firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 22:04:31 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8ObvTk27DfqtoLJ4v7RpvirzO2k_aMFczzPZlwhlwST7lrMdFF4utQ==
Age: 3215
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16079
Expires: Wed, 07 Sep 2022 03:26:05 GMT
Date: Tue, 06 Sep 2022 22:58:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VHpDWNst7ve-Rtue3WSL_keli5ZJ0l-f9enJlvZGVK7mETzZ1Zp3jw==
age: 78169
X-Firefox-Spdy: h2
seguro.marazul-tech.com/cart?cart_token=shopify-dd31e788a3b2289212cad02d855d11d1&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=3ee1fee4e4ca533f2314dc8ac87cc17dffdea4e2&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10
170.82.173.30301 Moved Permanently 134 B URL HTTP/1.1 seguro.marazul-tech.com/cart?cart_token=shopify-dd31e788a3b2289212cad02d855d11d1&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=3ee1fee4e4ca533f2314dc8ac87cc17dffdea4e2&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10
IP 170.82.173.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /cart?cart_token=shopify-dd31e788a3b2289212cad02d855d11d1&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=3ee1fee4e4ca533f2314dc8ac87cc17dffdea4e2&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10 HTTP/1.1
Host: seguro.marazul-tech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Sep 2022 22:58:06 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://seguro.marazul-tech.com:443/cart?cart_token=shopify-dd31e788a3b2289212cad02d855d11d1&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=3ee1fee4e4ca533f2314dc8ac87cc17dffdea4e2&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10
X-GoCache-CacheStatus: BYPASS
Server: gocache
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 22:58:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 06 Sep 2022 22:38:18 GMT
Expires: Tue, 06 Sep 2022 22:48:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HOjL7yZgUYbIZZ9WO3wv1F0-PodeXZAdgRRr8lwHoPZ8uDh8ux2wqg==
Age: 1189
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 63db942db8b6a5cd65c613609548c417
133ad9292df54c4d3fd9565c484fae813d83a8e3
f4dffc73dfba0c502fc09702a15e18a6d3459ddc46197db75c4efc400d0c7f92
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4DFFC73DFBA0C502FC09702A15E18A6D3459DDC46197DB75C4EFC400D0C7F92"
Last-Modified: Mon, 05 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6585
Expires: Wed, 07 Sep 2022 00:47:52 GMT
Date: Tue, 06 Sep 2022 22:58:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5935
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:07 GMT
Last-Modified: Tue, 06 Sep 2022 21:19:12 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.164.47.107101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.47.107:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OfKTxcfnA28zwVNEOmpUIw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sm5QsXeou3swcg9WERi4sVuTR48=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ea5d89f3b91e9e92f6024a05a76d0916
fa5a430f9c241f95ce139f4287d5fd3583c1f4f7
5f88f1d962a8f8ba18d5b077d2a8832554b62960764922f6bc45362480d5cd45
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3536
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:08 GMT
Last-Modified: Tue, 06 Sep 2022 21:59:12 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
awesome-assets.yampi.me/checkout/build/assets/css/app-f44a883bc0.css
104.26.2.88200 OK 134 kB URL HTTP/2 awesome-assets.yampi.me/checkout/build/assets/css/app-f44a883bc0.css
IP 104.26.2.88:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size 134 kB (133865 bytes)
Hash f44a883bc0053f8b6e3f2e277c57ba94
55b0c8ce27397adf2dde00dade512dd51e8a5227
4de73ff14ff621eb8699ce6f8d16011db1396da836d3f3c58b65fbcd7501365e
GET /checkout/build/assets/css/app-f44a883bc0.css HTTP/1.1
Host: awesome-assets.yampi.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:08 GMT
content-type: text/css
content-length: 133865
x-amz-id-2: iiKNJustH0CCZ5a6QV3nu9l0w55abVTuIhW6aZmtaWl2lTiesdV7yPUBVUWMwku5f4z6B95amAI=
x-amz-request-id: R7XSAPF5QSPDGPJG
cache-control: public, max-age=315360000, no-transform
last-modified: Tue, 06 Sep 2022 18:09:42 GMT
x-amz-version-id: 5d8O9v6VyeU6klY2wk2zkN3NliDvHubb
etag: "f44a883bc0053f8b6e3f2e277c57ba94"
cf-cache-status: HIT
age: 14254
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46qtnIVOR0QsDZUkCVKiYUqa%2BcV0cB7bKtHFtpXzRStx85V3T9O0zsLEEZGQzKDRgQjrFfFfTcdwJsSgaA4InouqJZBKh4lsWZgMSaivoWzAuX6jD0zJkTQH6FtFBVZzzTK0U3QF9PzP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746acec3ac621c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secure.mlstatic.com/sdk/javascript/v1/mercadopago.js
23.36.79.8200 OK 9.1 kB URL HTTP/1.1 secure.mlstatic.com/sdk/javascript/v1/mercadopago.js
IP 23.36.79.8:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (25829), with no line terminators
Hash 13e3cc8ff400bf1da09ba98065151e4a
05da8917634372f71cd2f851e42129fecfb2f45f
9fb8f6afd1ae3d95fbd299a8a9b63fb83e653410c7a9cd0e42fbb75b4faf1c36
GET /sdk/javascript/v1/mercadopago.js HTTP/1.1
Host: secure.mlstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 9065
Server: Tengine
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: "825262-9065-1647036440000"
Last-Modified: Fri, 11 Mar 2022 22:07:20 GMT
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.openplatform-sdk-javascript.melifrontends.com
X-Request-Id: d2e52704-7958-472c-b559-cac792b41f98
X-Request-Device-Id: d2e52704-7958-472c-b559-cac792b41f98
X-D2id: d2e52704-7958-472c-b559-cac792b41f98
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Cache-Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Date: Tue, 06 Sep 2022 22:58:08 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 21d1b5be072df45253749eeb3290be82
4ac9978797c085289b9fcc2fe9a57b619e1c78c9
9ea779e1ad86a4a7c403b574908e2dc60d079b366ab1cf439b34c73c9a9c64c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC
142.250.74.164200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash b7a6c59a907d5a389d2689db5a03b1ce
75084c2c8c6fea60d8bbfa6b22cecd4d51c98e31
00a024e5bb473677e5844a1dc71854b4351f003df053dae198624d2985f3fe86
GET /recaptcha/api.js?render=6LdxeuoUAAAAAP6iiKD6JZKojOflG8Z_w0Ebx6LC HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 06 Sep 2022 22:58:08 GMT
date: Tue, 06 Sep 2022 22:58:08 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
seguro.marazul-tech.com/cart?cart_token=shopify-dd31e788a3b2289212cad02d855d11d1&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=3ee1fee4e4ca533f2314dc8ac87cc17dffdea4e2&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10
170.82.174.30302 Found 45 kB URL HTTP/2 seguro.marazul-tech.com/cart?cart_token=shopify-dd31e788a3b2289212cad02d855d11d1&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=3ee1fee4e4ca533f2314dc8ac87cc17dffdea4e2&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10
IP 170.82.174.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash 6bfa98f6f1f69a7df113a59644844e8f
7f0fa2b4dc5c0b02ec78601cc7a55b1213f01aed
58f1a91353b00f89d223bdeb2539ae1c62b76d2e7900d5755748b0e5874b42c6
GET /cart?cart_token=shopify-dd31e788a3b2289212cad02d855d11d1&utm_source=SMS&utm_campaign=Carrinho%20Abandonado%201&forceCheckout=1&skipToCheckout=1&store_token=3ee1fee4e4ca533f2314dc8ac87cc17dffdea4e2&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10 HTTP/1.1
Host: seguro.marazul-tech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 06 Sep 2022 22:58:07 GMT
content-type: text/html; charset=UTF-8
location: https://seguro.marazul-tech.com/checkout/payment?cart_token=shopify-dd31e788a3b2289212cad02d855d11d1&utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&store_token=3ee1fee4e4ca533f2314dc8ac87cc17dffdea4e2&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6ImdMYmFBZ3VtYTNcL1VBcGtLWTIxWUpnPT0iLCJ2YWx1ZSI6IjRXZ2w2RlBISm9pQ0E3ejh6bTR3ckUyR08wclRjZHdBbFwvTDFhWkNrTG14T1o2TndhV0lLZWZaYndheDRKV1dadkx0TkdYZXl0TXdiZ0g5VmRUODk2dz09IiwibWFjIjoiYTViYzlmMmYxNjYyZGIyODE4ZWE5ZjM4YmVlMDlkNTA3ZDJlNTNlOTg3MTQ4ZDVjNmY2NDRlOGExMDYzZTRkMyJ9; expires=Wed, 07-Sep-2022 01:58:07 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Ilppd0pubEVjUnMwbEY1Z05iXC9mQzNBPT0iLCJ2YWx1ZSI6InNkS3lpXC82ZU5RSHgyQlNPNFA3cGcrbE94cEFQbXVZOE9iVkorUlhWT25Qa2JoUVFFV1dBR1pDUUZsaVl4TUlZRkNSZzFJbkRYNTRzNGF5cmdtSFhWdz09IiwibWFjIjoiMDYxZDY3YzVjMTQ5ZGNmNWQwZTNhY2Q4OGJhM2U3MmYzMTIxMDIxNzU3ZjhhOTI5ZTBkODBiMzAxNzJiMzgzNyJ9; expires=Wed, 07-Sep-2022 01:58:07 GMT; Max-Age=10800; path=/; httponly
marazul-tech_cart=eyJpdiI6IlhNVWR3emdqMWZhWlwvT2JXK3ZSVTRRPT0iLCJ2YWx1ZSI6InV4ek5UT3Q5eThIZDVWbTR4aVpxZ0RsZkxxN0haaGZDK1pORWJ6N3cxRUk4d05iWDA5S0Q5aHpzU1wvY25NMTVhUmFZaXpqK2NsMDhYaXJ1T1hsN0pvdz09IiwibWFjIjoiNjM5MDk1YjBiMzNlNGNiY2EyN2VmOGVjOTEwZDcxYjVkMjk2MmEyYWIxM2U4NWEyODI3OTY0YzE5MTA4Mjg2MSJ9; expires=Sun, 11-Sep-2022 22:58:07 GMT; Max-Age=432000; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ
IP 142.250.74.3:0
Hash 978582b1024e3f6adb0b944d43472479
905710206f9a404676cf948b7691f3b8530efe5a
36e65a7de3629939a567d0b092fbe7724dd204cebac5e47a7a33b15b2e301374
POST /s/gts1d4/pWyJAO6WNqQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.upnid.com/v0.js
130.211.14.112200 OK 8.9 kB IP 130.211.14.112:0
File type Unicode text, UTF-8 text, with very long lines (23050)
Hash 960c2f02f796ed460b2c3911ee0f498d
862e007ff302286b83d9e5b4b880acdf5894ac1a
d5112369b9ae06973e98285df7d92749ddae470430912d01fd70f7c45207592f
GET /v0.js HTTP/1.1
Host: js.upnid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Origin
content-encoding: gzip
via: 1.1 google
content-length: 8884
date: Tue, 06 Sep 2022 22:30:19 GMT
age: 1669
last-modified: Tue, 19 Jan 2021 20:16:07 GMT
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/pWyJAO6WNqQ
IP 142.250.74.3:0
Hash 978582b1024e3f6adb0b944d43472479
905710206f9a404676cf948b7691f3b8530efe5a
36e65a7de3629939a567d0b092fbe7724dd204cebac5e47a7a33b15b2e301374
POST /s/gts1d4/pWyJAO6WNqQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
142.250.74.10200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css2?family=Rubik:wght@400;500;700&display=swap
IP 142.250.74.10:0
Hash 8093de5badc09c118ad5f2c22262d9d4
deee087e93477b2953f809fe2fd92a4211e48c51
f640d18a3040d71f5f2bd6cb3c694355f4ae1863991f6134b1a180563e33c3ab
GET /css2?family=Rubik:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 22:58:08 GMT
date: Tue, 06 Sep 2022 22:58:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16828
Expires: Wed, 07 Sep 2022 03:38:37 GMT
Date: Tue, 06 Sep 2022 22:58:09 GMT
Connection: keep-alive
fonts.dooki.com.br/fa/4.7.0/fa.css
104.18.1.53200 OK 26 kB URL HTTP/2 fonts.dooki.com.br/fa/4.7.0/fa.css
IP 104.18.1.53:0
Hash ce5c9ab1ba64ece3a15dcdda629a54d4
d8080dc658649673979d0bcb16c7f74b5efc97fa
02e6e0a58ce42c57ac75ccd137ba7cfa7fea7e499f80740dad76fcef88f12adf
GET /fa/4.7.0/fa.css HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:08 GMT
content-type: text/css
x-amz-id-2: gGNPVnAVZsqONOCg389UDgsIhA1ObjBdpsJMkqSZGddyTo93S8XPm4wvAm36dYfVkX+Cf24ZYFI=
x-amz-request-id: G8BNNJCT1K1R1RT8
last-modified: Sat, 10 Nov 2018 14:21:37 GMT
x-amz-version-id: null
etag: W/"36688de682a76454417c56541b1cf51e"
cf-cache-status: HIT
age: 3621
expires: Wed, 14 Sep 2022 22:58:08 GMT
cache-control: public, max-age=691200
vary: Accept-Encoding
server: cloudflare
cf-ray: 746acec39f170b06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16828
Expires: Wed, 07 Sep 2022 03:38:37 GMT
Date: Tue, 06 Sep 2022 22:58:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16828
Expires: Wed, 07 Sep 2022 03:38:37 GMT
Date: Tue, 06 Sep 2022 22:58:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40a1a34b-bd31-4f00-a8cf-f11e2616a5f6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40a1a34b-bd31-4f00-a8cf-f11e2616a5f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c2d4c01e5231b1b06ee38b6f9049993
a6ebf37cf2f7f4b2ba54a566f8dd283cef97f411
a3cba7153f46f6592cd393d246a8c231f6bc73d3a96946b0422274982ff0bc67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40a1a34b-bd31-4f00-a8cf-f11e2616a5f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12412
x-amzn-requestid: 033e4dbf-4618-4164-a456-ec71a90fa40f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7HVYEQJoAMFX7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63145288-7ea85af00ab2b2c0648af9a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:23:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: X6b0Q4W_pbs6mR9sCFZjHLOe1jjnqRB7yhkPoO4BwRJliYxjBNgJig==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 05:24:57 GMT
etag: "a6ebf37cf2f7f4b2ba54a566f8dd283cef97f411"
content-type: image/jpeg
age: 63192
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 9a06d4975d9a2cde5a503d8c6b2cd261
a6713b7912b2caaec2ff123438917d593e4af878
86d809724667ef6f33c06c3fe7e63637d11bb7f6a9a9835b8a5c201331d10aa0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 22:58:09 GMT
Last-Modified: Tue, 06 Sep 2022 21:52:27 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: h-pTEqDL9OwgTi7tDb7GPRWFNOilMipGq13V88wosl-7rywIsbumbw==
Age: 3942
github.bubbstore.com/svg/card-diners.svg
104.21.29.224200 OK 5.9 kB URL HTTP/2 github.bubbstore.com/svg/card-diners.svg
IP 104.21.29.224:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1368)
Hash 69a24fbf61aa15e3e6c496e753748e93
b4ce4f586f85085aa077c79ecbf97dd5c284be1b
721c07b81064650706d88ba37159a3d030680f212ddf5df73d63e683d69b117a
