vexpenses.com.br Open in urlscan Pro
13.32.110.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vexpenses.com/
Effective URL:
https://vexpenses.com.br/
Submission: On February 08 via manual (February 8th 2023, 4:30:31 pm UTC) from SG — Scanned from DE

Summary HTTP 213 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 22 domains to perform 213 HTTP transactions. The main IP is 13.32.110.7, located in United States and belongs to AMAZON-02, US. The main domain is vexpenses.com.br.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 6th 2023. Valid for: a year.

This is the only time vexpenses.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.224.52.252 54.224.52.252	14618 (AMAZON-AES) (AMAZON-AES)
72	13.32.110.7 13.32.110.7	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 19	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
1	52.73.27.165 52.73.27.165	14618 (AMAZON-AES) (AMAZON-AES)
5	52.222.250.26 52.222.250.26	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	3.20.16.147 3.20.16.147	16509 (AMAZON-02) (AMAZON-02)
12	2.16.186.179 2.16.186.179	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:220... 2600:9000:2204:e200:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4025:401::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	52.224.31.34 52.224.31.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.223.116.65 35.223.116.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.68.90.188 34.68.90.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	34.117.59.81 34.117.59.81	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
213	30

1 54.224.52.252 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-52-252.compute-1.amazonaws.com

vexpenses.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 13.32.110.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-7.vie50.r.cloudfront.net

vexpenses.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:400d:807::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.27.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-27-165.compute-1.amazonaws.com

app.vexpenses.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.250.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-26.fra60.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.20.16.147 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-16-147.us-east-2.compute.amazonaws.com

app.qualzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.16.186.179 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-179.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:e200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

h.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.223.116.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.116.223.35.bc.googleusercontent.com

pageview-notify.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.68.90.188 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.90.68.34.bc.googleusercontent.com

popups.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	vexpenses.com.br vexpenses.com.br	1 MB
37	gstatic.com fonts.gstatic.com www.gstatic.com	1 MB
20	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 4600	220 KB
15	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 298 fonts.googleapis.com — Cisco Umbrella Rank: 32	125 KB
12	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 770	111 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1174 h.clarity.ms — Cisco Umbrella Rank: 7716 c.clarity.ms — Cisco Umbrella Rank: 1634	21 KB
6	ipinfo.io ipinfo.io — Cisco Umbrella Rank: 6447
6	qualzz.com app.qualzz.com	143 KB
5	cloudfront.net d335luupugsy2.cloudfront.net	75 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349 www.linkedin.com — Cisco Umbrella Rank: 560 px4.ads.linkedin.com — Cisco Umbrella Rank: 6240	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 362 c.bing.com — Cisco Umbrella Rank: 239	12 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6211	669 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 23	20 KB
2	rdstation.com.br pageview-notify.rdstation.com.br — Cisco Umbrella Rank: 94966 popups.rdstation.com.br — Cisco Umbrella Rank: 80441	867 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	235 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	136 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	166 KB
2	vexpenses.com 1 redirects vexpenses.com app.vexpenses.com	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	6 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 811	378 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 694	5 KB
213	22

	Domain	Requested by
72	vexpenses.com.br	vexpenses.com.br
23	www.gstatic.com	www.google.com vexpenses.com.br www.gstatic.com
19	www.google.com	1 redirects vexpenses.com.br www.google.com www.gstatic.com
14	fonts.gstatic.com	vexpenses.com.br fonts.googleapis.com
13	fonts.googleapis.com	app.qualzz.com
12	analytics.tiktok.com	vexpenses.com.br analytics.tiktok.com
6	ipinfo.io	ajax.googleapis.com
6	app.qualzz.com	www.googletagmanager.com app.qualzz.com ajax.googleapis.com
5	d335luupugsy2.cloudfront.net	vexpenses.com.br d335luupugsy2.cloudfront.net
3	h.clarity.ms	www.clarity.ms
3	www.google.de	vexpenses.com.br
3	bat.bing.com	www.googletagmanager.com bat.bing.com vexpenses.com.br
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com vexpenses.com.br
2	c.clarity.ms	1 redirects
2	ajax.googleapis.com	app.qualzz.com
2	www.facebook.com	vexpenses.com.br
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	px.ads.linkedin.com	2 redirects
2	www.clarity.ms	vexpenses.com.br www.clarity.ms
2	connect.facebook.net	vexpenses.com.br connect.facebook.net
2	www.googletagmanager.com	vexpenses.com.br www.googletagmanager.com
1	popups.rdstation.com.br	d335luupugsy2.cloudfront.net
1	pageview-notify.rdstation.com.br	d335luupugsy2.cloudfront.net
1	c.bing.com	1 redirects
1	cdnjs.cloudflare.com	app.qualzz.com
1	region1.analytics.google.com	www.googletagmanager.com
1	px4.ads.linkedin.com	vexpenses.com.br
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	app.vexpenses.com	vexpenses.com.br
1	vexpenses.com	1 redirects
213	33

This site contains links to these domains. Also see Links.

