blacktips.vip Open in urlscan Pro
187.108.207.21  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

• https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=917746393421538&ev=PageView&dl=https%3A%2F%2Fblacktips.vip%2F&rl=&if=false&ts=1716686185634&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716686185631.1063306691&cs_est=true&ler=empty&cdl=API_unavailable&it=1716686185508&coo=false&rqm=FGET HTTP 302
• https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D917746393421538%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fblacktips.vip%252F%26rl%26if%3Dfalse%26ts%3D1716686185634%26sw%3D1600%26sh%3D1200%26v%3D2.9.156%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1716686185631.1063306691%26cs_est%3Dtrue%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1716686185508%26coo%3Dfalse%26rqm%3DFGET

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response blacktips.vip/	118 KB 27 KB	1180ms 483ms	Document text/html	187.108.207.21 EVEO S.A.
General Check archive.org Show headers Download Go to Full URL https://blacktips.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 187.108.207.21 , Brazil, ASN53107 (EVEO S.A., BR), Reverse DNS br.hoth4477.com.br Software TurboCloud (turbocloud.com.br) / PHP/7.4.33 Resource Hash fc1d1e2a49420e6c0bfd52feb0c55307894d2fe92f5675850f1d1d8c0f83a16c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 27113 content-type text/html; charset=UTF-8 date Sun, 26 May 2024 01:16:24 GMT etag "61-1716353639;br" link <https://blacktips.vip/wp-json/>; rel="https://api.w.org/" server TurboCloud (turbocloud.com.br) vary Accept-Encoding x-litespeed-cache hit x-powered-by PHP/7.4.33
GET H2	200	25e97184d3523f3d5b2b619fe6ae5e22.css novaeramoneypro.online/wp-content/litespeed/ucss/	23 KB 5 KB	1059ms 213ms	Stylesheet text/css	203.159.80.209 Gamers Club Ltda
General Check archive.org Show headers Download Go to Full URL https://novaeramoneypro.online/wp-content/litespeed/ucss/25e97184d3523f3d5b2b619fe6ae5e22.css?ver=ef735 Requested by Host: blacktips.vip URL: https://blacktips.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 203.159.80.209 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR), Reverse DNS br.lando3070.com.br Software / Resource Hash 01a1b880fff3f8cca9fefc4c568d33b286ce0609986dca9f354c6be4261e78eb Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 01:16:26 GMT content-encoding br last-modified Fri, 23 Feb 2024 01:56:16 GMT servidor Núcleo Brasil Servidores vary Accept-Encoding content-type text/css cache-control public, max-age=31557600 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 5098 localizacao Lando - Level3 - SP Brasil expires Mon, 26 May 2025 07:16:26 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	218 KB 59 KB	67ms 24ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: blacktips.vip URL: https://blacktips.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 26 May 2024 01:16:25 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57845 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1294, tbw=2786, tp=-1, tpl=-1, uplat=2, ullat=-1 pragma public x-fb-debug UM1lTDIOguXR0CSlKOXf5ApiGYx0W/yRt84qw0YaV3YYifbLEFVSCCj9XnLXUFwvYhZJDSw4DwcSi8wGaYSqoQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET DATA	200 OK	truncated /	167 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3822d65f059588a85805121650cda2f8d9302540abb24471a809ad0bb9497853 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	167 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3289da50b4368d08030eeae73a9f6acc318d260ea7488533e02fc356d8718c18 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	169 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 859f5517d67550ee0c59686e9f99e32b87fcb10f6c1afda92e84502467608d69 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