GET /svg/card-diners.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:08 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-99b"
expires: Tue, 06 Sep 2022 22:07:47 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 8B70:8823:1B2160A:1C6B877:63175C58
via: 1.1 varnish
age: 2
x-served-by: cache-bma1680-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662475353.916176,VS0,VE128
vary: Accept-Encoding
x-fastly-request-id: 1facbb40c05dbe84b2354290d568593a381502aa
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XW5tRkx66YtAuWlLfsnT5ejQ%2BhzNVJVQMn%2FTdOHoSBHxwdXx5YiaQIS5NwFsRJNx6dqEdyu5XbY%2FxO1Vi8j%2BQDYx%2BwuYpuIXzwNxILy66K%2FkwjsMMIoAV5IvI%2FRMQlP%2FPVcDEQPZAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746acec498450afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
github.bubbstore.com/svg/card-aura.svg
104.21.29.224200 OK 8.8 kB URL HTTP/2 github.bubbstore.com/svg/card-aura.svg
IP 104.21.29.224:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3016)
Hash c24ed14b7af459ef3b9391103db28248
6b605366cccdb2c682402b896e6ba73aef61959d
d99830d00bdbc49cb432b9bd790ec38085b047061b42149baf1fc4299f2b6927
GET /svg/card-aura.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:08 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-111a"
expires: Tue, 06 Sep 2022 22:07:47 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: B3E4:210E:2AE947:2E39F2:62EA7A7B
via: 1.1 varnish
age: 2
x-served-by: cache-bma1623-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1659533947.115851,VS0,VE106
vary: Accept-Encoding
x-fastly-request-id: 42916230cf12b0bda932a4d252d9e38dd0770242
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5%2F0Ru4tSTSfMHIOXSOw1pbGpTp47fP7vqS7qvs19k7UopVtnhKYonfw%2Bxyvkb1yOT8yoqMSY24RsrL790gHcJGdpTl9YQp2wYpmmUXV5ge3kyDXoRCpSP%2FV8MAK6svNKhnxtZ4T2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746acec478390afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edcd025faafbf7161d4d606f47304c2b
a99519726bc82f2cc0541c79f47ddd15c7362669
ed7b147e3ea371ea4b014805d9c2f45407918924bb2ec540ea6f7cd0a8b1b698
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3529
x-amzn-requestid: 6ee305f1-aaaf-49eb-94b5-1176943a1922
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YCjYWFzNoAMFajg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63174c35-7e8ef3554da3194d47726d0d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 13:33:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: u3PSpvVEoPGJTFmcB643hOaVUAp-iW0X68PxtIaJZvGHc-Bh79gPgQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:50 GMT
age: 27256
etag: "a99519726bc82f2cc0541c79f47ddd15c7362669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16828
Expires: Wed, 07 Sep 2022 03:38:37 GMT
Date: Tue, 06 Sep 2022 22:58:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d353f8d-bf6d-4c0f-b163-e9d32c54839f.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d353f8d-bf6d-4c0f-b163-e9d32c54839f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6194a9684f17743754ea625caecf9d46
90fa1c2a82eca9b0a37c665e8f50a4c54520e12f
4d4e16a9aee766d73e4ac96e1f099ec01e8285d69c4a33f99ade5f49378ca73e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d353f8d-bf6d-4c0f-b163-e9d32c54839f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8101
x-amzn-requestid: 9e9aa680-4520-4d58-8a2a-a762694d918d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YCTliEZPoAMFd1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631732f0-40281921111511f14176b16c;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 11:45:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PdxV0Z4QpE-nXkmZloSKRv5Kv-rLJGoUqEUKpAByldgIGpvI3Q4hUQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:20:47 GMT
age: 2242
etag: "90fa1c2a82eca9b0a37c665e8f50a4c54520e12f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dec22851777a3030fc2502dac7ba19d9
fd5e9e9204374e5044254312646e33899b27cf48
67de7221edf19e62be0ae66623a8596fe4bad13adbc97703da17d959737ba426
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67DE7221EDF19E62BE0AE66623A8596FE4BAD13ADBC97703DA17D959737BA426"
Last-Modified: Mon, 05 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19766
Expires: Wed, 07 Sep 2022 04:27:35 GMT
Date: Tue, 06 Sep 2022 22:58:09 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e9b3424-a7df-4a41-82c2-4baf4813509c.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e9b3424-a7df-4a41-82c2-4baf4813509c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcf56e65178e3bdb802a8215b48d11f0
6ca14b815e1446172a72f28f58fbbf97272a512b
42a88966c46e9670786e171700f403805f1a278aef0edfee233afb8fd5e41e46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e9b3424-a7df-4a41-82c2-4baf4813509c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11464
x-amzn-requestid: 5a4d63f8-dd44-4003-bd90-4ebcdf4517e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdbBcECroAMFrFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63087209-22f3a6a174d32fd11f863106;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:11:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RN78TWtmq0okztaJVpUNwYH093j1R18-1HsnQGKYpciJ41WsUhwcMA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:07:41 GMT
age: 3028
etag: "6ca14b815e1446172a72f28f58fbbf97272a512b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.dooki.com.br/fa/4.7.0/fa.woff2?v=4.7.0
104.18.1.53200 OK 77 kB URL HTTP/2 fonts.dooki.com.br/fa/4.7.0/fa.woff2?v=4.7.0
IP 104.18.1.53:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /fa/4.7.0/fa.woff2?v=4.7.0 HTTP/1.1
Host: fonts.dooki.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://fonts.dooki.com.br/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:09 GMT
content-type: binary/octet-stream
content-length: 77160
x-amz-id-2: h3KG8134MvzX6WKf857ZzOoD2wI6lbJ3eq85NpxxGucB200qeO5xXHtxTJaw8TA/kQFD6q76RHc=
x-amz-request-id: V3ZVHYQFQPXFN7M1
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 1800
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sat, 10 Nov 2018 14:21:40 GMT
x-amz-version-id: null
etag: "af7ae505a9eed503f8b8e6982036873e"
cf-cache-status: HIT
age: 3621
expires: Wed, 14 Sep 2022 22:58:09 GMT
cache-control: public, max-age=691200
accept-ranges: bytes
server: cloudflare
cf-ray: 746acec7ad130b51-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-N9ZSJ2M
142.250.74.72200 OK 37 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-N9ZSJ2M
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 307791e4e33d0c67553b01cbacecd99d
9aa89a161f5b8e96ad9870961e8632bdc4b5187a
ccc0a3a2f7b92df87d9ce1af65293018e257daf63432de42cf565d5e0748bb15
GET /gtm.js?id=GTM-N9ZSJ2M HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 22:58:09 GMT
expires: Tue, 06 Sep 2022 22:58:09 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 21:08:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37145
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
142.250.74.163200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Hash 848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:08:19 GMT
expires: Tue, 05 Sep 2023 21:08:19 GMT
cache-control: public, max-age=31536000
age: 92990
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 841b41a4d02b151759ae52ef4d397d45
a14081bf91a05ada26c7079dbf5fcd75d0cdd3b3
1c43e4e9761165da05952ea1d8adb5d304768935e6dc9e0b4f9f06e9ea141f6c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:09 GMT
Last-Modified: Tue, 06 Sep 2022 22:58:06 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 841b41a4d02b151759ae52ef4d397d45
a14081bf91a05ada26c7079dbf5fcd75d0cdd3b3
1c43e4e9761165da05952ea1d8adb5d304768935e6dc9e0b4f9f06e9ea141f6c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 436
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:09 GMT
Etag: "6316a43d-1d7"
Last-Modified: Tue, 06 Sep 2022 22:50:53 GMT
Server: ECS (amb/6BA6)
X-Cache: HIT
Content-Length: 471
s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/62faee62d5a91/62faee62d5a97.png
16.12.2.16200 OK 7.4 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/62faee62d5a91/62faee62d5a97.png
IP 16.12.2.16:0
File type PNG image data, 677 x 87, 8-bit/color RGBA, non-interlaced\012- data
Hash a740eb208fbdb9704f67d03e34bf1e8a
b2fe2630d5ebb7bda6f776d1c6856a1c26c4abaf
551c9a260933f329cad81fa6c9cf3533345445083e2df7119f5cc943ba909aa9
GET /king-assets.yampi.me/dooki/62faee62d5a91/62faee62d5a97.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Insj5xCFAXMKfV6Xa+3V4ImjR/IjpVkdPo5dCABofWhba4hqkdK0OaYJeCV2IeuKQkmbnXDEIsk=
x-amz-request-id: CQ15SKJCEEW3Z6ZN
Date: Tue, 06 Sep 2022 22:58:10 GMT
Last-Modified: Tue, 16 Aug 2022 01:09:55 GMT
ETag: "a740eb208fbdb9704f67d03e34bf1e8a"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 7445
api.mercadopago.com/v1/device_sessions/web_device
107.23.32.171200 OK 0 B URL HTTP/2 api.mercadopago.com/v1/device_sessions/web_device
IP 107.23.32.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.marazul-tech.com/
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:09 GMT
content-type: application/json; charset=utf-8
content-length: 0
access-control-allow-origin: https://seguro.marazul-tech.com
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-headers: content-type
access-control-max-age: 86400
x-request-id: 4c121fd8-7d22-421c-954f-c561471db41c
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-94,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 48adb77508cc5b67
x-b3-traceid: 48adb77508cc5b67
x-trace-source: fury_app
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
x-trace-digest-94: 9qTAA3ElSPIn/clOG2i43ZnKqP1CLO5kznJ+cGkcrhHav0DhwzCDzFp3b7Ox4igy
access-control-allow-credentials: true
vary: Accept,Accept-Encoding
cache-control: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
timing-allow-origin: *
X-Firefox-Spdy: h2
api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.marazul-tech.com
107.23.32.171200 OK 0 B URL HTTP/2 api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.marazul-tech.com
IP 107.23.32.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/devices/widgets?referer=https%3A//seguro.marazul-tech.com HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://seguro.marazul-tech.com/
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:09 GMT
content-type: application/json
content-length: 0
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
access-control-allow-origin: https://seguro.marazul-tech.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-request-id: c1359de1-3d45-46b3-9356-6a57becd8f20
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2
seguro.marazul-tech.com/cart/recomm
170.82.174.30200 OK 158 kB URL HTTP/2 seguro.marazul-tech.com/cart/recomm
IP 170.82.174.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (632)
Size 158 kB (158393 bytes)
Hash e4db57bf495ee00cb1b989f17fe96c9b
109f38b7b2451a81d8e043f84c5b0b40b703d8e3
e718b3b9dbb3306d917d54b5d762bde59890c0638117e9e896fb0d29a0a9a1a3
Analyzer Verdict Alert fortinet Phishing
GET /cart/recomm HTTP/1.1
Host: seguro.marazul-tech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjI2OWJhMmE5YmFmMDJkNWUiLCJ0ciI6IjE1N2ExYmE1NDQ5MWE3OWFkMjI1OTE2YWYyZjYwOGE4IiwidGkiOjE2NjI1MDUwODMyMzN9fQ==
traceparent: 00-157a1ba54491a79ad225916af2f608a8-269ba2a9baf02d5e-01
tracestate: 2935249@nr=0-1-2935249-1134170823-269ba2a9baf02d5e----1662505083233
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10
Cookie: XSRF-TOKEN=eyJpdiI6ImNzazZSa2VnY3g0eVlKVlV2SFB4cVE9PSIsInZhbHVlIjoiWlpuQTJSUTlqc2xpdUl6QTVJazhoY0VraklySnJyOUpmeTB2VXJcL3ZGYVROUjdDTlI1dkZEd2ozXC9WYzExWFRMbG5zbHJGS2E3NEFjdzkxWlBPM2JLZz09IiwibWFjIjoiZWQwMTYwOTAzOTMxODY4ZWVkM2MyZDIwY2I2ZTA5ZjlmYmU0MmU1ODRiYTJjMGI2MDI4ZTZkNWMzODJhMTU0NSJ9; bubbstore_checkout=eyJpdiI6Ink5S3dRTm1Bak5JdTZPTXZJWUVSOXc9PSIsInZhbHVlIjoiVlN3NUwwdlVOOUZxUUNSM25TWjVhNmxLRzVXamc2Y0hsMndZNThqVG9BRVwvXC9DUzdSdXNjM21POFVxVXVyTEJnNWNGcVNnM1VMb3A3ZkJLMm5RT3JlQT09IiwibWFjIjoiZjEwMGJmMDJiYzNmYmUzMGNjY2MyMDM2NzMzYjUwNDM0MGY4MzQwMWU2NWVkYzMxZTUwMGI1YTQ1MzhkZjVlYiJ9; marazul-tech_cart=eyJpdiI6IlhNVWR3emdqMWZhWlwvT2JXK3ZSVTRRPT0iLCJ2YWx1ZSI6InV4ek5UT3Q5eThIZDVWbTR4aVpxZ0RsZkxxN0haaGZDK1pORWJ6N3cxRUk4d05iWDA5S0Q5aHpzU1wvY25NMTVhUmFZaXpqK2NsMDhYaXJ1T1hsN0pvdz09IiwibWFjIjoiNjM5MDk1YjBiMzNlNGNiY2EyN2VmOGVjOTEwZDcxYjVkMjk2MmEyYWIxM2U4NWEyODI3OTY0YzE5MTA4Mjg2MSJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:09 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IjRzYmxrUThkSDE1aFVrRjFRWTNSckE9PSIsInZhbHVlIjoiYkhrUnJ2SzlZMmxWXC8yaEtQWVo3UzNtbm8zWFhIWU1QMTBBS0lQOTAyY1dsUTZ3OUlTcTAwXC9CbncxTDN3WkZuVUMxZUdlc3dyYVgwRHBkdGhJeExEQT09IiwibWFjIjoiMTZmYmZlZjJmOTZlM2UzYjdlYTU3ZGI0ZTYxMDkyOGVmODNiNTFiYWI4ZDk4MDg5NmU2ZTZlN2IxMGFkYzcyNiJ9; expires=Wed, 07-Sep-2022 01:58:09 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6InRCNHpZU0RJa2xoQTBtS1lMbVE4TFE9PSIsInZhbHVlIjoiTDJ0TzlOQXpqdDE0anFzNzlqRzBSQ2dTVm1nWVRLc1krZXFSM0tFU2xTck1Ic2RDbzBMcjBwTVJnUm9VMFpuRHg3eVhSOVRRS1NNcDNkbFplanZaZEE9PSIsIm1hYyI6ImQ4NTdhNTMxYzI3ZjNjNWNjYmJmMDU2NmEyZjA3MThmZjhhNzFhMzQwNGQwODNiNTcxNWUzNWJjYjQ0YjMzMDIifQ%3D%3D; expires=Wed, 07-Sep-2022 01:58:09 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPEFJSWAsJExoDTFZTUgBSFFIWCAcCClAVTABNEQdQVQAAUgFcBgFQBFUPAgRESFdXXxEDPg==
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5OA7O5O3VNUQLVLPI4G&lib=ttq
104.84.152.234200 OK 38 kB URL HTTP/2 analytics.tiktok.com/i18n/pixel/events.js?sdkid=C5OA7O5O3VNUQLVLPI4G&lib=ttq
IP 104.84.152.234:0
ASN #20940 Akamai International B.V.