Domain
app.vexpenses.com
link.vexpenses.com.br
www.facebook.com
br.linkedin.com
www.instagram.com
www.youtube.com
play.google.com
apps.apple.com
suporte.vexpenses.com.br
vexpenses.gupy.io
universidade.vexpenses.com.br

Subject Issuer	Validity	Valid
*.vexpenses.com.br Amazon RSA 2048 M01	`2023-02-06` - `2024-03-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
app.vexpense.com.br R3	`2023-01-13` - `2023-04-13`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-17` - `2023-02-15`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
qualzz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-13` - `2023-10-14`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2022-12-15` - `2024-01-15`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.rdstation.com.br Sectigo RSA Domain Validation Secure Server CA	`2022-08-29` - `2023-09-29`	a year	crt.sh
popups.rdstation.com.br R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
ipinfo.io R3	`2023-01-18` - `2023-04-18`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://vexpenses.com.br/
Frame ID: 2F5132E8195CA09AFBA108F97600BC70
Requests: 166 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi&co=aHR0cHM6Ly92ZXhwZW5zZXMuY29tLmJyOjQ0Mw..&hl=de&type=image&v=gEr-ODersURoIfof1hiDm7R5&theme=light&size=invisible&badge=bottomright&cb=u57mw6o43dvm
Frame ID: 95CB976B0319847A5971A6B1590F64CE
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi&co=aHR0cHM6Ly92ZXhwZW5zZXMuY29tLmJyOjQ0Mw..&hl=de&type=image&v=gEr-ODersURoIfof1hiDm7R5&theme=light&size=invisible&badge=bottomright&cb=h4523kadlj4e
Frame ID: ED32A7EDA0F4E4B729E27B58D804BA7B
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi&co=aHR0cHM6Ly92ZXhwZW5zZXMuY29tLmJyOjQ0Mw..&hl=de&type=image&v=gEr-ODersURoIfof1hiDm7R5&theme=light&size=invisible&badge=bottomright&cb=r9wq2d278y7t
Frame ID: 1EA655C09F1825F9B99764F4562BC6A7
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi
Frame ID: 49ADB267833DF21568B700B2783DE059
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi
Frame ID: 1259C9D2C7C3254382B4A812F4C2C8F7
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 814A56E53157A7AE48E15A6AA5DA7F4C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi
Frame ID: 85EF2D5819A1B25F42976F6184EEDF39
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VExpenses: Gestão de despesas e cartões corporativos do jeito certo

Page URL History Show full URLs

http://vexpenses.com/ HTTP 301
https://vexpenses.com.br/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

RD Station (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

213
Requests

94 %
HTTPS

61 %
IPv6

22
Domains

33
Subdomains

30
IPs

4
Countries

3630 kB
Transfer

8047 kB
Size

32
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://app.vexpenses.com/login
Title: Login

Search URL Search Domain Scan URL

URL: https://link.vexpenses.com.br/secao-gestao-de-despesas-whatsapp
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://www.facebook.com/vexpense

Search URL Search Domain Scan URL

URL: https://br.linkedin.com/company/vexpenses

Search URL Search Domain Scan URL

URL: https://www.instagram.com/vexpenses/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/VExpenses

Search URL Search Domain Scan URL

URL: https://link.vexpenses.com.br/rodape-site-whatsapp

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.vexpenses.android2&utm_campaign=link-vexpenses-site-playstore&utm_medium=link&utm_source=site

Search URL Search Domain Scan URL

URL: https://apps.apple.com/br/app/vexpenses-reembolso-de-despesa/id988975487?utm_campaign=link-vexpenses-site-appstore&utm_medium=footer&utm_source=site

Search URL Search Domain Scan URL

URL: https://suporte.vexpenses.com.br/hc/pt-br
Title: Central de Ajuda

Search URL Search Domain Scan URL

URL: https://vexpenses.gupy.io/
Title: Carreira no VExpenses

Search URL Search Domain Scan URL

URL: https://universidade.vexpenses.com.br/
Title: Cursos e Certificações

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vexpenses.com/ HTTP 301
https://vexpenses.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1675873824683&url=https%3A%2F%2Fvexpenses.com.br%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D525153%26time%3D1675873824683%26url%3Dhttps%253A%252F%252Fvexpenses.com.br%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1675873824683&url=https%3A%2F%2Fvexpenses.com.br%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1675873824683&url=https%3A%2F%2Fvexpenses.com.br%2F&liSync=true&e_ipv6=AQLMCtwb3p3FgQAAAYYx3TEfSuh82t7N5oLYnCdZt81p-gAeqyYndmZWQCOlaHOnrKbsoKD8RKpe

Request Chain 151

https://www.google.com/jsapi?callback=gloader_loaded HTTP 301
https://www.gstatic.com/charts/loader.js?callback=gloader_loaded

Request Chain 167

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=5B8C4417EC03436B9F62B9CFA5D45547&RedC=c.clarity.ms&MXFR=0CE9B5F3702A6D072DA2A741742A63EA HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=5B8C4417EC03436B9F62B9CFA5D45547&MUID=2691DA3322AF662B3066C881237D67E0

213 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vexpenses.com.br/
Redirect Chain

http://vexpenses.com/
https://vexpenses.com.br/

87 KB
24 KB

349ms
198ms

Document
text/html

13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b22215e20cb56235d69c1d9f3ab4313c98648f933c57c3bc6b01102a986777c8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 335525
cache-control: public, max-age=0, s-maxage=2, must-revalidate
content-encoding: gzip
content-type: text/html
date: Sat, 04 Feb 2023 19:18:19 GMT
etag: W/"17019f57fb9446a9a4ae2e8e5461d48a"
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 776fbf9a4fc4b393f157f9f75dd29a06.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
x-amz-cf-id: 5dKU82ivUIOWuD5AvlFPRKGWxe2Kxemlg4xtfAVy2Knd6qeDdXAOjw==
x-amz-cf-pop: IAD55-P5 VIE50-C2
x-cache: Miss from cloudfront

Redirect headers

Connection: Keep-Alive
Content-Length: 312
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 08 Feb 2023 16:30:23 GMT
Keep-Alive: timeout=5, max=100
Location: https://vexpenses.com.br/
Server: Apache/2.4.41 (Ubuntu)

GET
H2 200 5bb3c166fb1f062b.css
vexpenses.com.br/_next/static/css/ 1 KB
942 B 196ms
196ms Stylesheet
text/css 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/css/5bb3c166fb1f062b.css
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2035742fc10527688d5cbe9c5b5f909e2e826e7c8288f401c78a6844aef8c92a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:20:39 GMT
content-encoding: gzip
via: 1.1 6cf4081c1099e7ccfdba44532a13bc54.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114585
etag: W/"ad30bfd8a67e9478a53f348e53cd3092"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: wJgpjg8M7DSQ6QZPsFmOg2xfMiXg4hzMik08E8pURM5PbZ3Ep_DyFQ==

