1b8860950b25 HTTP/1.1 
Host: awesome-assets.yampi.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.72.14
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 24 Nov 2022 04:40:32 GMT
x-amz-id-2: YA1eDbyiFw9F7lvoHKFMrUFI+rzs4fWeaPTK8HBrcIojzp1Ze0GAqZwjGyO3EOKzm5Y2nWL5dqs=
x-amz-request-id: P208087TQ0JZ3MS4
last-modified: Fri, 04 Nov 2022 18:19:16 GMT
x-amz-version-id: 5lxShk4xe0C8IXXkoQQWK8S_0jFPf.GV
etag: W/"78c7a473b51f1cc2067d1b8860950b25"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 608
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqnzJlJ9t23ijk7op4uWAV%2FQSZ%2FBd3MYExSIvwZyI6OQz6uP9%2FyvcHOwyqhvz7KjrAJSFtSfFVSV4M%2FgeC%2FyFXdJ200v27gObWQU1VtWVSZLD3PAuhKjchFhqgv%2BAZG73SNmHiirDl0M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ef7794d9b9b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/events.js?sdkid=419295709021341305&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202211240440333CB03F8B50A21E0765FB
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf602f4e8f28fd518fbd62b4f0adef0d7f173f4e39a8ee9b793447051d492f0845087ab35ec8b8fd833bfa879063c82d1b1958e64f8e5bbd828259e1362cf31f3401f1737f0cef270228017278a2f1892616
content-encoding: gzip
x-origin-response-time: 6,104.96.220.13
x-akamai-request-id: 22bcd025.4b6bccb9
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a104-96-220-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=6, inner; dur=2
x-parent-response-time: 105,23.36.79.28
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/events.js?sdkid=CDK4VU3C77U9GFT2SN80&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.caixamisteriosa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20221124044033AB05267DC7BCBA92F97D
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf6044faeb2b99c092c97016c61fe0db1beb78f461edea52c08d6017cfa79fc0b9d311c32612c5aac9b95d563ebaaf85e337ee1e7a3b284a3f0d78580c51442adff0605299d3f35e068e243c699b827c96c3
content-encoding: gzip
x-origin-response-time: 42,23.218.220.133
x-akamai-request-id: af0c334e.4b6bccb8
expires: Thu, 24 Nov 2022 04:40:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 24 Nov 2022 04:40:33 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-218-220-133.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=216, origin; dur=42, inner; dur=4
x-parent-response-time: 257,23.36.79.28
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /checkout/payment?cart_token=f7c2dfba-6b9b-11ed-9ca5-0209f11817a0-637ed091e09c4&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=14c89e1a1a92eb05e5677a66dbd966c536060fae&customerToken=5eefb1a0-6b9c-11ed-8222-f97593481d41 HTTP/1.1 
Host: seguro.caixamisteriosa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InpMUDhrbHV6M0diZ0tHYlhoRGEyZVE9PSIsInZhbHVlIjoiaHFkSjFkaFJma1VnQlIza0Jsa1JyZVJibmV2UmJoSEFvSGh1Z2U4K3lmNjNUdExCdzhsOElsYzRhQU9OZkdtWnVlNkZvajZtSUJ5WitibXR2MVVadmc9PSIsIm1hYyI6ImMxMWQyMmFmOTkxYWY2MzQ3NGMxZjhhZmNmNzA5NmRkYmRhYzdjNDFjZDNlZWYxMTQ0ODc2OTg5NGI0MzQxNzYifQ%3D%3D; bubbstore_checkout=eyJpdiI6ImFXR1wvbHhHd2M2RHBSc3dYUDFYSkhBPT0iLCJ2YWx1ZSI6InhjbDhtQ3RDV2dNcTVITkprQnNhRDBHQmVXdWhhOElOZ2pRTVwvck9TY291dTFWNHlxNlRjQnRHWlZ2WW5CRmtUbjJkSlROODBPWUdcL1RYc1lMK1NTeFE9PSIsIm1hYyI6ImM2M2VkNDM2ZDAwNDg2NTE4Y2I3MDJlZTBjZTZlNjNjNmY1MzBlNjgwNTZhNWQ3OGQwNDQ5YTAxMjk5YTEwOTYifQ%3D%3D; caixa-misteriosa9_cart=eyJpdiI6IjltR0hZalZyV3owU0krRDBveXptbUE9PSIsInZhbHVlIjoibnlXcmk0Wm5cL1grcm0zc1c4eFpmVlBhWDBlU1RwcnZSR1UrSnp0SVdzXC80ejFJNGVWMjFhWjFVU1c1S2p2b1ZPV2ltRkJHZ1FJSytxdW1FeWZMQVlHdz09IiwibWFjIjoiNDQzZGU1YjVlN2ZjODhhODZlNTFiOWNiM2E5ODU1ZWI5ZTM2ZGJkNWQzNDYzNDE0ZDhkYjdkODIzYWUyZjUwNSJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         170.82.173.30
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Thu, 24 Nov 2022 04:40:31 GMT
location: https://seguro.caixamisteriosa.net/checkout/address
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6InY1dzgyUjRaZEpFZmZEcVZZaFd0RWc9PSIsInZhbHVlIjoiQ3l5OW9jdDJiWWdINTU4K29yM0syMjVxbHNYRDFGd0poUDlGTUNhdlpMcjcrMnpQRVwvcFZQYUs0aFdhcm5POHByQ1hGZEQ2K2hPRTNOWk15OWY3Rnl3PT0iLCJtYWMiOiJmZDk2YjM0N2MzMWE5OWU2NjRmZjg5M2MyMTkzOWFlZWNkZjJiYmExM2NjYTMwMDc2NzIwOWExN2Y4MjYyNTIxIn0%3D; expires=Thu, 24-Nov-2022 07:40:31 GMT; Max-Age=10800; path=/ bubbstore_checkout=eyJpdiI6ImRKZjQ3VmtCc3NjcDh0NUNZa1Q1emc9PSIsInZhbHVlIjoieG05eXY4Y2w4TGlmcFwvR2V6dVMzazNCTzBZVit3RUx1RjRkS09cL2ZPU2NxbGplRkpLayt0WEc2eDBYWmpqMlRiYVlrVjFwRUtoSEZCR1JjVmk4U1FnQT09IiwibWFjIjoiMTJjYzYyODFkZGQ1ZDk5YjE1OGE4ZWIwOWQ4OGYyNmYzOGI3NTc4MThkZWQ4MmYxZjM5ZDg3Y2U2ZGU5ZmRmMiJ9; expires=Thu, 24-Nov-2022 07:40:31 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2


--- Additional Info ---