Hash 436fe10e9acd1a5212421eda092bf95a
8f89647a83b0be255e88d9ec86384044f250b498
cde5c5c44cf74e91515e1a5fa09d74e37a999b846369e78e1b8a0dca83797e57
GET /i18n/pixel/events.js?sdkid=C5OA7O5O3VNUQLVLPI4G&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20220906225809984169BA5C4B8A779162
x-tt-trace-host: 014c3d3a48b720cad047ee4725ef00c61e3b5abc4166c8e729682c4aeb7a9b45faf51f8c546eeebc01db183cb160105b8f5b547011599d56ca25191b4d2334f486b0a767d8537eba1e04664649d8c062bc3650309e2ae1950c59406c253143b398
content-encoding: gzip
x-origin-response-time: 12,23.220.107.4
x-akamai-request-id: e20f5ae1.2bb9d9f2
expires: Tue, 06 Sep 2022 22:58:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 06 Sep 2022 22:58:09 GMT
x-cache: TCP_MISS from a104-84-152-230.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-220-107-4.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=12, inner; dur=3
x-parent-response-time: 112,104.84.152.230
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 06 Sep 2022 22:41:12 GMT
expires: Wed, 07 Sep 2022 00:41:12 GMT
cache-control: public, max-age=7200
age: 1017
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
104.84.152.234200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 104.84.152.234:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 930
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Cookie: _ttp=2EPlRCv13a6awNtUAl0UCIWVqjB
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20220906225809C6F109601CD8826857C5
x-tt-trace-host: 014c3d3a48b720cad047ee4725ef00c61e3b5abc4166c8e729682c4aeb7a9b45faced83bce3dd4c54ca323dd229c6bdcdabd0013755e58a759064d4662d428a604eea31a776f72ce5fe10eb94a1297ad2e2bab7cf7d87c261e1883e7e3c678c261
x-origin-response-time: 20,23.220.107.9
x-akamai-request-id: 7e610bf0.2bb9db02
expires: Tue, 06 Sep 2022 22:58:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 06 Sep 2022 22:58:09 GMT
x-cache: TCP_MISS from a104-84-152-230.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-cache-remote: TCP_MISS from a23-220-107-9.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=20, inner; dur=14
x-parent-response-time: 119,104.84.152.230
X-Firefox-Spdy: h2
seguro.marazul-tech.com/cart/promocode/store
170.82.174.30200 OK 43 kB URL HTTP/2 seguro.marazul-tech.com/cart/promocode/store
IP 170.82.174.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash e6edd2037cce60390cbe919244335bfd
107279985f3ddc1f3e12af0da3434b9d14502ce0
62fd29a8889e09c81c080ea0219e337f7eeb20ad756eda3e35f2764111fae679
Analyzer Verdict Alert fortinet Phishing
POST /cart/promocode/store HTTP/1.1
Host: seguro.marazul-tech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImE4M2IyNmNkMGE3ZTZmYjciLCJ0ciI6ImQ3NDBkYzM3MDA1ODM3M2NiNGVhOThkOGUzNjYyNzJiIiwidGkiOjE2NjI1MDUwODMyMjl9fQ==
traceparent: 00-d740dc370058373cb4ea98d8e366272b-a83b26cd0a7e6fb7-01
tracestate: 2935249@nr=0-1-2935249-1134170823-a83b26cd0a7e6fb7----1662505083229
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 63
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10
Cookie: XSRF-TOKEN=eyJpdiI6ImNzazZSa2VnY3g0eVlKVlV2SFB4cVE9PSIsInZhbHVlIjoiWlpuQTJSUTlqc2xpdUl6QTVJazhoY0VraklySnJyOUpmeTB2VXJcL3ZGYVROUjdDTlI1dkZEd2ozXC9WYzExWFRMbG5zbHJGS2E3NEFjdzkxWlBPM2JLZz09IiwibWFjIjoiZWQwMTYwOTAzOTMxODY4ZWVkM2MyZDIwY2I2ZTA5ZjlmYmU0MmU1ODRiYTJjMGI2MDI4ZTZkNWMzODJhMTU0NSJ9; bubbstore_checkout=eyJpdiI6Ink5S3dRTm1Bak5JdTZPTXZJWUVSOXc9PSIsInZhbHVlIjoiVlN3NUwwdlVOOUZxUUNSM25TWjVhNmxLRzVXamc2Y0hsMndZNThqVG9BRVwvXC9DUzdSdXNjM21POFVxVXVyTEJnNWNGcVNnM1VMb3A3ZkJLMm5RT3JlQT09IiwibWFjIjoiZjEwMGJmMDJiYzNmYmUzMGNjY2MyMDM2NzMzYjUwNDM0MGY4MzQwMWU2NWVkYzMxZTUwMGI1YTQ1MzhkZjVlYiJ9; marazul-tech_cart=eyJpdiI6IlhNVWR3emdqMWZhWlwvT2JXK3ZSVTRRPT0iLCJ2YWx1ZSI6InV4ek5UT3Q5eThIZDVWbTR4aVpxZ0RsZkxxN0haaGZDK1pORWJ6N3cxRUk4d05iWDA5S0Q5aHpzU1wvY25NMTVhUmFZaXpqK2NsMDhYaXJ1T1hsN0pvdz09IiwibWFjIjoiNjM5MDk1YjBiMzNlNGNiY2EyN2VmOGVjOTEwZDcxYjVkMjk2MmEyYWIxM2U4NWEyODI3OTY0YzE5MTA4Mjg2MSJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:09 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IkgzQ1haVCtMamhrd1BLeHhcL0dlTFNRPT0iLCJ2YWx1ZSI6ImZ1Y25yN2Rmbjl4ZFFoWlwveExhSisrd1wvd0U2eWVvZkVLOHBZVVwvNzdUdW14ZU03SjhCZWl4MDlNZElUNU9aMDdzUnNnVFQySmNwNGt1TWd5ZmtCTWt3PT0iLCJtYWMiOiIyNTYwNjA4NmZiMWNlY2FlMzUxYTIwMTIwZjQ2ZjRkZTgyMGZjMzQwZjBhMjkyNGRlMjdjN2E1NTc5YWVlZTk5In0%3D; expires=Wed, 07-Sep-2022 01:58:09 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IkNcL2hlSGxURjNJRmFJNU9PQjBvNE1RPT0iLCJ2YWx1ZSI6InZ3SjRnVlc4aFJMaEE3MlVEMnNUcUZPS0xLcnBFOUJSSlpadnQwQVwveENDSXozNGdCTzE5dFpyZHBvRlFjb2J0WkpvTVwvcGhFWWJEcEpsRDBWajg1cUE9PSIsIm1hYyI6ImQyZmZhZjM4ZTRiZWNkMWRmMzU0ZTU2MDFmZWI0YzMyNzBlYjcyMmMzYzUxNDM1NjNhNTJjNWY4ZWIwZTIxMWUifQ%3D%3D; expires=Wed, 07-Sep-2022 01:58:09 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPEkVeWgkHXlJWTBUXDUIHGk4IFgQCA1UJTQFPAlpWDwRNS1IUEQZUWFsFAQBQAQZSA1pTUFQSTl4DVEtRbw==
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 8e7e24fb3539746aa8b869558f589615
d8086d86bbd5cfacc3b6a5ef14aa917830e137dd
7304497ee417a664bdea67d7307ca36a36013556b927c3ea5bca6c04b66236ef
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: rMbVXJut9ZLjcGaqndjnARhq1lD69vAhY8baoO6o2xbsxTuAKRVpTXTc5zk1i/KUb6aBYbdNPx4SbAbRfJQJmw==
content-length: 26737
x-fb-trip-id: 2050670934
date: Tue, 06 Sep 2022 22:58:09 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
seguro.marazul-tech.com/e/t
170.82.174.30200 OK 20 B URL HTTP/2 seguro.marazul-tech.com/e/t
IP 170.82.174.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert fortinet Phishing
POST /e/t HTTP/1.1
Host: seguro.marazul-tech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjI0MjExYzE1OWExNDY1NDMiLCJ0ciI6ImJjNWUzYTFhMDBlMTJiMGZkYzg5NTU4NTU1YTYwZGJiIiwidGkiOjE2NjI1MDUwODMyNDN9fQ==
traceparent: 00-bc5e3a1a00e12b0fdc89558555a60dbb-24211c159a146543-01
tracestate: 2935249@nr=0-1-2935249-1134170823-24211c159a146543----1662505083243
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 365
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10
Cookie: XSRF-TOKEN=eyJpdiI6ImNzazZSa2VnY3g0eVlKVlV2SFB4cVE9PSIsInZhbHVlIjoiWlpuQTJSUTlqc2xpdUl6QTVJazhoY0VraklySnJyOUpmeTB2VXJcL3ZGYVROUjdDTlI1dkZEd2ozXC9WYzExWFRMbG5zbHJGS2E3NEFjdzkxWlBPM2JLZz09IiwibWFjIjoiZWQwMTYwOTAzOTMxODY4ZWVkM2MyZDIwY2I2ZTA5ZjlmYmU0MmU1ODRiYTJjMGI2MDI4ZTZkNWMzODJhMTU0NSJ9; bubbstore_checkout=eyJpdiI6Ink5S3dRTm1Bak5JdTZPTXZJWUVSOXc9PSIsInZhbHVlIjoiVlN3NUwwdlVOOUZxUUNSM25TWjVhNmxLRzVXamc2Y0hsMndZNThqVG9BRVwvXC9DUzdSdXNjM21POFVxVXVyTEJnNWNGcVNnM1VMb3A3ZkJLMm5RT3JlQT09IiwibWFjIjoiZjEwMGJmMDJiYzNmYmUzMGNjY2MyMDM2NzMzYjUwNDM0MGY4MzQwMWU2NWVkYzMxZTUwMGI1YTQ1MzhkZjVlYiJ9; marazul-tech_cart=eyJpdiI6IlhNVWR3emdqMWZhWlwvT2JXK3ZSVTRRPT0iLCJ2YWx1ZSI6InV4ek5UT3Q5eThIZDVWbTR4aVpxZ0RsZkxxN0haaGZDK1pORWJ6N3cxRUk4d05iWDA5S0Q5aHpzU1wvY25NMTVhUmFZaXpqK2NsMDhYaXJ1T1hsN0pvdz09IiwibWFjIjoiNjM5MDk1YjBiMzNlNGNiY2EyN2VmOGVjOTEwZDcxYjVkMjk2MmEyYWIxM2U4NWEyODI3OTY0YzE5MTA4Mjg2MSJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:09 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IjlqV2Z3NHloYXR3cWwxVjVOK1BrUmc9PSIsInZhbHVlIjoiRFNmcWlzaXZHWUFJZkNVS3ZteG9GZ2ZVelorTTJweDZVVHZqZTVBd1pyZUZJZW8zNDdDb2pUT2sxeUVOSHlJazdncnhlNE0zSEtES1hwZWpQalNZeFE9PSIsIm1hYyI6Ijg5Zjg1OTU1OTIzYjJlZTFhZDg2OGViZTExMWM3NTE5OTBhZDU5NzY4ZjJiYTE2YzdiNTljYThkNmY3MjdlYjEifQ%3D%3D; expires=Wed, 07-Sep-2022 01:58:09 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IjMyeVJDXC85bnVGNkRydmlxYXp5dFdRPT0iLCJ2YWx1ZSI6IlNjT09Wbk9MUjNFVzZiU2l4NjRxMVgzU3hsbFliU0xzejhNS1l4TGFyTUp1MFBTQ1ZSdVowWUNoTE5rSU9MZGJkMU9LVFZsa3VyaFpyR3Njck9JNVhnPT0iLCJtYWMiOiIwMzhjZjdkZTYxMjgzN2UyZmI5MGY3NWVlZWEzZjZjYTEwYzg3ZjhjMTViMWZiZTlhOTA5NTRhZmEwMjA5M2Q4In0%3D; expires=Wed, 07-Sep-2022 01:58:09 GMT; Max-Age=10800; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
www.google-analytics.com/plugins/ua/ecommerce.js
142.250.74.174200 OK 738 B URL HTTP/2 www.google-analytics.com/plugins/ua/ecommerce.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (745)
Hash f804aa0b574b678d24df5281ed71a61d
2fc02211b273e1ab4d362df05d592f2d822c2add
1d2d8c7f3502f4459478fe8c7495a27464d6f178b1d564333a107d310c0ea74d
GET /plugins/ua/ecommerce.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 738
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 22:49:49 GMT
expires: Tue, 06 Sep 2022 23:49:49 GMT
cache-control: public, max-age=3600
age: 500
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0b218225171cae57237cd71ae6f3347b
821f6cda5bf110fad5777736e92a27db636d488c
1372a445d0f8e9b0b2b3abb6762ca5ec3867bb42928aa2f7ed84a47f660f3c59
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3848
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:09 GMT
Last-Modified: Tue, 06 Sep 2022 21:54:01 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
api.mercadopago.com/v1/device_sessions/web_device
107.23.32.171200 OK 12 kB URL HTTP/2 api.mercadopago.com/v1/device_sessions/web_device
IP 107.23.32.171:0
Hash ba619e191949abfa8740204fe52e8961
84733cf952be86fbca6511bf4581684ffc00abc4
7c3acae543bbcc8a21dcc2f206411005be41ba1c4f0813361081ed74c754728d
POST /v1/device_sessions/web_device HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 48
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:09 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://seguro.marazul-tech.com
x-request-id: 62d10273-dc40-4c48-9e26-bfbb844dbf3c
x-trace-digest-keys: x-source-ip,x-trace-source,x-request-id,x-trace-digest-77,x-trace-digest-keys,x-trace-existing-keys
x-source-ip: 91.90.42.154
x-b3-spanid: 0b31f1903067782e
x-b3-traceid: 0b31f1903067782e
x-trace-source: fury_app
x-trace-digest-77: SdYZNSzE1gS6N2So905HrTBUIC6CyL0NoOjj250kmA+ySAhTO4xKK2rEOwkK8htj
x-b3-sampled: 0
x-trace-existing-keys: x-b3-sampled,x-b3-spanid,x-b3-traceid
access-control-allow-credentials: true
vary: Accept-Encoding, Accept,Accept-Encoding
cache-control: max-age=0
set-cookie: profile=1662505089563;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/61200f04b9c5f/61200f04b9c64.png
16.12.2.16200 OK 7.6 kB URL HTTP/1.1 s3.sa-east-1.amazonaws.com/king-assets.yampi.me/dooki/61200f04b9c5f/61200f04b9c64.png
IP 16.12.2.16:0
File type PNG image data, 272 x 272, 8-bit/color RGBA, non-interlaced\012- data
Hash 78e60acf5aba1d62b42cd34ffc212c10
0c50523cff991a160be8a59f1cde129defe4309d
c30cf70847312573a625791046e9ba429d8b2441350500044aa3e2da67318394
GET /king-assets.yampi.me/dooki/61200f04b9c5f/61200f04b9c64.png HTTP/1.1
Host: s3.sa-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: WVpjhPZuJBYbpdfaZZupwenNhbuXPDq7rNb9Z7uYnFqp5f8Hf0TlUFmOQzdgm7bPeZES1RP6foE=
x-amz-request-id: CQ1AXBBKE5S5BQGK
Date: Tue, 06 Sep 2022 22:58:10 GMT
Last-Modified: Fri, 20 Aug 2021 20:22:29 GMT
ETag: "78e60acf5aba1d62b42cd34ffc212c10"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 7647
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css
142.250.74.163200 OK 24 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css
IP 142.250.74.163:0
File type ASCII text, with very long lines (52762), with no line terminators
Hash f2d649025c814be9c33f166a5e04fe88
26bf59de631415927ba2c6c9e44fe9c763f95313