GET
H2 200 8cd1c55b83960ab2.css
vexpenses.com.br/_next/static/css/ 18 KB
3 KB 207ms
207ms Stylesheet
text/css 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/css/8cd1c55b83960ab2.css
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc9a9b0e86d770a8cfc04409be77e2a1d7f7444d1adda02d7421ee9ffbb89fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 13:52:36 GMT
content-encoding: gzip
via: 1.1 1814689e6a53bd70e892d4abd59ed626.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2169467
etag: W/"6e104de60bd22e85a6f50a2a2c3fb978"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: KAwR1D0UZ0OK4kZQp60VE7rc3D9pNP1R0zafCUOilHHdTDqWfSEXYQ==

GET
H2 200 webpack-026a18f3f2f948d3.js Show response
vexpenses.com.br/_next/static/chunks/ 2 KB
1 KB 199ms
183ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/chunks/webpack-026a18f3f2f948d3.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05ea2a983a80430b6326c7029c493aad80e989719a68fc3da0a46364fadc4a64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:20:39 GMT
content-encoding: gzip
via: 1.1 f03ced384777449538f7af55da0e2760.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114585
etag: W/"5d7885aeaf54d4990024dc71bf647d9b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: OjQObcesCCmkxBuB0La9N4lgjmstxcgcsnn8EPbj6Ky9y6DapbS3eQ==

GET
H2 200 framework-91d7f78b5b4003c8.js Show response
vexpenses.com.br/_next/static/chunks/ 127 KB
42 KB 263ms
245ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/chunks/framework-91d7f78b5b4003c8.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:20:39 GMT
content-encoding: gzip
via: 1.1 f99ff04b44b46caf63e2de40aa2beda4.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114585
etag: W/"4328303147a9363db368b17367be6c71"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: xgDNPFzFZB0fSWb0prEZnLE7L4HpMS5ai48Eg67YM4SeUrUzPcDNrA==

GET
H2 200 main-227d8a355acfa369.js Show response
vexpenses.com.br/_next/static/chunks/ 99 KB
29 KB 229ms
211ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/chunks/main-227d8a355acfa369.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74c3211bbf0907ca026d196e071b0763b1a1a94c1c2fa53a86c7e2cb6c2be390

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:20:39 GMT
content-encoding: gzip
via: 1.1 ccabfbceff64477665e33f03003a399c.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114585
etag: W/"6e8bffed7b9f5348a85e2f24d95ff83f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: 77t5h1FHAvTS5AiQbQ0k1CNcq8Kok8itkhmLJ6PuNbfn__Efrl-vKw==

GET
H2 200 _app-9ee30ef5d99e294a.js Show response
vexpenses.com.br/_next/static/chunks/pages/ 112 KB
34 KB 205ms
187ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/chunks/pages/_app-9ee30ef5d99e294a.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af06fad4abc51c3042cf3cbb12c80fae9f787777ab8bbc25e2af4a4d7dcd2fe0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:20:39 GMT
content-encoding: gzip
via: 1.1 ddf6879aa6c2007b075baebb295e9494.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114585
etag: W/"1d215bf385fa51caf0964591eb54d046"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: IC5jzqsbYQVKvviyPtZInw07l3-JNU0_wSwlPia1SonTND6QrF9lDg==

GET
H2 200 227-14a480c3aca346b3.js Show response
vexpenses.com.br/_next/static/chunks/ 221 KB
67 KB 247ms
229ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/chunks/227-14a480c3aca346b3.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f5696231e1af86e991b997ab81bf6d91bff3289854f285e5c04e129de6649c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:20:39 GMT
content-encoding: gzip
via: 1.1 f67d20cc5e893094f1f2660dce32bf4a.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114585
etag: W/"a60e32344cce3939a15c0d4d1f334838"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: adwJZ6WPJjKrXiEDxYSOISX8jKblDQCiBD83K0ftQA_67VCNrhGQnA==

GET
H2 200 585-d8bd9da9bfa18ac9.js Show response
vexpenses.com.br/_next/static/chunks/ 15 KB
6 KB 237ms
220ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/chunks/585-d8bd9da9bfa18ac9.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0d08e6fa18c66302c7b15b7d757a4e53a93b12a0bd7d382307f538db42b2e25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:20:39 GMT
content-encoding: gzip
via: 1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114585
etag: W/"a1105080e96fb3e87120e4c57d025f1c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: wtdYdd2KPWLpHIQImTW9czxM26Qe3n6iwUt9nl2lSuCtK40xLfpdSg==

GET
H2 200 740-2754072588f81723.js Show response
vexpenses.com.br/_next/static/chunks/ 31 KB
11 KB 241ms
223ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/chunks/740-2754072588f81723.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5ff2fa04313b9bdde8f074e52191621d10741c197493f3dbce988542148c7e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:20:39 GMT
content-encoding: gzip
via: 1.1 193a402ffd948b9e8339796d3c0c8282.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114585
etag: W/"977afb17ffe08d50a7edfca734bd585b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: XfU3VYloJLylQpxBGwa076iuQLIA2lulNcwTnrd7o2l6D9lsR-asLA==

GET
H2 200 897-8307c90a54106986.js Show response
vexpenses.com.br/_next/static/chunks/ 20 KB
5 KB 534ms
516ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/chunks/897-8307c90a54106986.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f533b94f00cce7d20abe60dc1c94c4e97811033899a51abef2a29493c47fc23f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:20:39 GMT
content-encoding: gzip
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114586
etag: W/"0e2f263f6b8679e0e3abdc1048f8641e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: XPognh0B3D9jPO77xeuVb7H5_u3YrKcEiBH1qS9HowNa7by188V7bA==

