urlscan.io logo urlscan.io
SecurityTrails logo

vendasfacil.com Open in urlscan Pro
2600:1901:0:84ef::  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vendasfacil.com/
Effective URL: https://vendasfacil.com/
Submission Tags: suspect
Submission: On December 14 via api from BR — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 16 HTTP transactions. The main IP is 2600:1901:0:84ef::, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is vendasfacil.com.
TLS certificate: Issued by E6 on December 13th 2024. Valid for: 3 months.
This is the only time vendasfacil.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2600:1901:0:8... 396982 (GOOGLE-CL...)
5 2606:4700:440... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
16 3
Apex Domain
Subdomains		 Transfer
10 vendasfacil.com
vendasfacil.com
239 KB
5 zyrosite.com
cdn.zyrosite.com — Cisco Umbrella Rank: 142712
assets.zyrosite.com — Cisco Umbrella Rank: 125834
51 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
16 3
Domain Requested by
10 vendasfacil.com vendasfacil.com
4 cdn.zyrosite.com vendasfacil.com
cdn.zyrosite.com
1 www.youtube.com vendasfacil.com
1 assets.zyrosite.com vendasfacil.com
16 4

This site contains links to these domains. Also see Links.

Domain
entrega.logzz.com.br
Subject Issuer Validity Valid
vendasfacil.com
E6		 2024-12-13 -
2025-03-13		 3 months crt.sh
*.zyrosite.com
Sectigo RSA Domain Validation Secure Server CA		 2024-06-17 -
2025-07-17		 a year crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://vendasfacil.com/
Frame ID: 6EA219378DCF2F8FF44E67E9A55B0AF4
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/embed/_-pdFfRrJP8?h=null&playlist=_-pdFfRrJP8&autoplay=0&controls=1&loop=0&autopause=0&playsinline=1&mute=0
Frame ID: 862FC697A23BF9921BA37ADA88566E8D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Venda produtos online com Pague na Entrega | Pague na entrega

Page URL History Show full URLs

  1. http://vendasfacil.com/ HTTP 307
    https://vendasfacil.com/ Page URL

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

290 kB
Transfer

1007 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vendasfacil.com/ HTTP 307
    https://vendasfacil.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vendasfacil.com/
Redirect Chain
  • http://vendasfacil.com/
  • https://vendasfacil.com/
54 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vendasfacil.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1901:0:84ef:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
openresty / HostingerWebsiteBuilder
Resource Hash
03adba2750ec1a2999e367432801c85ebff032e8026a8026eb3e0462b560c2a5
Security Headers
Name Value
Content-Security-Policy frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

age
81223
alt-svc
h3=":443"; ma=86400
cf-cache-status
HIT
cf-ray
8f1f5cc81ef16360-ORD
content-encoding
gzip
content-security-policy
frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
content-type
text/html
date
Sat, 14 Dec 2024 15:52:41 GMT
last-modified
Fri, 13 Dec 2024 17:18:33 GMT
link
<https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
platform
hostinger
server
openresty
strict-transport-security
max-age=63072000; includeSubDomains; preload;
vary
Accept-Encoding
x-content-type-options
nosniff
x-hostinger-datacenter
gcp-usc1
x-hostinger-node
gcp-usc1-builder-edge1
x-powered-by
HostingerWebsiteBuilder
x-xss-protection
1; mode=block

Redirect headers

Location
https://vendasfacil.com/
Non-Authoritative-Reason
HttpsUpgrades
font-faces
cdn.zyrosite.com/u1/google-fonts/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Montserrat:wght@400;500;600&display=swap
Requested by
Host: vendasfacil.com
URL: https://vendasfacil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
947d71c8e098c161834faec96014ca7e3abd77179e4b2ba6150baaeb68b4d83a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://vendasfacil.com/