POST		guest.vary.php telemedicinaonline.org/wp-content/plugins/litespeed-cache/	0 0
GET H2	200	BRRR422_01.webp cdn-mars.vendd.com.br/p/NTtSWzKbEaUer7jLO3jFe6IFD5yom5xsl3Dyt0ADq3EFd5jz/v-files/assets/	200 KB 201 KB	114ms 40ms	Image application/octet-stream	2400:52e0:1e00::1079:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-mars.vendd.com.br/p/NTtSWzKbEaUer7jLO3jFe6IFD5yom5xsl3Dyt0ADq3EFd5jz/v-files/assets/BRRR422_01.webp Requested by Host: blacktips.vip URL: https://blacktips.vip/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1079 / Resource Hash 4173b602638879c20395e46952fe8bf6812d30f848a57144177d65e3695213ce Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Fri, 01 Jan 1971 00:00:00 GMT date Sun, 26 May 2024 01:16:25 GMT via 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront) cdn-edgestorageid 1079 x-amz-cf-pop FRA56-P7 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront cdn-cachedat 05/22/2024 10:15:15 cdn-pullzone 165712 content-length 204708 last-modified Wed, 27 Mar 2024 15:47:03 GMT server BunnyCDN-DE1-1079 cdn-proxyver 1.04 cdn-requestpullcode 206 content-type application/octet-stream cdn-cache HIT cdn-uid 0b93b7ba-4e52-4f53-8cf8-935dcecdf614 cache-control public, max-age=31536000 cdn-requestid 6adf1b2b86a38fcaf2dceb6a6f7db5dc accept-ranges bytes cdn-requestcountrycode DE x-amz-cf-id zdPDyW_ubZ19b-ZrgOXrbhYsM2412TVDrQ1Pqbt3ovxW6zaxzvIK4A== cdn-status 200 cdn-requestpullsuccess True
GET H2	200	Inter-VariableFont_slnt%2Cwght.woff2 cdn-mars.vendd.com.br/p/NTtSWzKbEaUer7jLO3jFe6IFD5yom5xsl3Dyt0ADq3EFd5jz/v-files/assets/	319 KB 320 KB	109ms 44ms	Font font/woff2	2400:52e0:1e00::1079:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn-mars.vendd.com.br/p/NTtSWzKbEaUer7jLO3jFe6IFD5yom5xsl3Dyt0ADq3EFd5jz/v-files/assets/Inter-VariableFont_slnt%2Cwght.woff2 Requested by Host: blacktips.vip URL: https://blacktips.vip/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1079 / Resource Hash e931823ffd0b6cfd1624e3a7c1c49861ed3420297862e727f07e04c8be1cc89b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Origin https://blacktips.vip Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Fri, 01 Jan 1971 00:00:00 GMT date Sun, 26 May 2024 01:16:25 GMT via 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront) cdn-edgestorageid 1082 x-amz-cf-pop FRA56-P7 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront cdn-cachedat 05/22/2024 09:50:55 cdn-pullzone 165712 content-length 326628 last-modified Wed, 27 Mar 2024 15:47:03 GMT server BunnyCDN-DE1-1079 cdn-proxyver 1.04 cdn-requestpullcode 206 content-type font/woff2 access-control-allow-origin * cdn-cache HIT cdn-uid 0b93b7ba-4e52-4f53-8cf8-935dcecdf614 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid 86dda0e0c3c08b6b4c987aca8fcd2a35 accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 x-amz-cf-id M3H8so9lUHlZq-PA6Cb_IPIfxekbLa4-_uwJDP3K4CgE3JcsonXMJQ== access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-requestpullsuccess True