GET
H2 200 41-20cf61066d13a2ff.js Show response
vexpenses.com.br/_next/static/chunks/ 12 KB
4 KB 215ms
198ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/chunks/41-20cf61066d13a2ff.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b77b20e54ce4c8f7b394deda3ce9f891e432f912ef3827a7555ce17510f7147

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:20:39 GMT
content-encoding: gzip
via: 1.1 ddf6879aa6c2007b075baebb295e9494.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114585
etag: W/"1f179fbfacb7d54ad624d315b4ec868e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: KPSNkruY7P-3suKq5Q9qG4vGy8ZQFvPK6CYcdzhHkb_1v-AS_lkHGw==

GET
H2 200 286-c19d43c025664e8c.js Show response
vexpenses.com.br/_next/static/chunks/ 24 KB
6 KB 268ms
251ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/chunks/286-c19d43c025664e8c.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75654a31e87c7575f45b2c392b07abec6be405828d142105b85d7c8b775bdc72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:20:39 GMT
content-encoding: gzip
via: 1.1 f99ff04b44b46caf63e2de40aa2beda4.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114585
etag: W/"2b4d629a1cd92ff16a758d16885492c7"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: jjHYiUl_Y17YttS6ANm5BCB2q5grlZvNUhvLyhXaZGcRb8TcTPLl5w==

GET
H2 200 314-7f8d5f59233bdfe3.js Show response
vexpenses.com.br/_next/static/chunks/ 13 KB
3 KB 296ms
279ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/chunks/314-7f8d5f59233bdfe3.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb7e6f9cbfc9312b8386f962aa5785fca88309e3fa30da38edf4fad0495ddb00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:20:39 GMT
content-encoding: gzip
via: 1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114585
etag: W/"c84f07afa9afb6ad8f45af80d17d2f36"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: FbJPg18A2hCY6OflJPPrtijZo8uNNehwo9F1qmFTyw5kOSvVKLWBMg==

GET
H2 200 632-2338f7dc66fa9043.js Show response
vexpenses.com.br/_next/static/chunks/ 45 KB
6 KB 407ms
390ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/chunks/632-2338f7dc66fa9043.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4926639da8f2c3bd1c0c55946553b058c6ac9abf62a4751e1b4d982365d5ab4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:21:35 GMT
content-encoding: gzip
via: 1.1 193a402ffd948b9e8339796d3c0c8282.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114529
etag: W/"089a8a3f0aa2a20c890bd1c20a405787"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: pcpV-9-NipXD56GVQsRldRuFNKK8AyLubgjxbkz6W-bsEdxU7YVLRg==

GET
H2 200 385-b30247639bd163f9.js Show response
vexpenses.com.br/_next/static/chunks/ 35 KB
9 KB 269ms
252ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/chunks/385-b30247639bd163f9.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e7899d0e9426d916c7b6741aae1bba6ff98331562561b3726c37fe6dc75b023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:21:35 GMT
content-encoding: gzip
via: 1.1 ddf6879aa6c2007b075baebb295e9494.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114529
etag: W/"11803b14cc94e626afc3ddbac4a9bfa7"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: 4ExIHOYYaLVHRzlkPzLStmNKcGFp-K9y7hmK3E5TKUUlHp3CD6emDA==

GET
H2 200 index-b45f9fee8fa51d4c.js Show response
vexpenses.com.br/_next/static/chunks/pages/ 17 KB
5 KB 270ms
253ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/chunks/pages/index-b45f9fee8fa51d4c.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83fb494a67248021d5a6515c68d423112ff21dc9843bef294c0207444ff33f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:21:35 GMT
content-encoding: gzip
via: 1.1 7c325f2607fc0c1ae15500b51b245812.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114529
etag: W/"386d54d3e740d2698509fc7abeb1dad9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: LEFZUxl8FLR_jY3YC8uaWYaZvDtLxyLadvh9T51orCDYRFb_KfKVhA==

GET
H2 200 _buildManifest.js Show response
vexpenses.com.br/_next/static/XDaMWdUiytATGRcrs9z5d/ 4 KB
2 KB 303ms
287ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/XDaMWdUiytATGRcrs9z5d/_buildManifest.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24d1582dc657bd6edde2d2ccd538a4993f8095ea14e83f4ea5816b549d4ded7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:20:17 GMT
content-encoding: gzip
via: 1.1 3289feb7922c3bed2dd498f7353add3e.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114607
etag: W/"6885023bf1d3673257bfd91dce386542"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
x-amz-cf-id: RG2yRcolrj2M_ysJblmd_jRrG958J673kEL4xMWxq91aLGGHiTIrTw==

GET
H2 200 _ssgManifest.js Show response
vexpenses.com.br/_next/static/XDaMWdUiytATGRcrs9z5d/ 829 B
1 KB 397ms
381ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/XDaMWdUiytATGRcrs9z5d/_ssgManifest.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65cae41d2dca4ebf2b8a513dd989ac8d982c5fe3887d035b035e11da0d7f811b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:20:17 GMT
via: 1.1 f99ff04b44b46caf63e2de40aa2beda4.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114607
etag: "13d3cf5314be6ca9d0e819db4043aa30"
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
accept-ranges: bytes
content-length: 829
x-amz-cf-id: nKrjXYz6HzmZwq7GBDQHWIFUnRiunNQhtILkIEXnz4G56QeHm9VLkg==