f95ec963b7657097e1ef827fc07d96eda5b63f7d3e17b5a1b5eeb7a8d0b67921
GET /recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24251
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 09:41:32 GMT
expires: Wed, 06 Sep 2023 09:41:32 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
content-type: text/css
age: 47798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 51793b7aca12e07c707f923e821c3231
8aecbe01ed606227ff1d7c5684f4ca82e5016bf9
a3a7bcdc8076b46d7c77ae9a4b22a064de07b296c9e18070aaed7ad9c8fdef8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 395 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash ef376204f07170ebd9331330022c7090
f2661d75304ece36c5a38041b6799f3390d88b32
70b448b425d0f3e2c37193d9e199c23f0e9762f4b46a4e4f3272e6a85958c84a
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 22:58:10 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1628159602%3A1662505090536526&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmXtn1JfU7nJD4pANMHh_gKTYxTlaSq466czwRSoNr3Ad85N04x-iVAzHL0qDwI2DAqx-b2b3Q
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-z87g4_ZoP6H-bWHpF7bPQA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:QvG2z07AZqYY5KLYlYFYEN4nm3mAfA:SSWw1bTNrpotFhNJ;Path=/;Expires=Thu, 05-Sep-2024 22:58:10 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background/etid
143.204.55.53200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/etid
IP 143.204.55.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jms/lgz/background/etid HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Tue, 06 Sep 2022 22:58:10 GMT
server: Tengine
set-cookie: _d2id=07c8b937-aad3-4fad-922d-b6b1c9346ea1-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 06 Sep 2023 22:58:10 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: b98d0420-c07b-4975-ba4a-dfeb28da2601-1662505090685
cache-control: private, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 5
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 07c8b937-aad3-4fad-922d-b6b1c9346ea1
x-request-device-id: 07c8b937-aad3-4fad-922d-b6b1c9346ea1
x-d2id: 07c8b937-aad3-4fad-922d-b6b1c9346ea1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rLgynM0dQNOyeID5-PQAOl3eaT0mNnhe3vcwnW3J4APqScwwoLn-Rw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mercadolibre.com/jms/lgz/background/etid
143.204.55.53200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/etid
IP 143.204.55.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jms/lgz/background/etid HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Tue, 06 Sep 2022 22:58:10 GMT
server: Tengine
set-cookie: _d2id=96075bab-02a3-4369-bef7-092ac0aa4059-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 06 Sep 2023 22:58:10 GMT
access-control-allow-origin: *
access-control-expose-headers: Etag
etag: ad616253-dffc-4671-b007-fe19be76d92d-1662505090943
cache-control: private, must-revalidate, proxy-revalidate
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 96075bab-02a3-4369-bef7-092ac0aa4059
x-request-device-id: 96075bab-02a3-4369-bef7-092ac0aa4059
x-d2id: 96075bab-02a3-4369-bef7-092ac0aa4059
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FwxriNnxSN25oC26kaN6dq18wGRYKFhau35anaCZViyQvITKB5yrxw==
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-223946953-1&cid=1902800184.1662505084&jid=1699343849&gjid=1802434222&_gid=208067312.1662505084&_u=IEBAAEASAAAAAC~&z=2139588532
142.251.1.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-223946953-1&cid=1902800184.1662505084&jid=1699343849&gjid=1802434222&_gid=208067312.1662505084&_u=IEBAAEASAAAAAC~&z=2139588532
IP 142.251.1.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-223946953-1&cid=1902800184.1662505084&jid=1699343849&gjid=1802434222&_gid=208067312.1662505084&_u=IEBAAEASAAAAAC~&z=2139588532 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://seguro.marazul-tech.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Sep 2022 22:58:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-45745009-5&cid=1902800184.1662505084&jid=1616647002&gjid=1165267023&_gid=208067312.1662505084&_u=IEHAAEATAAAAAC~&z=838324587
142.251.1.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-45745009-5&cid=1902800184.1662505084&jid=1616647002&gjid=1165267023&_gid=208067312.1662505084&_u=IEHAAEATAAAAAC~&z=838324587
IP 142.251.1.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-45745009-5&cid=1902800184.1662505084&jid=1616647002&gjid=1165267023&_gid=208067312.1662505084&_u=IEHAAEATAAAAAC~&z=838324587 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://seguro.marazul-tech.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Sep 2022 22:58:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f53ebd30fa3351f320ca2c8764734ff1
9205e35b1cef1602414af2350ba6205f4129234c
d486cc21bbc47eac5718644e1b280d12a5a4bc92ec97a0e88f184bf6422cb6f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-223946953-1&cid=1902800184.1662505084&jid=1699343849&_u=IEBAAEASAAAAAC~&z=977035583
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-223946953-1&cid=1902800184.1662505084&jid=1699343849&_u=IEBAAEASAAAAAC~&z=977035583
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-223946953-1&cid=1902800184.1662505084&jid=1699343849&_u=IEBAAEASAAAAAC~&z=977035583 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 22:58:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
seguro.marazul-tech.com/cart/orderbump/79645/view
170.82.174.30200 OK 86 kB URL HTTP/2 seguro.marazul-tech.com/cart/orderbump/79645/view
IP 170.82.174.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
File type JSON data\012- , ASCII text, with very long lines (64438)
Hash fb31673fc3c8e84f5ebabeba9667dd94
29a30495dad151d8c8227f7d88001d91d78725e3
e7de412be2c3da1ad470adb4838309bb8d161d67fdd6703bd861b493f59597f1
Analyzer Verdict Alert fortinet Phishing
POST /cart/orderbump/79645/view HTTP/1.1
Host: seguro.marazul-tech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjhmYTMyYmQ2OTdlZmI2OTMiLCJ0ciI6IjVjZGUwMTVkNDRlOGVlZGYxODI4NjU0ZDI3MjAwMjVmIiwidGkiOjE2NjI1MDUwODQ5NDh9fQ==
traceparent: 00-5cde015d44e8eedf1828654d2720025f-8fa32bd697efb693-01
tracestate: 2935249@nr=0-1-2935249-1134170823-8fa32bd697efb693----1662505084948
X-Requested-With: XMLHttpRequest
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10
Cookie: XSRF-TOKEN=eyJpdiI6IlBDb1F3eFwvcklBSGUrVTlEMEhuaXRRPT0iLCJ2YWx1ZSI6IkhZYmJ6Qzh4aUlaOFBBTlBoY25ON3VVelhPMzR5UUk3VzllNzQrXC93WnpoVThRTE5qdHozU0VlTUtYWlVhazlMWjdvZGo5bzFcL3FkSlhQaDZBU1Z6N2c9PSIsIm1hYyI6IjcwZjI4MjhmNDMzMjEwN2IwZTYzNWQ1OTFmZjg3N2VlMWIzZWY4ZmMyMmE2N2MwMjEwYjllY2I2ZmU2NzMwYmQifQ%3D%3D; bubbstore_checkout=eyJpdiI6ImFtUEU2cWxsWjBCcU9EU3NHQ3UzSWc9PSIsInZhbHVlIjoiVThxcUxOemxyMUZESFhEemNOV0JqOU4wSjhvRlwvU2dIUTUwZUYrdEc2SWhpSzFlb3kxQ20rbW5ORkZKRVBLNlJ0ajZUWkhKNTF4dEloeEhLNE5DVnB3PT0iLCJtYWMiOiI3NzlkNzIzYTZiMWMyNTAwN2ZkYmIxMmQ5ZGIyYmNkN2VkMzljYzM3MTY1YzdlNmNjNGM0MDE4OWRhNjgzYWU4In0%3D; marazul-tech_cart=eyJpdiI6IlhNVWR3emdqMWZhWlwvT2JXK3ZSVTRRPT0iLCJ2YWx1ZSI6InV4ek5UT3Q5eThIZDVWbTR4aVpxZ0RsZkxxN0haaGZDK1pORWJ6N3cxRUk4d05iWDA5S0Q5aHpzU1wvY25NMTVhUmFZaXpqK2NsMDhYaXJ1T1hsN0pvdz09IiwibWFjIjoiNjM5MDk1YjBiMzNlNGNiY2EyN2VmOGVjOTEwZDcxYjVkMjk2MmEyYWIxM2U4NWEyODI3OTY0YzE5MTA4Mjg2MSJ9; __ana_uid=1-x28xo4aj-l7qslo7b; __ana_utm={"utm_source":"SMS","utm_campaign":"Carrinho Abandonado 1"}; recommendationLoaded=true; _tt_enable_cookie=1; _ttp=b39afe0b-42b2-4232-a835-8ce4b6686256; _ga=GA1.2.1902800184.1662505084; _gid=GA1.2.208067312.1662505084; _gat=1; _ga=GA1.3.1902800184.1662505084; _gid=GA1.3.208067312.1662505084; _gat_bubbTracker=1; _gat_checkout=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:11 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6Inh5SDhYZ0VMZHVUdWdFNmxieDNPekE9PSIsInZhbHVlIjoiRHNiRjR5b3VqRmxmRk8rdVwvQnZrSXZKdnI1MURGYVFaMkhyN0VZdWVcL1BSclpWMXdGZm9LVFRLeFlFY0NNcm14Nk5UNXRHdlk2T1V6YlN4Mk5EWmZkQT09IiwibWFjIjoiM2QzOTBjZTQyMjFlMTJhYzRlNjVlMjFmOTJhMjRmMzRiZmQ5YTE2YTIyZWU0MjMyM2JjNzNlMjg1Yjg3NmQ3YSJ9; expires=Wed, 07-Sep-2022 01:58:11 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6Ink0RUpMbDZDcTR1cElSUDVTT1BCdkE9PSIsInZhbHVlIjoibVo4VnJkbHVlMTlMM2tVekMzanY4dGdDc0JDbkMzcEY5aDNLdnM5U05Hd0g4ZnVqNTlkNGFHNEZWcVMwNVQ2aEhwdFVUcTZhWEdNVHNwK05FTFBkcHc9PSIsIm1hYyI6IjI3YTA4OGFkMWJlYzc3M2U4NmZjYjkzNjRlNWYxNzlmY2U1ODgzOWQ0N2FiOTVmYjY0ZmQzNTRhNTA2NWYyMmYifQ%3D%3D; expires=Wed, 07-Sep-2022 01:58:11 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPDUVVUhQGRFtDTBAKB0dAFFIWCAQCA1UVUR9QC1JcARtMV08aUAEAUlZSAgRRVVAOUlJQV0AcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f53ebd30fa3351f320ca2c8764734ff1
9205e35b1cef1602414af2350ba6205f4129234c
d486cc21bbc47eac5718644e1b280d12a5a4bc92ec97a0e88f184bf6422cb6f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=390733156029393&ev=PageView&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086015&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=PageView_3o5wquija&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=390733156029393&ev=PageView&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086015&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=PageView_3o5wquija&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=390733156029393&ev=PageView&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086015&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=PageView_3o5wquija&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 22:58:12 GMT
expires: Tue, 06 Sep 2022 22:58:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=396677952527107&ev=PageView&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086022&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=PageView_3o5wquija&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=396677952527107&ev=PageView&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086022&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=PageView_3o5wquija&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=396677952527107&ev=PageView&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086022&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=PageView_3o5wquija&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 22:58:12 GMT
expires: Tue, 06 Sep 2022 22:58:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=4844011979027226&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086023&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_msumf4kji&tm=1&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=4844011979027226&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086023&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_msumf4kji&tm=1&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=4844011979027226&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086023&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_msumf4kji&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 22:58:12 GMT