GET H2	200	cardo_normal_400.woff2 cdn-mars.vendd.com.br/p/NTtSWzKbEaUer7jLO3jFe6IFD5yom5xsl3Dyt0ADq3EFd5jz/v-files/assets/	143 KB 144 KB	109ms 45ms	Font font/woff2	2400:52e0:1e00::1079:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn-mars.vendd.com.br/p/NTtSWzKbEaUer7jLO3jFe6IFD5yom5xsl3Dyt0ADq3EFd5jz/v-files/assets/cardo_normal_400.woff2 Requested by Host: blacktips.vip URL: https://blacktips.vip/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1079 / Resource Hash aa8042a77500cfe4a4893e2b7edbd54dded92768e40418fa0665bec8aae9ae18 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Origin https://blacktips.vip Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Fri, 01 Jan 1971 00:00:00 GMT date Sun, 26 May 2024 01:16:25 GMT via 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront) cdn-edgestorageid 1079 x-amz-cf-pop AMS1-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront cdn-cachedat 05/07/2024 16:02:22 cdn-pullzone 165712 content-length 146060 last-modified Wed, 27 Mar 2024 15:47:03 GMT server BunnyCDN-DE1-1079 cdn-proxyver 1.04 cdn-requestpullcode 206 content-type font/woff2 access-control-allow-origin * cdn-cache HIT cdn-uid 0b93b7ba-4e52-4f53-8cf8-935dcecdf614 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31536000 cdn-requestid 7afabf6429bc642dfceba625ab42388f accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 x-amz-cf-id uZdaZua551Srzg6AlFi3cNvsH5ScLm_al0F5FrKcTDu3reSMQsuKwA== access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-requestpullsuccess True
GET H2	200	917746393421538 Show response connect.facebook.net/signals/config/	64 KB 13 KB	102ms 85ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/917746393421538?v=2.9.156&r=stable&domain=blacktips.vip&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 224009ec3b4c212385819f9d3673a0295928679b61418766c2a935977c213a9c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 26 May 2024 01:16:25 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=26, rtx=0, c=64, mss=1294, tbw=63387, tp=-1, tpl=-1, uplat=68, ullat=0 pragma public x-fb-debug nZsM4EBQqWPhwx5rPEhn5tmqxTHqHBYxtRgMpXH4AQ62gzUNPHCJXGIWH55PY0F2E3XXNjfJ9w+/ZzPhGgF7Gw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	65ms 22ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=917746393421538&ev=PageView&dl=https%3A%2F%2Fblacktips.vip%2F&rl=&if=false&ts=1716686185634&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1716686185631.1063306691&cs_est=true&ler=empty&cdl=API_unavailable&it=1716686185508&coo=false&rqm=GET Requested by Host: blacktips.vip URL: https://blacktips.vip/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1294, tbw=2792, tp=-1, tpl=-1, uplat=1, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sun, 26 May 2024 01:16:25 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET		/ www.facebook.com/login/ Redirect Chain https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=917746393421538&ev=PageView&dl=https%3A%2F%2Fblacktips.vip%2F&rl=&if=false&ts=1716686185634&sw=1600&sh=1200&v=2.9.156&r=stable&ec... https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D917746393421538%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fblacktips.vip...	0 0
GET H2	200	padlock-icon-with-glowing-neon-effect-security-lock-sign-secure-protection-symbol-png-150x150.png cdn-mars.vendd.com.br/p/NTtSWzKbEaUer7jLO3jFe6IFD5yom5xsl3Dyt0ADq3EFd5jz/v-files/assets/	7 KB 8 KB	21ms 20ms	Other image/png	2400:52e0:1e00::1079:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn-mars.vendd.com.br/p/NTtSWzKbEaUer7jLO3jFe6IFD5yom5xsl3Dyt0ADq3EFd5jz/v-files/assets/padlock-icon-with-glowing-neon-effect-security-lock-sign-secure-protection-symbol-png-150x150.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1079 / Resource Hash 4d8d52aaf3be2fe078be9f6695fc346a2d15fde48e232805824ff992325b078a Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Fri, 01 Jan 1971 00:00:00 GMT date Sun, 26 May 2024 01:16:25 GMT via 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront) cdn-edgestorageid 1080 x-amz-cf-pop FRA56-P7 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront cdn-cachedat 05/07/2024 16:02:27 cdn-pullzone 165712 content-length 7498 last-modified Wed, 27 Mar 2024 15:47:03 GMT server BunnyCDN-DE1-1079 cdn-proxyver 1.04 cdn-requestpullcode 206 content-type image/png cdn-cache HIT cdn-uid 0b93b7ba-4e52-4f53-8cf8-935dcecdf614 cache-control public, max-age=31536000 cdn-requestid 8f72d67050bec618d6617418a2aa9b30 accept-ranges bytes cdn-requestcountrycode DE x-amz-cf-id 13FsSek35KuKFM_DT4hTGs5NbS6tKv-t-JB6gnRxUwCxDD-pTeunyg== cdn-status 200 cdn-requestpullsuccess True