Response headers

x-request-id
974757062b594bad37dfeaf7c8a09b1a
x-correlation-id
6yuyP1hs3bGQvCUmNO0Hx
cf-cache-status
HIT
etag
W/"17e2-qvIbrcJhWjT3WreirKqcQIP7Hl4"
age
12453
content-encoding
br
x-content-type-options
nosniff
x-hostinger-node
us-central1
expires
Sat, 21 Dec 2024 15:52:41 GMT
date
Sat, 14 Dec 2024 15:52:41 GMT
x-hostinger-datacenter
gcp
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Accept-Encoding
last-modified
Sat, 14 Dec 2024 12:19:31 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=2592000
cache-control
public, max-age=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
cf-ray
8f1f5cc93e417496-MIA
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
_slug_.Dg4rR3P3.css
vendasfacil.com/_astro-1734110296191/ 		240 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vendasfacil.com/_astro-1734110296191/_slug_.Dg4rR3P3.css
Requested by
Host: vendasfacil.com
URL: https://vendasfacil.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1901:0:84ef:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
openresty / HostingerWebsiteBuilder
Resource Hash
7d35f42528778a48642e63e60438181f518fb95e1b7b6631073a285fea414682
Security Headers
Name Value
Content-Security-Policy frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://vendasfacil.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1187eee35bbf1ddd29ef52d4f1ab6954"
age
81174
x-hostinger-node
gcp-usc1-builder-edge1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 15:52:41 GMT
x-hostinger-datacenter
gcp-usc1
content-type
text/css
last-modified
Fri, 13 Dec 2024 17:18:35 GMT
vary
Accept-Encoding
platform
hostinger
strict-transport-security
max-age=63072000; includeSubDomains; preload;
link
<https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
content-security-policy
frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
cf-ray
8f1f5cc90fe8f60a-ORD
x-xss-protection
1; mode=block
x-powered-by
HostingerWebsiteBuilder
server
openresty
traffic.txt
assets.zyrosite.com/A1awOyLXo8cR4ebo/ 		0
180 B 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.zyrosite.com/A1awOyLXo8cR4ebo/traffic.txt
Requested by
Host: vendasfacil.com
URL: https://vendasfacil.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://vendasfacil.com/