expires: Tue, 06 Sep 2022 22:58:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=390733156029393&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086025&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_tccgsd5us&tm=1&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=390733156029393&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086025&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_tccgsd5us&tm=1&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=390733156029393&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086025&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_tccgsd5us&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 22:58:12 GMT
expires: Tue, 06 Sep 2022 22:58:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=4879508188843032&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086027&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_vfpjkc7ct&tm=1&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=4879508188843032&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086027&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_vfpjkc7ct&tm=1&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=4879508188843032&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086027&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_vfpjkc7ct&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 22:58:12 GMT
expires: Tue, 06 Sep 2022 22:58:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=2509278342537416&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086028&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_kb20pbx0r&tm=1&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=2509278342537416&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086028&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_kb20pbx0r&tm=1&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=2509278342537416&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086028&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_kb20pbx0r&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 22:58:12 GMT
expires: Tue, 06 Sep 2022 22:58:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=3230749553845220&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086030&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_drfsf63mc&tm=1&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=3230749553845220&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086030&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_drfsf63mc&tm=1&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=3230749553845220&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086030&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_drfsf63mc&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 22:58:12 GMT
expires: Tue, 06 Sep 2022 22:58:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1077799112828374&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086030&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_arguc3scb&tm=1&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=1077799112828374&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086030&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_arguc3scb&tm=1&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=1077799112828374&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086030&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_arguc3scb&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 22:58:12 GMT
expires: Tue, 06 Sep 2022 22:58:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=396677952527107&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086031&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_sh4jgnoss&tm=1&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=396677952527107&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086031&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_sh4jgnoss&tm=1&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=396677952527107&ev=AddPaymentInfo&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086031&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=1&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=AddPaymentInfo_sh4jgnoss&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 22:58:12 GMT
expires: Tue, 06 Sep 2022 22:58:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=2509278342537416&ev=PageView&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086018&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=PageView_3o5wquija&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=2509278342537416&ev=PageView&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086018&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=PageView_3o5wquija&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=2509278342537416&ev=PageView&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086018&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=PageView_3o5wquija&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 22:58:12 GMT
expires: Tue, 06 Sep 2022 22:58:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
seguro.marazul-tech.com/cart/orderbump/79645/view
170.82.174.30200 OK 97 B URL HTTP/2 seguro.marazul-tech.com/cart/orderbump/79645/view
IP 170.82.174.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Hash b26052ac5b9aefecbb62457865b1af24
ef3fc6c0d1f5610f53909fe94bb35d26299f0f15
277deb8c62b6efbeb78000e45872e6b0e3279012769a9da9add5cb5f2ba8de81
Analyzer Verdict Alert fortinet Phishing
POST /cart/orderbump/79645/view HTTP/1.1
Host: seguro.marazul-tech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6ImY1MWE4OWEyMzY0ZTJhOTgiLCJ0ciI6IjhhM2RjOTQ5OTQyYmRiOGVhOWJhNWRlNDU4YTQ3ZDA4IiwidGkiOjE2NjI1MDUwODU1ODN9fQ==
traceparent: 00-8a3dc949942bdb8ea9ba5de458a47d08-f51a89a2364e2a98-01
tracestate: 2935249@nr=0-1-2935249-1134170823-f51a89a2364e2a98----1662505085583
X-Requested-With: XMLHttpRequest
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10
Cookie: XSRF-TOKEN=eyJpdiI6Inh5SDhYZ0VMZHVUdWdFNmxieDNPekE9PSIsInZhbHVlIjoiRHNiRjR5b3VqRmxmRk8rdVwvQnZrSXZKdnI1MURGYVFaMkhyN0VZdWVcL1BSclpWMXdGZm9LVFRLeFlFY0NNcm14Nk5UNXRHdlk2T1V6YlN4Mk5EWmZkQT09IiwibWFjIjoiM2QzOTBjZTQyMjFlMTJhYzRlNjVlMjFmOTJhMjRmMzRiZmQ5YTE2YTIyZWU0MjMyM2JjNzNlMjg1Yjg3NmQ3YSJ9; bubbstore_checkout=eyJpdiI6Ink0RUpMbDZDcTR1cElSUDVTT1BCdkE9PSIsInZhbHVlIjoibVo4VnJkbHVlMTlMM2tVekMzanY4dGdDc0JDbkMzcEY5aDNLdnM5U05Hd0g4ZnVqNTlkNGFHNEZWcVMwNVQ2aEhwdFVUcTZhWEdNVHNwK05FTFBkcHc9PSIsIm1hYyI6IjI3YTA4OGFkMWJlYzc3M2U4NmZjYjkzNjRlNWYxNzlmY2U1ODgzOWQ0N2FiOTVmYjY0ZmQzNTRhNTA2NWYyMmYifQ%3D%3D; marazul-tech_cart=eyJpdiI6IlhNVWR3emdqMWZhWlwvT2JXK3ZSVTRRPT0iLCJ2YWx1ZSI6InV4ek5UT3Q5eThIZDVWbTR4aVpxZ0RsZkxxN0haaGZDK1pORWJ6N3cxRUk4d05iWDA5S0Q5aHpzU1wvY25NMTVhUmFZaXpqK2NsMDhYaXJ1T1hsN0pvdz09IiwibWFjIjoiNjM5MDk1YjBiMzNlNGNiY2EyN2VmOGVjOTEwZDcxYjVkMjk2MmEyYWIxM2U4NWEyODI3OTY0YzE5MTA4Mjg2MSJ9; __ana_uid=1-x28xo4aj-l7qslo7b; __ana_utm={"utm_source":"SMS","utm_campaign":"Carrinho Abandonado 1"}; recommendationLoaded=true; _tt_enable_cookie=1; _ttp=b39afe0b-42b2-4232-a835-8ce4b6686256; _ga=GA1.2.1902800184.1662505084; _gid=GA1.2.208067312.1662505084; _gat=1; _ga=GA1.3.1902800184.1662505084; _gid=GA1.3.208067312.1662505084; _gat_bubbTracker=1; _gat_checkout=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:11 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IlAxT2c4T2JXOFwvT2o2TXJBa0REWGhnPT0iLCJ2YWx1ZSI6ImVwcnZQa1N4WERZQk44VHJcL1EyUHkrbjUyRjRHVHFScjRJOStyZ0xBT1ZaS3VLY3Y4YnZQc1VyQm16eFwvOWhPYUxCNTIyTjdITFFIQWx0TXd0XC9vREtnPT0iLCJtYWMiOiIwYzY2MWUxYjMyYzE0NmUxM2M4NTkwYmJkMTBjMjYxNTI2ZTg0Mzg3YjAyY2FlMDRmY2RmYjdlNjFlMGM0ZTIwIn0%3D; expires=Wed, 07-Sep-2022 01:58:11 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6InZVSDBDRFV4a1hnem9cL3BSZWo4RnFRPT0iLCJ2YWx1ZSI6IjFUSnN3STNGV095bkFlemxJWDdJZXlYUXBEZ2Zya2RGcG8rRUVtemdzK0NHQVNNSDEzZW1xN1VST1ZzRlRBSkVPS1FJTUljdnU0ZVE5MllPTkRLZzVRPT0iLCJtYWMiOiI3ZjZjZDAzMTNmZjM2YzFiZGU0ZTBjM2QxYTMyMzU3ZTJmZDMxMDI1OTk5YWUyMGY4YzE0MTRjNDg5MzY5MGFhIn0%3D; expires=Wed, 07-Sep-2022 01:58:11 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPDUVVUhQGRFtDTBAKB0dAFFIWCAQCA1UVUR9QBlVWARtMV08aAwRQA1oPAAZSXQEAAVBXUUAcBFkOS11p
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.marazul-tech.com
107.23.32.171200 OK 12 kB URL HTTP/2 api.mercadopago.com/v1/devices/widgets?referer=https%3A//seguro.marazul-tech.com
IP 107.23.32.171:0
Hash ae75b4f6d6a97b84a0526cea1e227aa0
37ad78218fd88f400b3ce5206168fcc2571aba18
cc58deb167b6607e5db1c1aa43b5546fecbddb0b818e276930e99f1b9a3727d8
POST /v1/devices/widgets?referer=https%3A//seguro.marazul-tech.com HTTP/1.1
Host: api.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 45
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:09 GMT
content-type: application/json
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: public_get_session_widget
access-control-allow-origin: https://seguro.marazul-tech.com
access-control-allow-credentials: true
set-cookie: profile=1662505089566;Path=/;Max-Age=220752000;HttpOnly;SameSite=none;Secure
content-encoding: gzip
x-content-type-options: nosniff
x-request-id: b0f0a955-322a-446a-9ce3-f59c9fdac925
x-xss-protection: 1; mode=block
strict-transport-security: max-age=16070400; includeSubDomains; preload
access-control-allow-headers: Content-Type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-max-age: 86400
timing-allow-origin: *
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=3230749553845220&ev=PageView&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086019&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=PageView_3o5wquija&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=3230749553845220&ev=PageView&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086019&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=PageView_3o5wquija&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=3230749553845220&ev=PageView&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086019&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=PageView_3o5wquija&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 22:58:12 GMT
expires: Tue, 06 Sep 2022 22:58:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1077799112828374&ev=PageView&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086021&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=PageView_3o5wquija&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=1077799112828374&ev=PageView&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086021&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=PageView_3o5wquija&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=1077799112828374&ev=PageView&dl=https%3A%2F%2Fseguro.marazul-tech.com%2Fcheckout%2Fpayment%3Futm_source%3DSMS%26utm_campaign%3DCarrinho%2BAbandonado%2B1%26forceCheckout%3D1%26skipToCheckout%3D1%26customerToken%3D173591c0-2dc8-11ed-8597-496e9ad2cca6%26promocode%3DDESCONTO10&rl=&if=false&ts=1662505086021&cd[content_ids]=%5B%227728646979820%22%5D&cd[content_type]=product_group&cd[value]=125.91&cd[currency]=BRL&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=29&fbp=fb.1.1662505086011.834367519&it=1662505084098&coo=false&eid=PageView_3o5wquija&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 22:58:12 GMT
expires: Tue, 06 Sep 2022 22:58:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Sep 2022 22:58:12 GMT