GET H2	200	Tenha-acesso-ao-meus-jogos-dos-nossos-melhores-contatos-1.png novaeramoneypro.online/wp-content/uploads/2024/02/	6 KB 6 KB	699ms 424ms	Image image/webp	203.159.80.209 Gamers Club Ltda
General Check archive.org Show headers Download Go to Show image Full URL https://novaeramoneypro.online/wp-content/uploads/2024/02/Tenha-acesso-ao-meus-jogos-dos-nossos-melhores-contatos-1.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 203.159.80.209 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR), Reverse DNS br.lando3070.com.br Software / Resource Hash 5d296da461cd9a2421d6ecf2954f231ad6a7b18b941a5b0a5e2eb1293be5e569 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 01:16:26 GMT last-modified Sun, 11 Feb 2024 02:14:59 GMT servidor Núcleo Brasil Servidores vary Accept content-type image/webp cache-control public, max-age=31557600 x-webp-express Redirected directly to existing webp accept-ranges bytes content-length 6474 localizacao Lando - Level3 - SP Brasil expires Mon, 26 May 2025 07:16:26 GMT
GET H2	200	botao.PNG telemedicinaonline.org/grupo/imagens/	214 KB 214 KB	891ms 641ms	Image image/png	69.49.241.29 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://telemedicinaonline.org/grupo/imagens/botao.PNG Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.49.241.29 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-241-29.unifiedlayer.com Software Apache / Resource Hash fff1859cf80910fc8a72b6340bfa5b465e39251b5aef60cc660e9ab318b478b6 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 01:16:26 GMT last-modified Tue, 21 May 2024 16:52:22 GMT server Apache accept-ranges bytes content-length 219351 content-type image/png
GET H2	200	Feedback1.png telemedicinaonline.org/grupo/imagens/	281 KB 281 KB	890ms 640ms	Image image/png	69.49.241.29 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://telemedicinaonline.org/grupo/imagens/Feedback1.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.49.241.29 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-241-29.unifiedlayer.com Software Apache / Resource Hash 0ad487731520590f08e8fb6af91adec1e807eedc8fd32208f79fe9ef10fa8554 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 01:16:26 GMT last-modified Tue, 21 May 2024 15:32:38 GMT server Apache accept-ranges bytes content-length 288062 content-type image/png
GET H2	200	Feedback2.png telemedicinaonline.org/grupo/imagens/	270 KB 270 KB	891ms 641ms	Image image/png	69.49.241.29 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://telemedicinaonline.org/grupo/imagens/Feedback2.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.49.241.29 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-241-29.unifiedlayer.com Software Apache / Resource Hash 205dd7c591a89303c5d8122cb769c96894dfc73ce941c692efa7e8795dca3e0e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 01:16:26 GMT last-modified Tue, 21 May 2024 15:32:38 GMT server Apache accept-ranges bytes content-length 276161 content-type image/png