GET
H2 200 _middlewareManifest.js Show response
vexpenses.com.br/_next/static/XDaMWdUiytATGRcrs9z5d/ 92 B
537 B 270ms
254ms Script
application/javascript 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vexpenses.com.br/_next/static/XDaMWdUiytATGRcrs9z5d/_middlewareManifest.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 15:20:17 GMT
via: 1.1 b97ecc65af57f73e17a5596e8dc5a2d4.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 3114607
etag: "7c3f7e060745668041278118c0bb3d6d"
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, immutable, s-maxage=2
accept-ranges: bytes
content-length: 92
x-amz-cf-id: K0L_9T9SkJc1NUGj4tt9LD-z1-cnwVcPVHPKFxvX6HSfH8hsloP6hg==

GET
H2 200 ball-blue.webp
vexpenses.com.br/images/textures/ 132 KB
133 KB 274ms
258ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/textures/ball-blue.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b46fca6b4d139e92fbf6e7c1ccc7eb23a102d772d76c9c59eb929e57a1f970c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:27:12 GMT
via: 1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2494992
etag: "f105d2c55240098f73eff5809e91403a"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 135390
x-amz-cf-id: 89r-xXN9O5IRWxF7wW81nH1AUZWud5ds3lYN9oUaRKA6Ir6az2aq6Q==

GET
H2 200 ball.webp
vexpenses.com.br/images/textures/ 13 KB
13 KB 433ms
418ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/textures/ball.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5bdf420612d74574736b56dd5b519602c3e1de86f864627b75eb3b0914df2514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 06:19:47 GMT
via: 1.1 29e51fc5bac0897053e2f02edda4aecc.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2887837
etag: "b74c435e3e37614b1bb574a6f1b8c945"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 13016
x-amz-cf-id: j_upNSQlv1cxIYhmYCEDNEhNa8Sxy7-hWCeQRmnU2ToN7b2gygXDKA==

GET
H2 200 logo.webp
vexpenses.com.br/images/logos/ 2 KB
2 KB 397ms
382ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/logos/logo.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 59da42db9e4075ae230df5b9aa124903e5ba81b6702fb43523b8fbc38540d662

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 12:59:34 GMT
via: 1.1 3289feb7922c3bed2dd498f7353add3e.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2777450
etag: "eaeef711ba021254300a72f1327e4bae"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 2114
x-amz-cf-id: BgjqhuzSNN3ZLhI3XROlwI_WiM4-Mwwbgj0-1iEVLoxXob7hLYSwtw==

GET
H2 200 dashboard-hero.webp
vexpenses.com.br/images/heros/ 18 KB
18 KB 434ms
419ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/heros/dashboard-hero.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 328e234cdf923a89e12c9ff43deec034d1991ad1eab0594e52b3ef3a6045e327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:30 GMT
via: 1.1 7c325f2607fc0c1ae15500b51b245812.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91974
etag: "bbb8806e98e28def772ee48d635dffa1"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 18302
x-amz-cf-id: 4QPjts2U0xTsMzPaie85k2rUisvgnE5xDUUV_cxeVgD3sBqjJpssTg==

GET
H2 200 mrv.png
vexpenses.com.br/images/customers/ 2 KB
3 KB 432ms
417ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/customers/mrv.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efae08ea13a1a8df89d633357c39882b62b5b971cd88261dcfdfc21c3ec8dd9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:27:13 GMT
via: 1.1 312f8b716ad43246758aa8031a8e0342.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2494991
etag: "4a620776c291834a3a7969e9034cda6b"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 2552
x-amz-cf-id: nEep21a6370Fdw7dfZgIy7cYva00NDk1n5-oUWd0XvD8vBGoFnXUJg==

GET
H2 200 basf-logo.png
vexpenses.com.br/images/customers/ 4 KB
5 KB 398ms
384ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/customers/basf-logo.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b5fe271503a9037639a3a0beaf9b5c1d5a4b533e9ec1da21ea371a46bba8ab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:29 GMT
via: 1.1 14386bbe111197c789e1b85b0496361c.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91975
etag: "0fc871351991dcd61d91bf026cfc405f"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 4168
x-amz-cf-id: gQ8rmc98xKbLipU6saavN4Cd4IpNUgCShNvYImA18ZwDF_7DqRQOpA==

GET
H2 200 CNN_Brasil.png
vexpenses.com.br/images/customers/ 4 KB
4 KB 292ms
278ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/customers/CNN_Brasil.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 596e54d63ed7b5be6b657f51883af0ba97401d329cb1800f3c2d8da1f4aebf80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 15:34:20 GMT
via: 1.1 0cb8928139de73eb220c70ed65a3d18a.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 1040164
etag: "171be262b7a45c363294353c2e7dcddf"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 3806
x-amz-cf-id: 8RZGyfT93FGTQE6WXmrGDMVKfQwNWOes9VpJiI1dYVg4anBvBLiUfg==

GET
H2 200 nike.png
vexpenses.com.br/images/customers/ 3 KB
3 KB 585ms
572ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/customers/nike.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2dd0fc7455581b5ff2d3a912353f63368479453cc8ad0b011f2627d4fd1af74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:31 GMT
via: 1.1 29e51fc5bac0897053e2f02edda4aecc.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91974
etag: "2d5d018e177e1e5d82c618fc6159c87c"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 2591
x-amz-cf-id: 7Qe1lxJMniqYvkQWn6daJjuUPQ85lRRMeyXhVj86FZxDawZUvpzVKg==

GET
H2 200 seara.png
vexpenses.com.br/images/customers/ 4 KB
4 KB 399ms
385ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/customers/seara.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a03178258439d1e63128eb40b198047ec3704277d9557c078d8a507880ecdd85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:27:12 GMT
via: 1.1 19818f9265689e7f5cbb430f8edbe402.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2494992
etag: "108a3c43f75fdcb76af536f3287bfcb1"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 4065
x-amz-cf-id: J93TCePQWaATbk7WTlQl2ugfxvyRQFj6Kkx-sVQ3zr1Fsn58CNhgVw==