via: 1.1 varnish
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 249
x-timer: S1662505092.264249,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6b816c34bb646f1ce3acc0434c0bdc46
f89aca6669e300e3f1ae1334688013605058d2f0
a8a4add8a7a7b3365c1dcaf1ac9427c77051cb5445400c574101661a37f1e0b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:12 GMT
Server: ECS (amb/6B85)
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6b816c34bb646f1ce3acc0434c0bdc46
f89aca6669e300e3f1ae1334688013605058d2f0
a8a4add8a7a7b3365c1dcaf1ac9427c77051cb5445400c574101661a37f1e0b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:58:12 GMT
Server: ECS (amb/6BA6)
Content-Length: 471
bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHkMDG1gAXUQ%3D&rst=5845&ck=1&ref=https://seguro.marazul-tech.com/checkout/payment&ap=245&be=1862&fe=5596&dc=2558&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662505080644,%22n%22:0,%22f%22:1159,%22dn%22:1159,%22dne%22:1159,%22c%22:1159,%22s%22:1159,%22ce%22:1159,%22rq%22:1174,%22rp%22:1842,%22rpe%22:1842,%22dl%22:1849,%22di%22:2466,%22ds%22:2557,%22de%22:2652,%22dc%22:5595,%22l%22:5595,%22le%22:5816%7D,%22navigation%22:%7B%7D%7D&fcp=2454&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHkMDG1gAXUQ%3D&rst=5845&ck=1&ref=https://seguro.marazul-tech.com/checkout/payment&ap=245&be=1862&fe=5596&dc=2558&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662505080644,%22n%22:0,%22f%22:1159,%22dn%22:1159,%22dne%22:1159,%22c%22:1159,%22s%22:1159,%22ce%22:1159,%22rq%22:1174,%22rp%22:1842,%22rpe%22:1842,%22dl%22:1849,%22di%22:2466,%22ds%22:2557,%22de%22:2652,%22dc%22:5595,%22l%22:5595,%22le%22:5816%7D,%22navigation%22:%7B%7D%7D&fcp=2454&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHkMDG1gAXUQ%3D&rst=5845&ck=1&ref=https://seguro.marazul-tech.com/checkout/payment&ap=245&be=1862&fe=5596&dc=2558&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1662505080644,%22n%22:0,%22f%22:1159,%22dn%22:1159,%22dne%22:1159,%22c%22:1159,%22s%22:1159,%22ce%22:1159,%22rq%22:1174,%22rp%22:1842,%22rpe%22:1842,%22dl%22:1849,%22di%22:2466,%22ds%22:2557,%22de%22:2652,%22dc%22:5595,%22l%22:5595,%22le%22:5816%7D,%22navigation%22:%7B%7D%7D&fcp=2454&at=GhMHFwpIHx8%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 22:58:13 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 746acede9c5e1c06-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=98d2400a5f2601e1; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
bam.nr-data.net/events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHkMDG1gAXUQ%3D&rst=6604&ck=1&ref=https://seguro.marazul-tech.com/checkout/payment
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHkMDG1gAXUQ%3D&rst=6604&ck=1&ref=https://seguro.marazul-tech.com/checkout/payment
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-1173a7bb9742e987ab2?a=926985131&v=1216.487a282&to=NlQEYUJSDBFUBkdZWQ8eJ1ZEWg0MGgZbVVUKXhNBHkMDG1gAXUQ%3D&rst=6604&ck=1&ref=https://seguro.marazul-tech.com/checkout/payment HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1585
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 22:58:13 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 746acee09d3c1c06-OSL
Access-Control-Allow-Origin: https://seguro.marazul-tech.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
www.mercadolibre.com/jms/lgz/background?dps=armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3
143.204.55.53200 OK 3.2 kB URL HTTP/2 www.mercadolibre.com/jms/lgz/background?dps=armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3
IP 143.204.55.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (716)
Hash 7843dc0b59dbc73a6ea3dd214da0d7b7
02b6b6ed192e096b2b9ae6ff8b692e774b6458f5
befcb715ba303614fb47f93c93158b810960394fb9cfe01e00d05fb00f13e2b3
GET /jms/lgz/background?dps=armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3 HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
date: Tue, 06 Sep 2022 22:58:12 GMT
server: Tengine
set-cookie: _d2id=0ed28e18-0770-4c0a-9848-59b296e72abd-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 06 Sep 2023 22:58:12 GMT
access-control-allow-origin: *
x-transaction-name: cross_domain_profiler
content-encoding: gzip
x-envoy-upstream-service-time: 5
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 0ed28e18-0770-4c0a-9848-59b296e72abd
x-request-device-id: 0ed28e18-0770-4c0a-9848-59b296e72abd
x-d2id: 0ed28e18-0770-4c0a-9848-59b296e72abd
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DT47_X1KOzHkSUJDtN8VMcdvCudks1jtqBYQ7ZvLkVxOo0lwTkRT5A==
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background/session/armor.8662a21df4ee442bc175861f950a32303e8cbc8a8b5bc1cb7ce6d1b7744f7c392ec4b9af3f0f2c4f40fdc97687cc7e4b5f3cbcdcf561e0c5f913b0f8e580fdb284fc07c1ac15765d3f0053dac8766b15e607325984059d39c86f5f486020cef9.95a4693f4ce6edab207e274a9a75d772?background=armor.8662a21df4ee442bc175861f950a32303e8cbc8a8b5bc1cb7ce6d1b7744f7c392ec4b9af3f0f2c4f40fdc97687cc7e4b5f3cbcdcf561e0c5f913b0f8e580fdb284fc07c1ac15765d3f0053dac8766b15e607325984059d39c86f5f486020cef9.95a4693f4ce6edab207e274a9a75d772&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D
143.204.55.53200 OK 437 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/session/armor.8662a21df4ee442bc175861f950a32303e8cbc8a8b5bc1cb7ce6d1b7744f7c392ec4b9af3f0f2c4f40fdc97687cc7e4b5f3cbcdcf561e0c5f913b0f8e580fdb284fc07c1ac15765d3f0053dac8766b15e607325984059d39c86f5f486020cef9.95a4693f4ce6edab207e274a9a75d772?background=armor.8662a21df4ee442bc175861f950a32303e8cbc8a8b5bc1cb7ce6d1b7744f7c392ec4b9af3f0f2c4f40fdc97687cc7e4b5f3cbcdcf561e0c5f913b0f8e580fdb284fc07c1ac15765d3f0053dac8766b15e607325984059d39c86f5f486020cef9.95a4693f4ce6edab207e274a9a75d772&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D
IP 143.204.55.53:0
Hash f9a69144bd371a5f5981cdf4c6436130
7e5228bbed633d3c1a00c21bf821159d4c05a0f1
fc777bd3e02d7b1823f50e4a87b38301bb93936e20b2b7176031018dc9e07e78
GET /jms/lgz/background/session/armor.8662a21df4ee442bc175861f950a32303e8cbc8a8b5bc1cb7ce6d1b7744f7c392ec4b9af3f0f2c4f40fdc97687cc7e4b5f3cbcdcf561e0c5f913b0f8e580fdb284fc07c1ac15765d3f0053dac8766b15e607325984059d39c86f5f486020cef9.95a4693f4ce6edab207e274a9a75d772?background=armor.8662a21df4ee442bc175861f950a32303e8cbc8a8b5bc1cb7ce6d1b7744f7c392ec4b9af3f0f2c4f40fdc97687cc7e4b5f3cbcdcf561e0c5f913b0f8e580fdb284fc07c1ac15765d3f0053dac8766b15e607325984059d39c86f5f486020cef9.95a4693f4ce6edab207e274a9a75d772&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 06 Sep 2022 22:58:12 GMT
server: Tengine
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
set-cookie: _d2id=191cda6e-d7d9-4fd0-bdb4-48a12dfe7888-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 06 Sep 2023 22:58:12 GMT
dsid=ed803d10-275b-4b3d-801d-b8caabde3856-1662505092854;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
edsid=5f1685ce-a9ba-4136-97ac-bed742e7e3fd-1662505092854;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 9
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 191cda6e-d7d9-4fd0-bdb4-48a12dfe7888
x-request-device-id: 191cda6e-d7d9-4fd0-bdb4-48a12dfe7888
x-d2id: 191cda6e-d7d9-4fd0-bdb4-48a12dfe7888
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NcHgNxKnKN2uyTpw5OBwkEU_38YEnZYoaN0cGKsTCSW4vscxZtholA==
X-Firefox-Spdy: h2
github.bubbstore.com/svg/card-visa.svg
104.21.29.224200 OK 0 B URL HTTP/2 github.bubbstore.com/svg/card-visa.svg
IP 104.21.29.224:0
GET /svg/card-visa.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:08 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-1288"
expires: Tue, 06 Sep 2022 22:07:47 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 84D6:76B5:648E7D:692BA6:62EA7A7B
via: 1.1 varnish
age: 2
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1659533947.116294,VS0,VE111
vary: Accept-Encoding
x-fastly-request-id: de52283287c6ca651e1d2a45cea6f5f85f686675
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VoEspBUuzARmkSjhugsmaXo28UTEnNhkbF5yrF31izRvopK8SiKc%2B1Go1HovVM3AzizH9XVXM4CvfttxqcABpA3CTijRoi2Alsat9LPLx1v7O%2BrkbtW2aJefGh9YKM7mZOk4amhVzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746acec478360afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
seguro.marazul-tech.com/cart/payment
170.82.174.30200 OK 0 B URL HTTP/2 seguro.marazul-tech.com/cart/payment
IP 170.82.174.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Analyzer Verdict Alert fortinet Phishing
PUT /cart/payment HTTP/1.1
Host: seguro.marazul-tech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjVlZmJhNzRlYTIyOWE2ODEiLCJ0ciI6ImZiN2UyNjkxOWQwZGEzODFiY2E2NTVjODNmNzZhMDg0IiwidGkiOjE2NjI1MDUwODMyODl9fQ==
traceparent: 00-fb7e26919d0da381bca655c83f76a084-5efba74ea229a681-01
tracestate: 2935249@nr=0-1-2935249-1134170823-5efba74ea229a681----1662505083289
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 85
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10
Cookie: XSRF-TOKEN=eyJpdiI6ImNzazZSa2VnY3g0eVlKVlV2SFB4cVE9PSIsInZhbHVlIjoiWlpuQTJSUTlqc2xpdUl6QTVJazhoY0VraklySnJyOUpmeTB2VXJcL3ZGYVROUjdDTlI1dkZEd2ozXC9WYzExWFRMbG5zbHJGS2E3NEFjdzkxWlBPM2JLZz09IiwibWFjIjoiZWQwMTYwOTAzOTMxODY4ZWVkM2MyZDIwY2I2ZTA5ZjlmYmU0MmU1ODRiYTJjMGI2MDI4ZTZkNWMzODJhMTU0NSJ9; bubbstore_checkout=eyJpdiI6Ink5S3dRTm1Bak5JdTZPTXZJWUVSOXc9PSIsInZhbHVlIjoiVlN3NUwwdlVOOUZxUUNSM25TWjVhNmxLRzVXamc2Y0hsMndZNThqVG9BRVwvXC9DUzdSdXNjM21POFVxVXVyTEJnNWNGcVNnM1VMb3A3ZkJLMm5RT3JlQT09IiwibWFjIjoiZjEwMGJmMDJiYzNmYmUzMGNjY2MyMDM2NzMzYjUwNDM0MGY4MzQwMWU2NWVkYzMxZTUwMGI1YTQ1MzhkZjVlYiJ9; marazul-tech_cart=eyJpdiI6IlhNVWR3emdqMWZhWlwvT2JXK3ZSVTRRPT0iLCJ2YWx1ZSI6InV4ek5UT3Q5eThIZDVWbTR4aVpxZ0RsZkxxN0haaGZDK1pORWJ6N3cxRUk4d05iWDA5S0Q5aHpzU1wvY25NMTVhUmFZaXpqK2NsMDhYaXJ1T1hsN0pvdz09IiwibWFjIjoiNjM5MDk1YjBiMzNlNGNiY2EyN2VmOGVjOTEwZDcxYjVkMjk2MmEyYWIxM2U4NWEyODI3OTY0YzE5MTA4Mjg2MSJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:09 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IlBDb1F3eFwvcklBSGUrVTlEMEhuaXRRPT0iLCJ2YWx1ZSI6IkhZYmJ6Qzh4aUlaOFBBTlBoY25ON3VVelhPMzR5UUk3VzllNzQrXC93WnpoVThRTE5qdHozU0VlTUtYWlVhazlMWjdvZGo5bzFcL3FkSlhQaDZBU1Z6N2c9PSIsIm1hYyI6IjcwZjI4MjhmNDMzMjEwN2IwZTYzNWQ1OTFmZjg3N2VlMWIzZWY4ZmMyMmE2N2MwMjEwYjllY2I2ZmU2NzMwYmQifQ%3D%3D; expires=Wed, 07-Sep-2022 01:58:09 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6ImFtUEU2cWxsWjBCcU9EU3NHQ3UzSWc9PSIsInZhbHVlIjoiVThxcUxOemxyMUZESFhEemNOV0JqOU4wSjhvRlwvU2dIUTUwZUYrdEc2SWhpSzFlb3kxQ20rbW5ORkZKRVBLNlJ0ajZUWkhKNTF4dEloeEhLNE5DVnB3PT0iLCJtYWMiOiI3NzlkNzIzYTZiMWMyNTAwN2ZkYmIxMmQ5ZGIyYmNkN2VkMzljYzM3MTY1YzdlNmNjNGM0MDE4OWRhNjgzYWU4In0%3D; expires=Wed, 07-Sep-2022 01:58:09 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPF0dVVhIBYVdKDwMNFhJOCEwICAQCA0kJTwNXBFRVGhpQSkEBAQkHAlIFCQZUUQIBBVNRQU5WA1QRXWU=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
analytics.tiktok.com/i18n/pixel/config.js?sdkid=C5OA7O5O3VNUQLVLPI4G&hostname=seguro.marazul-tech.com
104.84.152.234200 OK 0 B URL HTTP/2 analytics.tiktok.com/i18n/pixel/config.js?sdkid=C5OA7O5O3VNUQLVLPI4G&hostname=seguro.marazul-tech.com
IP 104.84.152.234:0
ASN #20940 Akamai International B.V.