GET H2	200	Feedback3.png telemedicinaonline.org/grupo/imagens/	276 KB 276 KB	890ms 641ms	Image image/png	69.49.241.29 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://telemedicinaonline.org/grupo/imagens/Feedback3.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.49.241.29 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-241-29.unifiedlayer.com Software Apache / Resource Hash 5ff1a02a97b8c3f4f33d2806e2ba4adc3d5ba4b1827293d4629d594d9b4041ae Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 01:16:26 GMT last-modified Tue, 21 May 2024 15:32:38 GMT server Apache accept-ranges bytes content-length 282498 content-type image/png
GET H2	200	Feedback4.png telemedicinaonline.org/grupo/imagens/	275 KB 275 KB	501ms 251ms	Image image/png	69.49.241.29 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://telemedicinaonline.org/grupo/imagens/Feedback4.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.49.241.29 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 69-49-241-29.unifiedlayer.com Software Apache / Resource Hash 55e6561037ae3401ddf68ee34c6a6626035afebd09b30d5a3d983eda6b8cb06c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 01:16:26 GMT last-modified Tue, 21 May 2024 15:32:38 GMT server Apache accept-ranges bytes content-length 281543 content-type image/png
GET H2	200	BRRR422_01.webp novaeramoneypro.online/wp-content/uploads/2024/02/	200 KB 200 KB	218ms 217ms	Image image/webp	203.159.80.209 Gamers Club Ltda
General Check archive.org Show headers Download Go to Show image Full URL https://novaeramoneypro.online/wp-content/uploads/2024/02/BRRR422_01.webp Requested by Host: novaeramoneypro.online URL: https://novaeramoneypro.online/wp-content/litespeed/ucss/25e97184d3523f3d5b2b619fe6ae5e22.css?ver=ef735 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 203.159.80.209 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR), Reverse DNS br.lando3070.com.br Software / Resource Hash 4173b602638879c20395e46952fe8bf6812d30f848a57144177d65e3695213ce Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://novaeramoneypro.online/wp-content/litespeed/ucss/25e97184d3523f3d5b2b619fe6ae5e22.css?ver=ef735 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 01:16:26 GMT last-modified Fri, 23 Feb 2024 01:40:11 GMT servidor Núcleo Brasil Servidores content-type image/webp cache-control public, max-age=31557600 accept-ranges bytes content-length 204708 localizacao Lando - Level3 - SP Brasil expires Mon, 26 May 2025 07:16:26 GMT
GET H2	200	BRRR422_02.webp novaeramoneypro.online/wp-content/uploads/2024/02/	88 KB 88 KB	643ms 643ms	Image image/webp	203.159.80.209 Gamers Club Ltda
General Check archive.org Show headers Download Go to Show image Full URL https://novaeramoneypro.online/wp-content/uploads/2024/02/BRRR422_02.webp Requested by Host: novaeramoneypro.online URL: https://novaeramoneypro.online/wp-content/litespeed/ucss/25e97184d3523f3d5b2b619fe6ae5e22.css?ver=ef735 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 203.159.80.209 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR), Reverse DNS br.lando3070.com.br Software / Resource Hash 98807fd437915298f6d9c7617494d84031fb89abcbb227aaf531576257794f86 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://novaeramoneypro.online/wp-content/litespeed/ucss/25e97184d3523f3d5b2b619fe6ae5e22.css?ver=ef735 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 01:16:26 GMT last-modified Fri, 23 Feb 2024 01:42:49 GMT servidor Núcleo Brasil Servidores content-type image/webp cache-control public, max-age=31557600 accept-ranges bytes content-length 89770 localizacao Lando - Level3 - SP Brasil expires Mon, 26 May 2025 07:16:26 GMT
GET H2	200	BRRR422_03.webp novaeramoneypro.online/wp-content/uploads/2024/02/	71 KB 71 KB	643ms 643ms	Image image/webp	203.159.80.209 Gamers Club Ltda