GET
H2 200 habibs.png
vexpenses.com.br/images/customers/ 2 KB
2 KB 294ms
281ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/customers/habibs.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e2ae7be1dd59681bb1a47720d9e924b6eb75ba0f70e1045cd82efa5cfbbb3d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:29 GMT
via: 1.1 193a402ffd948b9e8339796d3c0c8282.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91975
etag: "dbc8fb2b0ba5d9e29926597ddd135a5c"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 2094
x-amz-cf-id: ZTWZ7yo4T8Q2-CVC6ZctGnF1fbUspJtG04GQzNQ4Epm9xzO8sS1wPw==

GET
H2 200 centauro-vermelho.png
vexpenses.com.br/images/customers/ 3 KB
4 KB 299ms
287ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/customers/centauro-vermelho.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d016f927e1a6613bfa69327507b6b9bc6da58973df291f33733ef6e5e467b181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:30 GMT
via: 1.1 cca398e17a6efdfcb7d03d1478e3dd56.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91974
etag: "158350c71f41393f9d22ea5a5539eb81"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 3498
x-amz-cf-id: CLCwcKj1nXnLBQPydVW0xELZ96VicO221_95_M2hMGcGUK1FBAhrjw==

GET
H2 200 puma.png
vexpenses.com.br/images/customers/ 2 KB
2 KB 434ms
422ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/customers/puma.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04d15d2abb17ac0e81c2eacf48ef078f075a335ec6ed7074265f340ec703478c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:31 GMT
via: 1.1 5d1a51a1eb09caa5b28051dd961c7c40.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91973
etag: "493bff194812d86973aacab473b3a499"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 1987
x-amz-cf-id: A8pi-ehzs3vm7zob-dWnXc4nDLiFuIX4KMCCST-uGOjCKm7knkQH_g==

GET
H2 200 wickbold.png
vexpenses.com.br/images/customers/ 3 KB
4 KB 293ms
281ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/customers/wickbold.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bba77068885d0e2744f18abc3f70404599650db3652aba6c8e6114366a6f73f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:29 GMT
via: 1.1 fdb52cd1c10dcf08197f1215fcd8e512.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91975
etag: "6abacfe286b87589a287d55ab9f1c226"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 3475
x-amz-cf-id: mnDLbuDkK7h0x6UgR3xsEwI7tLRAP8nYF9rw8r5-hcUDatI3kKpH-Q==

GET
H2 200 seguros-unimed.png
vexpenses.com.br/images/customers/ 2 KB
3 KB 269ms
257ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/customers/seguros-unimed.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b869bef925ac878756904f5ea09b9a544ee54d9a84fc8650603251e2058336d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:29 GMT
via: 1.1 1814689e6a53bd70e892d4abd59ed626.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91975
etag: "679a1a42a783441c5febc9dcab56630c"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 2134
x-amz-cf-id: 7HZ0a4zmBRGHLSFFHU8vq-qvePCB9vHrEc5m7nis6GProxCbgxhCng==

GET
H2 200 terceira-dobra-canto-superior-esquerdo.webp
vexpenses.com.br/images/textures/ 9 KB
10 KB 267ms
256ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/textures/terceira-dobra-canto-superior-esquerdo.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9829aab999435b4bd49912bef6f2ecd35dcd6de5679111b43277f9dc5d5f6f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:27:12 GMT
via: 1.1 f99ff04b44b46caf63e2de40aa2beda4.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2494992
etag: "fff4a56690346152c1fda2c71a997e67"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 9606
x-amz-cf-id: QDTdHVzoIi5Hj6rnzCs-oGPXIqHfPXAp1U4j6VvNYDkc1F4u1ebfDA==

GET
H2 200 reembolsos-e-%20adiantamentos.png
vexpenses.com.br/images/icons/home/ 2 KB
2 KB 287ms
277ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/icons/home/reembolsos-e-%20adiantamentos.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78d5f347705d3aff1b63383895562133a01b83e90028d12ae48c572c96ebde4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:30 GMT
via: 1.1 29e51fc5bac0897053e2f02edda4aecc.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:49 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91973
etag: "d48b5f9b539d9c8870a4235568930a3f"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 1824
x-amz-cf-id: 9kQNMLEE_HpJdvAunWluFWs8ATwEyTyLepy6V3-3jZdhc8Yw30Ogsg==

GET
H2 200 despesas-projetos-e-equipes.webp
vexpenses.com.br/images/icons/home/ 2 KB
2 KB 391ms
380ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/icons/home/despesas-projetos-e-equipes.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc0bb8bd86f235e11e9e8eff6d6d814ab30196b1f94727534d68f30eac66bfd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:30 GMT
via: 1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:49 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91974
etag: "c1dabcb0d4d3d2a918b3ddd8f24529ac"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 1640
x-amz-cf-id: SvhkGkmopJ9sV5c4_N4KcbcQNt4BM75j8xO60PY5BLuQwLMT697oyQ==

GET
H2 200 cartoes-ilimitados.webp
vexpenses.com.br/images/icons/home/ 560 B
1000 B 437ms
427ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/icons/home/cartoes-ilimitados.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c360e782c1926d15a985385d16462d07ca2b59afe02661e7e2ca3c2f0abef572

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:29 GMT
via: 1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:49 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91975
etag: "28d84d48e9968dba6121db8c03548fbd"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 560
x-amz-cf-id: Qz8Fjvz5bPbj15BmYbahzmb1GAYjo_GKdX3Lkj6c-kbigEct6Aoc9g==

GET
H2 200 politica-de-gastos.webp
vexpenses.com.br/images/icons/home/ 1 KB
1 KB 296ms
286ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/icons/home/politica-de-gastos.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65e63dbdb6a9ace548059f1b75ac2c40b6d1d343eabebd8871c05167f350769e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:54:34 GMT
via: 1.1 f9ffa60c9d8e866d90f2c98c19adc4f4.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:49 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 1827350
etag: "b74610c3b664fbdf88119f8dc2f1ac59"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 1092
x-amz-cf-id: 2-jsf8fZfRNvUkjtz--oT4Hr8XO7ZWXF9iJEp90ZleXwnlhU8qD66g==