Response headers

cache-control
public, max-age=0
cf-cache-status
HIT
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-amz-version-id
q4JQJK4CtMwMmvdlySVD6._I60hhCu2H
cf-ray
8f1f5cc99edf7496-MIA
accept-ranges
bytes
content-length
0
date
Sat, 14 Dec 2024 15:52:41 GMT
content-type
text/plain; charset=utf-8
last-modified
Fri, 13 Dec 2024 17:04:44 GMT
vary
Accept-Encoding
server
cloudflare
ClientHead.DyCZnrLW.js
vendasfacil.com/_astro-1734110296191/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vendasfacil.com/_astro-1734110296191/ClientHead.DyCZnrLW.js
Requested by
Host: vendasfacil.com
URL: https://vendasfacil.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1901:0:84ef:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
openresty / HostingerWebsiteBuilder
Resource Hash
46add6f5980100c3253becd110982b45fcfaee8da0c19767f5bbb9fd4312d8e8
Security Headers
Name Value
Content-Security-Policy frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://vendasfacil.com
Referer
https://vendasfacil.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"a6750dd86d7971295dd74132f9095b8a"
age
81173
x-hostinger-node
gcp-usc1-builder-edge1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 15:52:41 GMT
x-hostinger-datacenter
gcp-usc1
content-type
application/javascript
last-modified
Fri, 13 Dec 2024 17:18:35 GMT
vary
Accept-Encoding
platform
hostinger
strict-transport-security
max-age=63072000; includeSubDomains; preload;
link
<https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
content-security-policy
frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
cf-ray
8f1f5cca3dc2618b-ORD
x-xss-protection
1; mode=block
x-powered-by
HostingerWebsiteBuilder
server
openresty
client.ClBgHM8J.js
vendasfacil.com/_astro-1734110296191/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vendasfacil.com/_astro-1734110296191/client.ClBgHM8J.js
Requested by
Host: vendasfacil.com
URL: https://vendasfacil.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1901:0:84ef:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
openresty / HostingerWebsiteBuilder
Resource Hash
ff1f2667f320123e52bccf3a6a1a0150976ad2b4a8f9bb6b04c4e5cf3072c97c
Security Headers
Name Value
Content-Security-Policy frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://vendasfacil.com
Referer
https://vendasfacil.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"3513a66e00bff0e39fcf8b2c26bec937"
age
81173
x-hostinger-node
gcp-usc1-builder-edge1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 15:52:41 GMT
x-hostinger-datacenter
gcp-usc1
content-type
application/javascript
last-modified
Fri, 13 Dec 2024 17:18:35 GMT
vary
Accept-Encoding
platform
hostinger
strict-transport-security
max-age=63072000; includeSubDomains; preload;
link
<https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
content-security-policy
frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
cf-ray
8f1f5cca3df1f14b-ORD
x-xss-protection
1; mode=block
x-powered-by
HostingerWebsiteBuilder
server
openresty
Page.pt8DFYwa.js
vendasfacil.com/_astro-1734110296191/ 		569 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vendasfacil.com/_astro-1734110296191/Page.pt8DFYwa.js
Requested by
Host: vendasfacil.com
URL: https://vendasfacil.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1901:0:84ef:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
openresty / HostingerWebsiteBuilder
Resource Hash
73fa7ec849bf0ef32ea9d3534702840bf4eb092b9186dc0f355f3639a90b53e1
Security Headers
Name Value
Content-Security-Policy frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://vendasfacil.com
Referer
https://vendasfacil.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"d026d69b8e4ed6fd36c56ac6f9fa75c6"
age
81173
x-hostinger-node
gcp-usc1-builder-edge1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 15:52:41 GMT
x-hostinger-datacenter
gcp-usc1
content-type
application/javascript
last-modified
Fri, 13 Dec 2024 17:18:35 GMT
vary
Accept-Encoding
platform
hostinger
strict-transport-security
max-age=63072000; includeSubDomains; preload;
link
<https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
content-security-policy
frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
cf-ray
8f1f5cca49486204-ORD
x-xss-protection
1; mode=block
x-powered-by
HostingerWebsiteBuilder
server
openresty
Integrations.lA_96saY.js
vendasfacil.com/_astro-1734110296191/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vendasfacil.com/_astro-1734110296191/Integrations.lA_96saY.js
Requested by
Host: vendasfacil.com
URL: https://vendasfacil.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1901:0:84ef:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
openresty / HostingerWebsiteBuilder
Resource Hash
b69396c6af07be64c3ac408a87a6306e969ef9fdd1f4334d6368affff62e6ada
Security Headers
Name Value
Content-Security-Policy frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://vendasfacil.com
Referer
https://vendasfacil.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"c0d42a3281265169e4515e49c52fd9b3"
age
81173
x-hostinger-node
gcp-usc1-builder-edge1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 15:52:41 GMT
x-hostinger-datacenter
gcp-usc1
content-type
application/javascript
last-modified
Fri, 13 Dec 2024 17:18:35 GMT
vary
Accept-Encoding
platform
hostinger
strict-transport-security
max-age=63072000; includeSubDomains; preload;
link
<https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
content-security-policy
frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
cf-ray
8f1f5cca480d2a15-ORD
x-xss-protection
1; mode=block
x-powered-by
HostingerWebsiteBuilder
server
openresty
font-file
cdn.zyrosite.com/u1/google-fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Montserrat:wght@600&subset=latin&display=swap
Requested by
Host: cdn.zyrosite.com
URL: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Montserrat:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4568bc389e940f39016596f1edc45997d285c11c13b2254fc6d57e16cddbc359
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://vendasfacil.com
Referer
https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Montserrat:wght@400;500;600&display=swap

Response headers

x-request-id
c72b4aec4ed962fd49fff4139b67d9c8
x-correlation-id
qnBboLU3htsy7Wb76Xf1D
cf-cache-status
MISS
etag
W/"3f80-kZ+eFkJwxXmqTLZCFRQ0XHFrDbc"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
x-hostinger-node
us-central1
expires
Sun, 14 Dec 2025 15:52:41 GMT
date
Sat, 14 Dec 2024 15:52:41 GMT
x-hostinger-datacenter
gcp
content-type
font/woff2
vary
Origin, Accept-Encoding
last-modified
Wed, 06 Nov 2024 17:30:45 GMT
x-frame-options
sameorigin
content-disposition
attachment; filename=JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXp-p7K4KLg.woff2
strict-transport-security
max-age=2592000
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cf-ray
8f1f5cca8df37456-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
16256
x-xss-protection
1; mode=block
server
cloudflare
font-file
cdn.zyrosite.com/u1/google-fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Montserrat:wght@400&subset=latin&display=swap
Requested by
Host: cdn.zyrosite.com
URL: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Montserrat:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff63653d1fdd1d281812ca2bac870b89a4037a84cdc92012620750f6a46bc29d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://vendasfacil.com
Referer
https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Montserrat:wght@400;500;600&display=swap