General Check archive.org Show headers Download Go to Show image Full URL https://novaeramoneypro.online/wp-content/uploads/2024/02/BRRR422_03.webp Requested by Host: novaeramoneypro.online URL: https://novaeramoneypro.online/wp-content/litespeed/ucss/25e97184d3523f3d5b2b619fe6ae5e22.css?ver=ef735 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 203.159.80.209 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR), Reverse DNS br.lando3070.com.br Software / Resource Hash b9d685d243cc54622b02bd049ea59d876eb6e2aaf18c8089e0bfab9ec2276582 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://novaeramoneypro.online/wp-content/litespeed/ucss/25e97184d3523f3d5b2b619fe6ae5e22.css?ver=ef735 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 01:16:26 GMT last-modified Fri, 23 Feb 2024 01:42:48 GMT servidor Núcleo Brasil Servidores content-type image/webp cache-control public, max-age=31557600 accept-ranges bytes content-length 72244 localizacao Lando - Level3 - SP Brasil expires Mon, 26 May 2025 07:16:26 GMT
GET H2	200	4-768x1370-1-qgw4v41ndvf8mw5xxnxj3a13lddcmba8su9ki630xw.webp novaeramoneypro.online/wp-content/uploads/2024/02/	46 KB 46 KB	857ms 857ms	Image image/webp	203.159.80.209 Gamers Club Ltda
General Check archive.org Show headers Download Go to Show image Full URL https://novaeramoneypro.online/wp-content/uploads/2024/02/4-768x1370-1-qgw4v41ndvf8mw5xxnxj3a13lddcmba8su9ki630xw.webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 203.159.80.209 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR), Reverse DNS br.lando3070.com.br Software / Resource Hash b0ced019353d5c096ac60073855774cf557aebe366f1f606a7a3d0102d7fda3d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 01:16:26 GMT last-modified Sun, 11 Feb 2024 02:03:21 GMT servidor Núcleo Brasil Servidores content-type image/webp cache-control public, max-age=31557600 accept-ranges bytes content-length 47154 localizacao Lando - Level3 - SP Brasil expires Mon, 26 May 2025 07:16:26 GMT
GET H2	200	5-768x1370-1-qgw4v9ooivmykjxr0qdai8lv5oljwhwmtm6hdtunwk.webp novaeramoneypro.online/wp-content/uploads/2024/02/	49 KB 49 KB	858ms 857ms	Image image/webp	203.159.80.209 Gamers Club Ltda
General Check archive.org Show headers Download Go to Show image Full URL https://novaeramoneypro.online/wp-content/uploads/2024/02/5-768x1370-1-qgw4v9ooivmykjxr0qdai8lv5oljwhwmtm6hdtunwk.webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 203.159.80.209 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR), Reverse DNS br.lando3070.com.br Software / Resource Hash 720a39f739572356f54c77c9f98579c0ba421979e9ac5348e1eb9618f564b6f5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 01:16:26 GMT last-modified Sun, 11 Feb 2024 02:03:20 GMT servidor Núcleo Brasil Servidores content-type image/webp cache-control public, max-age=31557600 accept-ranges bytes content-length 49806 localizacao Lando - Level3 - SP Brasil expires Mon, 26 May 2025 07:16:26 GMT
GET H2	200	6-768x1370-1-qgw4vfbpnvuoi7pk3st1x76mpztr6oj0ue3e9hmav8.webp novaeramoneypro.online/wp-content/uploads/2024/02/	47 KB 47 KB	858ms 858ms	Image image/webp	203.159.80.209 Gamers Club Ltda
General Check archive.org Show headers Download Go to Show image Full URL https://novaeramoneypro.online/wp-content/uploads/2024/02/6-768x1370-1-qgw4vfbpnvuoi7pk3st1x76mpztr6oj0ue3e9hmav8.webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 203.159.80.209 Sorocaba, Brazil, ASN268624 (Gamers Club Ltda, BR), Reverse DNS br.lando3070.com.br Software / Resource Hash f1c1e4195e9847d0ba59e2e884c0c63d815fee8a85131cfe80cac359f7810ff0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://blacktips.vip/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 26 May 2024 01:16:26 GMT last-modified Sun, 11 Feb 2024 02:03:19 GMT servidor Núcleo Brasil Servidores content-type image/webp cache-control public, max-age=31557600 accept-ranges bytes content-length 48354 localizacao Lando - Level3 - SP Brasil expires Mon, 26 May 2025 07:16:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