GET
H2 200 fluxos-de-aprovacao.webp
vexpenses.com.br/images/icons/home/ 2 KB
2 KB 294ms
285ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/icons/home/fluxos-de-aprovacao.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa229fc57162453c1e254ea89698062ae97fccb96d685bb4e0c9cac9a29646f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:30 GMT
via: 1.1 c0cfe76b9184c0fbfe32c29e4d409dc6.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:49 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91974
etag: "800d50027f9122b55cfec8b3f106d6b7"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 1960
x-amz-cf-id: n-1epr7hfmnjL9n9tYnZQ5DutOhk9DRyi4o3QgBw2j6SXU69S7wtGg==

GET
H2 200 relatorio-e-dashboards-em-tempo-real.webp
vexpenses.com.br/images/icons/home/ 684 B
1 KB 424ms
415ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/icons/home/relatorio-e-dashboards-em-tempo-real.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85d0fbb5733e3b39323ba2fded6d198fc54f4f82904d32a4e77df8267aa2ef8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:33 GMT
via: 1.1 7858d9a710c9f9ade149eac1339a9a6c.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:49 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91971
etag: "9fa0f6f73567a3dc08e411a6ebd2e36e"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 684
x-amz-cf-id: 9dwZqL0x9o9Ua_N2MgUOna7Xy-YHgPiJaDcKtFot5rSXxJB8erRefw==

GET
H2 200 integracao-com-erps.webp
vexpenses.com.br/images/icons/home/ 2 KB
2 KB 291ms
282ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/icons/home/integracao-com-erps.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7668a3fc8c1d03d35fb79e65c40c4875a6c43c7c85c40d42c42d4241d4394922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:33 GMT
via: 1.1 ddf6879aa6c2007b075baebb295e9494.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:49 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91971
etag: "72ebbdb5c5bd91b4d319789a37ae88c8"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 1856
x-amz-cf-id: z-CY9PL79wuzPe9u3l3qk157Sq93Xmo2pn1eNovSmbbgrfHDkfg-rA==

GET
H2 200 terceira-dobra-canto-inferior-direito.webp
vexpenses.com.br/images/textures/ 11 KB
12 KB 395ms
387ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/textures/terceira-dobra-canto-inferior-direito.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f9b9393746cfc109a91ac97605f504b740bfe5deece4bbbacddc5bfa691b130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 06:59:37 GMT
via: 1.1 83e647ac155b0cf3a9869914f5de36a4.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2367047
etag: "1eec7d386a9960587579a226842bdbd9"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 11548
x-amz-cf-id: mOA0HUUm5srmwlXzIjZHQJ3Kk7G9qIGn0XVoQQxbIM_p55qpZ8nmBg==

GET
H2 200 intelliscan-gps.png
vexpenses.com.br/images/sections-features/ 114 KB
114 KB 298ms
289ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/sections-features/intelliscan-gps.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a655e6c088999853de7049f443a25325e9bbc5331fe608179e165cc86f05911

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:33 GMT
via: 1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91971
etag: "d01c6f247e9ad1ec80b036252138fe5c"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 116540
x-amz-cf-id: H727i2LEzOdZBfFtbkzHIYwXcSyrDdRteitfXw670HtOPxsV7ieZXA==

GET
H2 200 image-cartoes-flexiveis.png
vexpenses.com.br/images/sections-features/ 127 KB
128 KB 399ms
391ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/sections-features/image-cartoes-flexiveis.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 07bc68af61e6c0a9564bb913cc972b06f42dc6b37fd92397647536f692c53828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:33 GMT
via: 1.1 1103f2f4fcd4848a1668ac878932c20a.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91971
etag: "b53291753548226beebddb0500ec6c1f"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 130136
x-amz-cf-id: bFywlbal1H-9lsDhNBGIlDDK3aM4SQBZyWzycpIJCHoUMYzknQ2-Ew==

GET
H2 200 gestao-de-caixinhas-e-fundos-fixos.webp
vexpenses.com.br/images/icons/ 982 B
1 KB 396ms
388ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/icons/gestao-de-caixinhas-e-fundos-fixos.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 215ba5c67fcbff57d1b8a1fc9d13b5541745fba1272526a5df794e10297da33b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:33 GMT
via: 1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91971
etag: "df9adca29e9ad4dc13e10ee7bd6962d1"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 982
x-amz-cf-id: XzJ8Vz3c7Z40vNA2Sjb1P5CGUEFhXKAYKWaR7fqmIMo06AXQmeANGw==

GET
H2 200 softwares-por-assinatura-e-infraestrutura-de-ti.webp
vexpenses.com.br/images/icons/ 1 KB
1 KB 293ms
285ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/icons/softwares-por-assinatura-e-infraestrutura-de-ti.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5f4e79c9d051bc7eab521979de436cf4d57691fad72dda50ceb15268b15d3e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 06:59:37 GMT
via: 1.1 193a402ffd948b9e8339796d3c0c8282.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2367047
etag: "b141eb5106e74a121aebbd7c9a24f460"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 1080
x-amz-cf-id: N-HH_PQXjBE2bdx-N4cLLD8j6AND8pXsW9wOWh1E9gHuaYHbe1F0xg==

GET
H2 200 house.webp
vexpenses.com.br/images/icons/ 2 KB
2 KB 264ms
257ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/icons/house.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 176f7a901f0927a23bf8373655ff2720b6cf31fc3f3d32c060e1bd1c9f073cc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:33 GMT
via: 1.1 776fbf9a4fc4b393f157f9f75dd29a06.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91971
etag: "f4914d85cf3d6bcd9dde205d8b071b15"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 1792
x-amz-cf-id: D1Rvm_bIXeZRTIF3ok41pNkxKW_PU5xzraXxK8nLaUj3Dce3_yJy-Q==