Response headers

x-request-id
a773b0e4faf6ee21e5fa455e54c65d9b
x-correlation-id
9uGYxXTHFymwOImr24fnV
cf-cache-status
MISS
etag
W/"4090-cBdbWqqGleJfXhByYX/C9uuYaYA"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
x-hostinger-node
us-central1
expires
Sun, 14 Dec 2025 15:52:41 GMT
date
Sat, 14 Dec 2024 15:52:41 GMT
x-hostinger-datacenter
gcp
content-type
font/woff2
vary
Origin, Accept-Encoding
last-modified
Wed, 06 Nov 2024 17:30:45 GMT
x-frame-options
sameorigin
content-disposition
attachment; filename=JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXp-p7K4KLg.woff2
strict-transport-security
max-age=2592000
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cf-ray
8f1f5cca8df87456-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
16528
x-xss-protection
1; mode=block
server
cloudflare
font-file
cdn.zyrosite.com/u1/google-fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Montserrat:wght@500&subset=latin&display=swap
Requested by
Host: cdn.zyrosite.com
URL: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Montserrat:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1926f9b5bbf43e8e8731316954f8f390aebbf7f3e8089a11160d8b1e2ca761
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://vendasfacil.com
Referer
https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Montserrat:wght@400;500;600&display=swap

Response headers

x-request-id
8da1df15cc2075d64074f2447475761f
x-correlation-id
OczQ6Ks7QVTjxRwvcvanj
cf-cache-status
MISS
etag
W/"3ff0-AwfC0IS+HRiNNwRiK7RVU6R1oAI"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
x-hostinger-node
us-central1
expires
Sun, 14 Dec 2025 15:52:41 GMT
date
Sat, 14 Dec 2024 15:52:41 GMT
x-hostinger-datacenter
gcp
content-type
font/woff2
vary
Origin, Accept-Encoding
last-modified
Wed, 06 Nov 2024 17:30:48 GMT
x-frame-options
sameorigin
content-disposition
attachment; filename=JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXp-p7K4KLg.woff2
strict-transport-security
max-age=2592000
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cf-ray
8f1f5cca8df67456-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
16368
x-xss-protection
1; mode=block
server
cloudflare
_plugin-vue_export-helper.CMgqLG6G.js
vendasfacil.com/_astro-1734110296191/ 		63 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vendasfacil.com/_astro-1734110296191/_plugin-vue_export-helper.CMgqLG6G.js
Requested by
Host: vendasfacil.com
URL: https://vendasfacil.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1901:0:84ef:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
openresty / HostingerWebsiteBuilder
Resource Hash
b8d08ffabe727d3457da41d3b7059b71ea5cf7382d4a07ed030627bcbb8626e2
Security Headers
Name Value
Content-Security-Policy frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://vendasfacil.com
Referer
https://vendasfacil.com/_astro-1734110296191/client.ClBgHM8J.js

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"d9a18e3832c44424e1043c98017ff2e9"
age
81173
x-hostinger-node
gcp-usc1-builder-edge1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 15:52:41 GMT
x-hostinger-datacenter
gcp-usc1
content-type
application/javascript
last-modified
Fri, 13 Dec 2024 17:18:35 GMT
vary
Accept-Encoding
platform
hostinger
strict-transport-security
max-age=63072000; includeSubDomains; preload;
link
<https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
content-security-policy
frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
cf-ray
8f1f5ccafaaa61a1-ORD
x-xss-protection
1; mode=block
x-powered-by
HostingerWebsiteBuilder
server
openresty
scrollToSection.gRXG5Fnk.js
vendasfacil.com/_astro-1734110296191/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vendasfacil.com/_astro-1734110296191/scrollToSection.gRXG5Fnk.js
Requested by
Host: vendasfacil.com
URL: https://vendasfacil.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1901:0:84ef:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
openresty / HostingerWebsiteBuilder
Resource Hash
27ed29d2f804c73b7be1ed16c78e24f0bd89a941f203c3931a4699995cbfe8da
Security Headers
Name Value
Content-Security-Policy frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://vendasfacil.com
Referer
https://vendasfacil.com/_astro-1734110296191/client.ClBgHM8J.js