GET /i18n/pixel/config.js?sdkid=C5OA7O5O3VNUQLVLPI4G&hostname=seguro.marazul-tech.com HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20220906225809FE5FC32DFBE6647A16E2
x-tt-trace-host: 014c3d3a48b720cad047ee4725ef00c61efe493b087516cf82df5005928aa9eab1a286d700b566dd30a103de7219c904bab56882614f13a7b138bb553ee442e33f30d5bb727d4db358a6f737920f4c2b14
content-encoding: gzip
expires: Tue, 06 Sep 2022 22:58:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 06 Sep 2022 22:58:09 GMT
x-cache: TCP_MISS from a104-84-152-230.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
vary: Accept-Encoding
set-cookie: _ttp=2EPlRCv13a6awNtUAl0UCIWVqjB; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=98
x-origin-response-time: 98,104.84.152.230
x-akamai-request-id: 2bb9da77
X-Firefox-Spdy: h2
cdn.yampi.io/ana/ana.min.js?t=1662508800000
104.18.15.227200 OK 0 B URL HTTP/2 cdn.yampi.io/ana/ana.min.js?t=1662508800000
IP 104.18.15.227:0
GET /ana/ana.min.js?t=1662508800000 HTTP/1.1
Host: cdn.yampi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:09 GMT
content-type: application/javascript
x-amz-id-2: uu1Cit7W4/zJw0yIYCNsZf6hiqR54ydtWcjbBp+2TnIb8mnesOqzCrJsTWeyDhossY9Bjbaq3yk=
x-amz-request-id: 8DGNYJEQZHB3SZ5W
last-modified: Sun, 26 Jun 2022 23:28:17 GMT
x-amz-version-id: QVByH4DoJS5uOcK0PZ6NhcCV1oJEdR5U
etag: W/"e7cabc20ce5d56c20d8c4577a36e2525"
cf-cache-status: HIT
age: 2
expires: Wed, 06 Sep 2023 22:58:09 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 746acec739aab51d-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
github.bubbstore.com/svg/card-hipercard.svg
104.21.29.224200 OK 0 B URL HTTP/2 github.bubbstore.com/svg/card-hipercard.svg
IP 104.21.29.224:0
GET /svg/card-hipercard.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:08 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-54bc"
expires: Tue, 06 Sep 2022 22:07:47 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: D79C:C438:19BD234:1AFB49D:63175C58
via: 1.1 varnish
age: 2
x-served-by: cache-bma1649-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662475353.920092,VS0,VE123
vary: Accept-Encoding
x-fastly-request-id: f0b2a6ca2f786381a5e8b0e3e05418e8754cbef0
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izQER1g0tqboqkTRsUaeFDfoCvoNPSgUxpdLPRLPnFKNWCIU5PIgOQ3a9EdmG18DrqIKrb90ThKyhYpSUrcU51uSLKbC7ho0n%2FicFyGqJ%2FhyJLjZ5mXzkzSLwGWXoN0SyjuDxJCqaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746acec4783a0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js
142.250.74.163200 OK 0 B URL HTTP/2 www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js
IP 142.250.74.163:0
GET /recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 21:31:14 GMT
expires: Sat, 02 Sep 2023 21:31:14 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
content-type: text/javascript
age: 350816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mercadolivre.com/jms/mlb/lgz/background/session/armor.8662a21df4ee442bc175861f950a32303e8cbc8a8b5bc1cb7ce6d1b7744f7c392ec4b9af3f0f2c4f40fdc97687cc7e4b5f3cbcdcf561e0c5f913b0f8e580fdb284fc07c1ac15765d3f0053dac8766b15e607325984059d39c86f5f486020cef9.95a4693f4ce6edab207e274a9a75d772?background=armor.8662a21df4ee442bc175861f950a32303e8cbc8a8b5bc1cb7ce6d1b7744f7c392ec4b9af3f0f2c4f40fdc97687cc7e4b5f3cbcdcf561e0c5f913b0f8e580fdb284fc07c1ac15765d3f0053dac8766b15e607325984059d39c86f5f486020cef9.95a4693f4ce6edab207e274a9a75d772&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6ImFkNjE2MjUzLWRmZmMtNDY3MS1iMDA3LWZlMTliZTc2ZDkyZC0xNjYyNTA1MDkwOTQzIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM5LCJ3ZWJnbCI6MSwidXNlcmZvbnRzIjo4MSwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1MywiaGFzaCI6MjA2LCJ0b3RhbCI6MjA2fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D
143.204.55.45200 OK 0 B URL HTTP/2 www.mercadolivre.com/jms/mlb/lgz/background/session/armor.8662a21df4ee442bc175861f950a32303e8cbc8a8b5bc1cb7ce6d1b7744f7c392ec4b9af3f0f2c4f40fdc97687cc7e4b5f3cbcdcf561e0c5f913b0f8e580fdb284fc07c1ac15765d3f0053dac8766b15e607325984059d39c86f5f486020cef9.95a4693f4ce6edab207e274a9a75d772?background=armor.8662a21df4ee442bc175861f950a32303e8cbc8a8b5bc1cb7ce6d1b7744f7c392ec4b9af3f0f2c4f40fdc97687cc7e4b5f3cbcdcf561e0c5f913b0f8e580fdb284fc07c1ac15765d3f0053dac8766b15e607325984059d39c86f5f486020cef9.95a4693f4ce6edab207e274a9a75d772&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6ImFkNjE2MjUzLWRmZmMtNDY3MS1iMDA3LWZlMTliZTc2ZDkyZC0xNjYyNTA1MDkwOTQzIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM5LCJ3ZWJnbCI6MSwidXNlcmZvbnRzIjo4MSwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1MywiaGFzaCI6MjA2LCJ0b3RhbCI6MjA2fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D
IP 143.204.55.45:0
GET /jms/mlb/lgz/background/session/armor.8662a21df4ee442bc175861f950a32303e8cbc8a8b5bc1cb7ce6d1b7744f7c392ec4b9af3f0f2c4f40fdc97687cc7e4b5f3cbcdcf561e0c5f913b0f8e580fdb284fc07c1ac15765d3f0053dac8766b15e607325984059d39c86f5f486020cef9.95a4693f4ce6edab207e274a9a75d772?background=armor.8662a21df4ee442bc175861f950a32303e8cbc8a8b5bc1cb7ce6d1b7744f7c392ec4b9af3f0f2c4f40fdc97687cc7e4b5f3cbcdcf561e0c5f913b0f8e580fdb284fc07c1ac15765d3f0053dac8766b15e607325984059d39c86f5f486020cef9.95a4693f4ce6edab207e274a9a75d772&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6ImFkNjE2MjUzLWRmZmMtNDY3MS1iMDA3LWZlMTliZTc2ZDkyZC0xNjYyNTA1MDkwOTQzIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM5LCJ3ZWJnbCI6MSwidXNlcmZvbnRzIjo4MSwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1MywiaGFzaCI6MjA2LCJ0b3RhbCI6MjA2fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D HTTP/1.1
Host: www.mercadolivre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 06 Sep 2022 22:58:12 GMT
server: Tengine
set-cookie: _d2id=5b929e37-63bc-4523-b6b0-0a4c56ba7a06-n; Path=/; Domain=.mercadolivre.com; Expires=Wed, 06 Sep 2023 22:58:12 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 5b929e37-63bc-4523-b6b0-0a4c56ba7a06
x-request-device-id: 5b929e37-63bc-4523-b6b0-0a4c56ba7a06
x-d2id: 5b929e37-63bc-4523-b6b0-0a4c56ba7a06
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rAu-knGhgSE71eqtIgUGKHL_sa1B8JgoavgV3PK3EDv_BHAUau2plg==
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background?dps=armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3
143.204.55.53200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background?dps=armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3
IP 143.204.55.53:0
GET /jms/lgz/background?dps=armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3 HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
date: Tue, 06 Sep 2022 22:58:12 GMT
server: Tengine
set-cookie: _d2id=ebcd5848-4402-42f3-b2c8-f802893bd504-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 06 Sep 2023 22:58:12 GMT
access-control-allow-origin: *
x-transaction-name: cross_domain_profiler
content-encoding: gzip
x-envoy-upstream-service-time: 21
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: ebcd5848-4402-42f3-b2c8-f802893bd504
x-request-device-id: ebcd5848-4402-42f3-b2c8-f802893bd504
x-d2id: ebcd5848-4402-42f3-b2c8-f802893bd504
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sKhcXDBYzrEA-vDjxOq341DNXo_-ZF2ncWbvTO521dR5v2bX0OC59A==
X-Firefox-Spdy: h2
github.bubbstore.com/svg/card-mastercard.svg
104.21.29.224200 OK 0 B URL HTTP/2 github.bubbstore.com/svg/card-mastercard.svg
IP 104.21.29.224:0
GET /svg/card-mastercard.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:08 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-5b3"
expires: Tue, 06 Sep 2022 22:07:47 GMT
cache-control: max-age=691200
x-proxy-cache: MISS
x-github-request-id: 5FD2:0204:3F19C9:43B328:6306A3B0
via: 1.1 varnish
age: 2
x-served-by: cache-bma1660-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1661379505.585928,VS0,VE172
vary: Accept-Encoding
x-fastly-request-id: d081bf9aa19b153f514ef3b177eb673dd6f0b687
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdRbsvP6twtyck2aLPSL6HleQHi%2BXcr5%2FXAG0kf1AB3vhFHVg2AaIzrD6hcfZ74SUQiN0J9ODfbB5dQMqoojf0eEba9x8JKsgqFOAB%2B9hjz9JLlAkWztMMGUTse1r1UJWeapLGgUUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746acec498460afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
github.bubbstore.com/svg/card-amex.svg
104.21.29.224200 OK 0 B URL HTTP/2 github.bubbstore.com/svg/card-amex.svg
IP 104.21.29.224:0
GET /svg/card-amex.svg HTTP/1.1
Host: github.bubbstore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:08 GMT
content-type: image/svg+xml
x-origin-cache: HIT
last-modified: Thu, 17 Jun 2021 16:55:43 GMT
access-control-allow-origin: *
etag: W/"60cb7e8f-5f3"
expires: Tue, 06 Sep 2022 22:07:47 GMT
cache-control: max-age=691200
x-proxy-cache: HIT
x-github-request-id: AAB8:2160:856806:8B85AA:6306A3B0
via: 1.1 varnish
age: 2
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1661379505.582717,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: 58c96376bd8c1c9cdf37899bd5ed75c51efa8705
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCgTw6vMD0M4p%2BbQjwIBrFaV3tj7bno69EvRr2nOzf83Tcxs01Ye%2BZo5gDawSmiEewhLQVUWV8tzhm7pC0hbLBdS0N9x6XIkIG9B%2BRcz10AqyjTbddyh7WYSExi%2F%2BgH6R6lw82EZUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746acec498470afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.mercadolivre.com/jms/mlb/lgz/background/session/armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3?background=armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6ImFkNjE2MjUzLWRmZmMtNDY3MS1iMDA3LWZlMTliZTc2ZDkyZC0xNjYyNTA1MDkwOTQzIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM5LCJ3ZWJnbCI6MSwidXNlcmZvbnRzIjo4MSwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1MywiaGFzaCI6MjA2LCJ0b3RhbCI6MjA2fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D
143.204.55.45200 OK 0 B URL HTTP/2 www.mercadolivre.com/jms/mlb/lgz/background/session/armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3?background=armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6ImFkNjE2MjUzLWRmZmMtNDY3MS1iMDA3LWZlMTliZTc2ZDkyZC0xNjYyNTA1MDkwOTQzIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM5LCJ3ZWJnbCI6MSwidXNlcmZvbnRzIjo4MSwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1MywiaGFzaCI6MjA2LCJ0b3RhbCI6MjA2fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D
IP 143.204.55.45:0