telemedicinaonline.org

URL

https://telemedicinaonline.org/wp-content/plugins/litespeed-cache/guest.vary.php

Domain

www.facebook.com

URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fprivacy_sandbox%2Fpixel%2Fregister%2Ftrigger%2F%3Fid%3D917746393421538%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fblacktips.vip%252F%26rl%26if%3Dfalse%26ts%3D1716686185634%26sw%3D1600%26sh%3D1200%26v%3D2.9.156%26r%3Dstable%26ec%3D0%26o%3D4126%26fbp%3Dfb.1.1716686185631.1063306691%26cs_est%3Dtrue%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1716686185508%26coo%3Dfalse%26rqm%3DFGET

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| litespeed_docref function| fbq function| _fbq number| minutosIniciais number| segundosIniciais number| atualizarCronometro function| pad function| LazyLoad string| litespeed_vary function| urlCreator function| litespeed_load_delayed_js_force function| litespeed_load_delayed_js function| litespeed_load_one function| litespeed_inline2src function| clickSmoothScrolling

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.blacktips.vip/	1970-01-20 23:01:02	Name: _fbp Value: fb.1.1716686185631.1063306691

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://blacktips.vip/ Message: Access to fetch at 'https://telemedicinaonline.org/wp-content/plugins/litespeed-cache/guest.vary.php' from origin 'https://blacktips.vip' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://telemedicinaonline.org/wp-content/plugins/litespeed-cache/guest.vary.php Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blacktips.vip
cdn-mars.vendd.com.br
connect.facebook.net
novaeramoneypro.online
telemedicinaonline.org
www.facebook.com
telemedicinaonline.org
www.facebook.com
187.108.207.21
203.159.80.209
2400:52e0:1e00::1079:1
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
69.49.241.29
01a1b880fff3f8cca9fefc4c568d33b286ce0609986dca9f354c6be4261e78eb
0ad487731520590f08e8fb6af91adec1e807eedc8fd32208f79fe9ef10fa8554
205dd7c591a89303c5d8122cb769c96894dfc73ce941c692efa7e8795dca3e0e
224009ec3b4c212385819f9d3673a0295928679b61418766c2a935977c213a9c
3289da50b4368d08030eeae73a9f6acc318d260ea7488533e02fc356d8718c18
3822d65f059588a85805121650cda2f8d9302540abb24471a809ad0bb9497853
4173b602638879c20395e46952fe8bf6812d30f848a57144177d65e3695213ce
4d8d52aaf3be2fe078be9f6695fc346a2d15fde48e232805824ff992325b078a
55e6561037ae3401ddf68ee34c6a6626035afebd09b30d5a3d983eda6b8cb06c
5d296da461cd9a2421d6ecf2954f231ad6a7b18b941a5b0a5e2eb1293be5e569
5ff1a02a97b8c3f4f33d2806e2ba4adc3d5ba4b1827293d4629d594d9b4041ae
720a39f739572356f54c77c9f98579c0ba421979e9ac5348e1eb9618f564b6f5
859f5517d67550ee0c59686e9f99e32b87fcb10f6c1afda92e84502467608d69
98807fd437915298f6d9c7617494d84031fb89abcbb227aaf531576257794f86
aa8042a77500cfe4a4893e2b7edbd54dded92768e40418fa0665bec8aae9ae18
b0ced019353d5c096ac60073855774cf557aebe366f1f606a7a3d0102d7fda3d
b9d685d243cc54622b02bd049ea59d876eb6e2aaf18c8089e0bfab9ec2276582
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e931823ffd0b6cfd1624e3a7c1c49861ed3420297862e727f07e04c8be1cc89b
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
f1c1e4195e9847d0ba59e2e884c0c63d815fee8a85131cfe80cac359f7810ff0
fc1d1e2a49420e6c0bfd52feb0c55307894d2fe92f5675850f1d1d8c0f83a16c
fff1859cf80910fc8a72b6340bfa5b465e39251b5aef60cc660e9ab318b478b6