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"5bc9c0ebd5adfb87fbfe0e7aba1887c8"
age
81173
x-hostinger-node
gcp-usc1-builder-edge1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 15:52:41 GMT
x-hostinger-datacenter
gcp-usc1
content-type
application/javascript
last-modified
Fri, 13 Dec 2024 17:18:35 GMT
vary
Accept-Encoding
platform
hostinger
strict-transport-security
max-age=63072000; includeSubDomains; preload;
link
<https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
content-security-policy
frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
cf-ray
8f1f5ccafffe1407-ORD
x-xss-protection
1; mode=block
x-powered-by
HostingerWebsiteBuilder
server
openresty
siteModulesConstants.CtAQQZTV.js
vendasfacil.com/_astro-1734110296191/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vendasfacil.com/_astro-1734110296191/siteModulesConstants.CtAQQZTV.js
Requested by
Host: vendasfacil.com
URL: https://vendasfacil.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1901:0:84ef:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
openresty / HostingerWebsiteBuilder
Resource Hash
78321201925c1f7b61db2691337e3c61e4649cf7749da61f0ef85e574a7410e3
Security Headers
Name Value
Content-Security-Policy frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://vendasfacil.com
Referer
https://vendasfacil.com/_astro-1734110296191/client.ClBgHM8J.js

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"dc7be485a6aaa8d83876d819107fd1b4"
age
81172
x-hostinger-node
gcp-usc1-builder-edge1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 15:52:41 GMT
x-hostinger-datacenter
gcp-usc1
content-type
application/javascript
last-modified
Fri, 13 Dec 2024 17:18:35 GMT
vary
Accept-Encoding
platform
hostinger
strict-transport-security
max-age=63072000; includeSubDomains; preload;
link
<https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
content-security-policy
frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
cf-ray
8f1f5ccafe3dfa1d-ORD
x-xss-protection
1; mode=block
x-powered-by
HostingerWebsiteBuilder
server
openresty
addDocumentElements.CdPGoVL_.js
vendasfacil.com/_astro-1734110296191/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vendasfacil.com/_astro-1734110296191/addDocumentElements.CdPGoVL_.js
Requested by
Host: vendasfacil.com
URL: https://vendasfacil.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1901:0:84ef:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
openresty / HostingerWebsiteBuilder
Resource Hash
4842116197b844cd742d9ca5c8d67b7c0fbdd8d165cf49dd2cdc3f2595a3eb24
Security Headers
Name Value
Content-Security-Policy frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://vendasfacil.com
Referer
https://vendasfacil.com/_astro-1734110296191/ClientHead.DyCZnrLW.js

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"b75aaef5eac3d87a99dc8c1ffb5337f0"
age
81172
x-hostinger-node
gcp-usc1-builder-edge1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 14 Dec 2024 15:52:41 GMT
x-hostinger-datacenter
gcp-usc1
content-type
application/javascript
last-modified
Fri, 13 Dec 2024 17:18:35 GMT
vary
Accept-Encoding
platform
hostinger
strict-transport-security
max-age=63072000; includeSubDomains; preload;
link
<https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
content-security-policy
frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
cf-ray
8f1f5ccafb3e2b18-ORD
x-xss-protection
1; mode=block
x-powered-by
HostingerWebsiteBuilder
server
openresty
_-pdFfRrJP8
www.youtube.com/embed/ Frame 862F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/_-pdFfRrJP8?h=null&playlist=_-pdFfRrJP8&autoplay=0&controls=1&loop=0&autopause=0&playsinline=1&mute=0
Requested by
Host: vendasfacil.com
URL: https://vendasfacil.com/_astro-1734110296191/scrollToSection.gRXG5Fnk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::88 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vendasfacil.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 14 Dec 2024 15:52:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| Astro object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE__

3 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: TVLs7oKrFsM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 4Fbxiyp1WT4
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgIA%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors zyro.com *.zyro.com *.builder-preview.com *.zyro.space *.hostinger.com *.hostinger.io *.hostinger.in *.hostinger.co.uk
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block