GET /jms/mlb/lgz/background/session/armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3?background=armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3&message=eyJhZF9ibG9jayI6ZmFsc2UsImNhbnZhcyI6IjdiZTAwMmIyODcyMDYzYTM0ZTQzZjM0YmYxYjNkMzc0IiwiY29ubmVjdGlvbiI6bnVsbCwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjAsImRvX25vdF90cmFjayI6InVuc3BlY2lmaWVkIiwiZXRhZyI6ImFkNjE2MjUzLWRmZmMtNDY3MS1iMDA3LWZlMTliZTc2ZDkyZC0xNjYyNTA1MDkwOTQzIiwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW1wie1xcXCJQYWxhdGlubyBMaW5vdHlwZVxcXCIgOjJ9XCIsXCJ7XFxcIlVSVyBHb3RoaWMgTFxcXCIgOjB9XCIsXCJ7XFxcIlVSVyBCb29rbWFuIExcXFwiIDowfVwiLFwie1xcXCJVUlcgUGFsbGFkaW8gTFxcXCIgOjB9XCIsXCJ7XFxcIk5pbWJ1cyBTYW5zIExcXFwiIDowfVwiLFwie1xcXCJCb29rbWFuIE9sZHN0eWxlXFxcIiA6NX1cIixcIntcXFwiSGVsdmV0aWNhXFxcIiA6M31cIixcIntcXFwiQ291cmllclxcXCIgOjN9XCIsXCJ7XFxcIkJpdHN0cmVhbSBWZXJhIFNhbnNcXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTYW5zIE1vbm9cXFwiIDozfVwiLFwie1xcXCJCaXRzdHJlYW0gVmVyYSBTZXJpZlxcXCIgOjN9XCIsXCJ7XFxcIk5ldyBDZW50dXJ5IFNjaG9vbGJvb2tcXFwiIDozfVwiLFwie1xcXCJOaW1idXMgTW9ub1xcXCIgOjB9XCIsXCJ7XFxcIkNlbnR1cnkgU2Nob29sYm9vayBMXFxcIiA6MH1cIixcIntcXFwiVVJXIENoYW5jZXJ5IExcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2FucyBNb25vXFxcIiA6MH1cIixcIntcXFwiRGVqYVZ1IFNhbnNcXFwiIDowfVwiLFwie1xcXCJEZWphVnUgU2VyaWZcXFwiIDowfVwiXSIsIm5vdF9vcyI6MjkxNH0sImhhcmR3YXJlX2NvbmN1cnJlbmN5IjoxNiwiaGlzdG9yeSI6MSwiaW5jb2duaXRvIjpmYWxzZSwianNfdHlwZSI6ImpzX2hhc2giLCJsYW5nIjoiZW4tVVMiLCJsYW5ndWFnZXMiOlsiZW4tVVMiLCJlbiJdLCJsaXRlcmFsX2NvbG9ycyI6MTc5NjQwNDIyMCwibG9jYWxfc3RvcmFnZSI6dHJ1ZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6bnVsbCwicGx1Z2lucyI6e30sInJlc29sdXRpb24iOiIxMDI0eDEyODB4MjQiLCJzY3JlZW4iOnsib3JpZW50YXRpb24iOjAsInR5cGUiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImF2YWlsX2hlaWdodCI6MTAwMiwiYXZhaWxfbGVmdCI6MCwiYXZhaWxfdG9wIjowLCJhdmFpbF93aWR0aCI6MTI4MH0sInNlc3Npb25fc3RvcmFnZSI6dHJ1ZSwidGltZSI6eyJjYW52YXMiOjM5LCJ3ZWJnbCI6MSwidXNlcmZvbnRzIjo4MSwiYnJvd3NlcnBsdWdpbnMiOjAsInBsdWdpbnMiOjAsImluc3RhbGxlZGZvbnRzIjo1MywiaGFzaCI6MjA2LCJ0b3RhbCI6MjA2fSwidGltZV9iYXNlZF9mcCI6bnVsbCwidGltZV96b25lX25hbWUiOiJVVEMiLCJ0aW1lX3pvbmVfb2Zmc2V0IjowLCJ0b3VjaF9wb2ludHMiOjAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsInZlbmRvciI6IiIsIndpbmRvd19zaXplIjp7ImlubmVyIjoiOTM5eDEyODAiLCJvdXRlciI6IjEwMjR4MTI4MCJ9LCJ3ZWJkcml2ZXIiOmZhbHNlLCJpbnN0YWxsZWRfZm9udHMiOlsiUGFsYXRpbm8iLCJUaW1lcyJdLCJpbnN0YWxsZWRfcGx1Z2lucyI6W10sImxpZ2h0X3ZlcnNpb24iOmZhbHNlLCJyZWZlcmVyIjpudWxsLCJ3ZWJjYW0iOmZhbHNlLCJoYXNfc2Vzc2lvbl9pZCI6dHJ1ZX0%3D HTTP/1.1
Host: www.mercadolivre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 06 Sep 2022 22:58:12 GMT
server: Tengine
set-cookie: _d2id=e055eabe-516b-4d40-9d30-9b953d21866a-n; Path=/; Domain=.mercadolivre.com; Expires=Wed, 06 Sep 2023 22:58:12 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
content-encoding: gzip
x-envoy-upstream-service-time: 10
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: e055eabe-516b-4d40-9d30-9b953d21866a
x-request-device-id: e055eabe-516b-4d40-9d30-9b953d21866a
x-d2id: e055eabe-516b-4d40-9d30-9b953d21866a
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YuWjmS7P-F4iwTRkNL2mnPUlzFEQvtwxHT0m6CmWoYKkKX-NR0D1EA==
X-Firefox-Spdy: h2
www.mercadopago.com/v2/security.js
143.204.55.36200 OK 0 B URL HTTP/2 www.mercadopago.com/v2/security.js
IP 143.204.55.36:0
GET /v2/security.js HTTP/1.1
Host: www.mercadopago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 06 Sep 2022 22:58:08 GMT
set-cookie: _d2id=2f20af64-9123-4e26-8dc1-347ba1cc1fa1-n; Path=/; Domain=.mercadopago.com; Expires=Wed, 06 Sep 2023 22:58:08 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: get_off_widget
content-encoding: gzip
x-request-id: 2f20af64-9123-4e26-8dc1-347ba1cc1fa1
x-request-device-id: 2f20af64-9123-4e26-8dc1-347ba1cc1fa1
x-d2id: 2f20af64-9123-4e26-8dc1-347ba1cc1fa1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vgmJc4cccT42LKNfT61SNQPIsdtj7p8Cq3tkl1jh11QodrWaRji5jg==
X-Firefox-Spdy: h2
seguro.marazul-tech.com/cart/payment
170.82.174.30200 OK 0 B URL HTTP/2 seguro.marazul-tech.com/cart/payment
IP 170.82.174.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Analyzer Verdict Alert fortinet Phishing
PUT /cart/payment HTTP/1.1
Host: seguro.marazul-tech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjU3MzAzY2Q2NzllNDE0OTIiLCJ0ciI6ImJkOWQ3YjRhZWJjYjZjMDc5OGZmNGMzMWY4MTIzYWEwIiwidGkiOjE2NjI1MDUwODQ3ODZ9fQ==
traceparent: 00-bd9d7b4aebcb6c0798ff4c31f8123aa0-57303cd679e41492-01
tracestate: 2935249@nr=0-1-2935249-1134170823-57303cd679e41492----1662505084786
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 85
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10
Cookie: XSRF-TOKEN=eyJpdiI6IlBDb1F3eFwvcklBSGUrVTlEMEhuaXRRPT0iLCJ2YWx1ZSI6IkhZYmJ6Qzh4aUlaOFBBTlBoY25ON3VVelhPMzR5UUk3VzllNzQrXC93WnpoVThRTE5qdHozU0VlTUtYWlVhazlMWjdvZGo5bzFcL3FkSlhQaDZBU1Z6N2c9PSIsIm1hYyI6IjcwZjI4MjhmNDMzMjEwN2IwZTYzNWQ1OTFmZjg3N2VlMWIzZWY4ZmMyMmE2N2MwMjEwYjllY2I2ZmU2NzMwYmQifQ%3D%3D; bubbstore_checkout=eyJpdiI6ImFtUEU2cWxsWjBCcU9EU3NHQ3UzSWc9PSIsInZhbHVlIjoiVThxcUxOemxyMUZESFhEemNOV0JqOU4wSjhvRlwvU2dIUTUwZUYrdEc2SWhpSzFlb3kxQ20rbW5ORkZKRVBLNlJ0ajZUWkhKNTF4dEloeEhLNE5DVnB3PT0iLCJtYWMiOiI3NzlkNzIzYTZiMWMyNTAwN2ZkYmIxMmQ5ZGIyYmNkN2VkMzljYzM3MTY1YzdlNmNjNGM0MDE4OWRhNjgzYWU4In0%3D; marazul-tech_cart=eyJpdiI6IlhNVWR3emdqMWZhWlwvT2JXK3ZSVTRRPT0iLCJ2YWx1ZSI6InV4ek5UT3Q5eThIZDVWbTR4aVpxZ0RsZkxxN0haaGZDK1pORWJ6N3cxRUk4d05iWDA5S0Q5aHpzU1wvY25NMTVhUmFZaXpqK2NsMDhYaXJ1T1hsN0pvdz09IiwibWFjIjoiNjM5MDk1YjBiMzNlNGNiY2EyN2VmOGVjOTEwZDcxYjVkMjk2MmEyYWIxM2U4NWEyODI3OTY0YzE5MTA4Mjg2MSJ9; __ana_uid=1-x28xo4aj-l7qslo7b; __ana_utm={"utm_source":"SMS","utm_campaign":"Carrinho Abandonado 1"}; recommendationLoaded=true; _tt_enable_cookie=1; _ttp=b39afe0b-42b2-4232-a835-8ce4b6686256; _ga=GA1.2.1902800184.1662505084; _gid=GA1.2.208067312.1662505084; _gat=1; _ga=GA1.3.1902800184.1662505084; _gid=GA1.3.208067312.1662505084; _gat_bubbTracker=1; _gat_checkout=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:11 GMT
content-type: application/json
x-protected-by: Sqreen
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6Im1cL3g1KzlsUkY1MjBia2JwR29tNERBPT0iLCJ2YWx1ZSI6IlcrVFFheXJueUtZYkJWbnZIaFwveFVkUmRJK2k4ck9MRUJVXC9BbWtIK0xodURBaU1taEVoSkhrQnROMlhrWUVFUDRQZkNQUDdHb3U1TXI0eGcrQ3k1dHc9PSIsIm1hYyI6ImE4MjM2ZjQ2ZmE0NDM5Yzc1MWNmZjY4NDU2NmRlMWI0YjM5MjM2NDcxNTVmYjI3MzViNDI1NTQzMzEwOTIyOGEifQ%3D%3D; expires=Wed, 07-Sep-2022 01:58:11 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6IklyTUlLM212V2pPblFLWGFQQVlCZlE9PSIsInZhbHVlIjoiZkNrZVZFdjF4SmtaQm81WVQxWlNVZnBHY2dUUW9LeUNWUnRJWTliSEVXeFprMFA0TDJMNVJiQ21zQkJoN2Y3WXAwdEZCQmdUNmE1SFlXRWg1NnFvSVE9PSIsIm1hYyI6IjVhZDEyY2MyYTI1MmNlNDdiZWE0MTYzMDU5NWEyY2IxYmZiYmEyZDI0YjlkZTQzNzliMTQwYTI2ZTU0ZDVhMWIifQ%3D%3D; expires=Wed, 07-Sep-2022 01:58:11 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TFtSQhBPF0dVVhIBYVdKDwMNFhJOCEwICAQCA0kJTwNSAltUGhpQSkEBBVJSWFRVUwVQVAgDClpWQU5WA1QRXWU=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
seguro.marazul-tech.com/e/t
170.82.174.30200 OK 0 B URL HTTP/2 seguro.marazul-tech.com/e/t
IP 170.82.174.30:0
ASN #266444 3L CLOUD INTERNET SERVICES LTDA - EPP
Analyzer Verdict Alert fortinet Phishing
POST /e/t HTTP/1.1
Host: seguro.marazul-tech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: Vg8EVFRXARAJVldbDwQGVVU=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MzUyNDkiLCJhcCI6IjExMzQxNzA4MjMiLCJpZCI6IjUyNGUyNmEyN2NjYjk4OWEiLCJ0ciI6IjY3MWUxYzk4ZjhiZWNkNjkyODM5YzNiNTNhZmFiMWZlIiwidGkiOjE2NjI1MDUwODQ3OTZ9fQ==
traceparent: 00-671e1c98f8becd692839c3b53afab1fe-524e26a27ccb989a-01
tracestate: 2935249@nr=0-1-2935249-1134170823-524e26a27ccb989a----1662505084796
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 369
Origin: https://seguro.marazul-tech.com
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/checkout/payment?utm_source=SMS&utm_campaign=Carrinho+Abandonado+1&forceCheckout=1&skipToCheckout=1&customerToken=173591c0-2dc8-11ed-8597-496e9ad2cca6&promocode=DESCONTO10
Cookie: XSRF-TOKEN=eyJpdiI6IlBDb1F3eFwvcklBSGUrVTlEMEhuaXRRPT0iLCJ2YWx1ZSI6IkhZYmJ6Qzh4aUlaOFBBTlBoY25ON3VVelhPMzR5UUk3VzllNzQrXC93WnpoVThRTE5qdHozU0VlTUtYWlVhazlMWjdvZGo5bzFcL3FkSlhQaDZBU1Z6N2c9PSIsIm1hYyI6IjcwZjI4MjhmNDMzMjEwN2IwZTYzNWQ1OTFmZjg3N2VlMWIzZWY4ZmMyMmE2N2MwMjEwYjllY2I2ZmU2NzMwYmQifQ%3D%3D; bubbstore_checkout=eyJpdiI6ImFtUEU2cWxsWjBCcU9EU3NHQ3UzSWc9PSIsInZhbHVlIjoiVThxcUxOemxyMUZESFhEemNOV0JqOU4wSjhvRlwvU2dIUTUwZUYrdEc2SWhpSzFlb3kxQ20rbW5ORkZKRVBLNlJ0ajZUWkhKNTF4dEloeEhLNE5DVnB3PT0iLCJtYWMiOiI3NzlkNzIzYTZiMWMyNTAwN2ZkYmIxMmQ5ZGIyYmNkN2VkMzljYzM3MTY1YzdlNmNjNGM0MDE4OWRhNjgzYWU4In0%3D; marazul-tech_cart=eyJpdiI6IlhNVWR3emdqMWZhWlwvT2JXK3ZSVTRRPT0iLCJ2YWx1ZSI6InV4ek5UT3Q5eThIZDVWbTR4aVpxZ0RsZkxxN0haaGZDK1pORWJ6N3cxRUk4d05iWDA5S0Q5aHpzU1wvY25NMTVhUmFZaXpqK2NsMDhYaXJ1T1hsN0pvdz09IiwibWFjIjoiNjM5MDk1YjBiMzNlNGNiY2EyN2VmOGVjOTEwZDcxYjVkMjk2MmEyYWIxM2U4NWEyODI3OTY0YzE5MTA4Mjg2MSJ9; __ana_uid=1-x28xo4aj-l7qslo7b; __ana_utm={"utm_source":"SMS","utm_campaign":"Carrinho Abandonado 1"}; recommendationLoaded=true; _tt_enable_cookie=1; _ttp=b39afe0b-42b2-4232-a835-8ce4b6686256; _ga=GA1.2.1902800184.1662505084; _gid=GA1.2.208067312.1662505084; _gat=1; _ga=GA1.3.1902800184.1662505084; _gid=GA1.3.208067312.1662505084; _gat_bubbTracker=1; _gat_checkout=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:58:11 GMT
content-type: text/html; charset=UTF-8
x-protected-by: Sqreen
set-cookie: XSRF-TOKEN=eyJpdiI6IlBpM0JEQUF5NTdVZWtRRVdaVjhyMnc9PSIsInZhbHVlIjoiY0NtQWtPS283R2lqeitwR09Mbkg4MkFTYTJFa0VyVTA3dUdkYlFHdGl4MGNxMDZ5Z2tqZzZ6UnB6MjRJa0FUZ25MYlp6OW9IbnlNUVRcL3pBWlRtcVJ3PT0iLCJtYWMiOiI4NzcyMTFhNDNkM2RkNjhiN2M3Nzc0OTI2N2FmYzU5OWYwMWM4YzY2NTQ0YjBiYmNhNzlmZmUzODY2ODk2MWQwIn0%3D; expires=Wed, 07-Sep-2022 01:58:11 GMT; Max-Age=10800; path=/
bubbstore_checkout=eyJpdiI6InJSWlNVRHNSektFY1FlREVEcng1Q1E9PSIsInZhbHVlIjoibitYMW9BMFU1bGlcL3BOU3J6ZUQ0b3F5U0wraDVZNTRmaTI2bGdVcmI2SXIyYnB2cll2ditrc0lJbVBESmNVb043dVJRTTk5VytrcHNydWVIaFdZb1wvZz09IiwibWFjIjoiNGEyYjRhMWJhZWVmNDUyNzBmOGUwODk1ZWEyNGJjNmY1YTE1NjY5YzJlNWViOTdjMGMzYjk0OTU2ZTg0ZTQ2NCJ9; expires=Wed, 07-Sep-2022 01:58:11 GMT; Max-Age=10800; path=/; httponly
x-newrelic-app-data: PxQFWFVWCgcJR1hQAQgPU1UCBxFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86THlDQDg9KkNFRzo4clldFhQMDlwHShFkZGRTVABKIl4PRxALWlsEFCNMQVEHCgtZVhVKVB8GA1JWU04ATApRCggBHh5UFUMFUABVVFcAWVJVXVZSAFBXFR1RBwhCU24=
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-gocache-cachestatus: BYPASS
server: gocache
content-encoding: gzip
X-Firefox-Spdy: h2
www.mercadolibre.com/jms/lgz/background/session/armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3?background=armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D
143.204.55.53200 OK 0 B URL HTTP/2 www.mercadolibre.com/jms/lgz/background/session/armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3?background=armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D
IP 143.204.55.53:0
GET /jms/lgz/background/session/armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3?background=armor.fe3bcb530350299f5b758c3b446738a4a876b22ceb37e682b997b962d474c2434bdd420ceee26c8da187dacde16c0144ba9e591d9752ac0ee69198c4d5e378b7433422bd90abe040d59a8ae707cf436751e3e7bb364e46f4bc6e0fd00e131836.c0b3f23ff3cd93ddc1b1b3a32614cba3&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D HTTP/1.1
Host: www.mercadolibre.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://seguro.marazul-tech.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 06 Sep 2022 22:58:12 GMT
server: Tengine
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
x-transaction-name: save_js_profiling
set-cookie: _d2id=7c00d13b-26e7-4248-9221-5dd9be508579-n; Path=/; Domain=.mercadolibre.com; Expires=Wed, 06 Sep 2023 22:58:12 GMT
dsid=2510fc30-50e1-49fa-9ce6-4f9e723c3abd-1662505092827;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
edsid=ef343839-8e4e-4f5a-8d7c-7091203a666c-1662505092827;Path=/;Max-Age=220752000;HttpOnly;Domain=.mercadolibre.com;SameSite=none;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 9
x-envoy-decorator-operation: production.auth-device-profiles-frontend.melifrontends.com
x-request-id: 7c00d13b-26e7-4248-9221-5dd9be508579
x-request-device-id: 7c00d13b-26e7-4248-9221-5dd9be508579
x-d2id: 7c00d13b-26e7-4248-9221-5dd9be508579
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-cache: Miss from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: t3I8Bci2oGlAbB7PKTPlcJufYkJBwFxtC9Q5GnMiYg8vnrIzNfds_g==
X-Firefox-Spdy: h2