GET
H2 200 gestao-de-obras-e-projetos.webp
vexpenses.com.br/images/icons/ 1 KB
2 KB 390ms
383ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/icons/gestao-de-obras-e-projetos.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13338cb761b48cf12516f50f9e78b56bfcfa1b61b51f5b9dd9da66b9df0f63aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:33 GMT
via: 1.1 5d1a51a1eb09caa5b28051dd961c7c40.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91971
etag: "28674f7a594bef1ee3126476ce3b8617"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 1462
x-amz-cf-id: KY59JOStXMNBKJ673uXGvco-FJmkTd4FECIBK9-POOpF8l93tF4OhA==

GET
H2 200 tela-cartoes.png
vexpenses.com.br/images/sections-features/ 49 KB
50 KB 396ms
389ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/sections-features/tela-cartoes.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b047ed889da719e3fd8df75208674dd3c4df7513f5f1cbdba9e0350b7243c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:34 GMT
via: 1.1 7007d03050a44a1c68abb38fc262d3f4.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91970
etag: "460849bc6bc04072dcaa7931d8bbfdf7"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 50537
x-amz-cf-id: oc9pjZZbQSQ6SdBmYWKF2zG-xnHQ5dUYviSuXyfZ1tRVXlf3gE1oww==

GET
H2 200 dashboard.png
vexpenses.com.br/images/sections-features/ 11 KB
12 KB 428ms
421ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/sections-features/dashboard.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7eb1e94b7824e042ebf73b7a3896f11738f37897d1231fbd1acaeca3cd7a500e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:27:17 GMT
via: 1.1 7858d9a710c9f9ade149eac1339a9a6c.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2494987
etag: "360497f4eea7d98b7ed5b4d2f67ee705"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 11694
x-amz-cf-id: XBNd9tDxcj1fCR9pcoSzEMolJXSRnZJd_XBH4gAuIClelPCVfXEpMA==

GET
H2 200 erp.png
vexpenses.com.br/images/sections-features/ 113 KB
114 KB 290ms
283ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/sections-features/erp.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a482ca677196e5a6925d474bdbbea9d02b036236cb2008fa25b8fa84d2304325

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:34 GMT
via: 1.1 747643510d5744fd5b06cb1647567818.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91970
etag: "bc6530053042242e1b408131e1792550"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 115815
x-amz-cf-id: w9N5uFXkBUolh7Zetm20EVaTlRTjSjWFvIJklEQAtRC1t9gYTlDmuw==

GET
H2 200 texturo-oitava-dobra-canto-superior-esquerdo.png
vexpenses.com.br/images/ 2 KB
3 KB 295ms
288ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/texturo-oitava-dobra-canto-superior-esquerdo.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b45dc9434aef88654c0676b653dba398186e71469e84fea1708190f5f964544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:27:17 GMT
via: 1.1 6cf4081c1099e7ccfdba44532a13bc54.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2494987
etag: "4621863152d3fc309ca218f5ef109f4b"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 2377
x-amz-cf-id: CkSVI0vuPkAe1uzd0g7uAdq5P557vmYDJsCjClTC-P7XPmUhWicXlw==

GET
H2 200 rafael-gozer.webp
vexpenses.com.br/images/depositions/ 4 KB
4 KB 287ms
280ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/depositions/rafael-gozer.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ffa08be32deb7ac9cf4aadca167e688194e747349df15a2b088a0ea5e5f48cdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:27:17 GMT
via: 1.1 0cb8928139de73eb220c70ed65a3d18a.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2494987
etag: "17cf8821b9a8d44d87807cc71dc0c5c2"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 3782
x-amz-cf-id: StOJdPbSyapwxrI91p7xW1syWBJAFciUhS1s5f83Cg_Lr25XcFaBdQ==

GET
H2 200 david-medina.webp
vexpenses.com.br/images/depositions/ 4 KB
4 KB 426ms
419ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/depositions/david-medina.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 135b3211860000144a141bed02f17d3d9bf59b26c151319020ef6733cae18798

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 15:34:20 GMT
via: 1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 1040164
etag: "2e7c401cfeb319b773aefb32ed59234d"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 3808
x-amz-cf-id: pYBQ_HDt33pwgkzSuo9UbsFtGy66Eol_6V7Gwn_L2pSjjnsTOlbtHQ==

GET
H2 200 anselmo-belodi-jr.webp
vexpenses.com.br/images/depositions/ 3 KB
4 KB 430ms
424ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/depositions/anselmo-belodi-jr.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ade205d46e37b520877cec385474596386d1a236819df3494b378bfc88b549e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 06:59:37 GMT
via: 1.1 02953992e043cdd9273bab020f4030a0.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2367047
etag: "283e0ebc18b1add35aa13bffd53a5406"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 3340
x-amz-cf-id: PxdgPDgBoBoYNN3p-AMBqegDp_oOtNEaiIqK0SM_jQ8ua7WXicNPHQ==

GET
H2 200 anderson-piram.webp
vexpenses.com.br/images/depositions/ 4 KB
4 KB 293ms
286ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/depositions/anderson-piram.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b4d6b061229f6283944b220723dd1e897e9c59a8165d02446d1db3219a21ddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:27:18 GMT
via: 1.1 ccabfbceff64477665e33f03003a399c.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2494986
etag: "befb372f99ae5c4ef77385feb31f7cdc"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 3686
x-amz-cf-id: ZvC4ISnsS98BkyiuPaxH1UN4h-iA6ZiO2_5xkz5msfq_4i31UoPsuQ==

GET
H2 200 especialista-365x348.webp
vexpenses.com.br/images/sections/ 11 KB
11 KB 493ms
486ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/sections/especialista-365x348.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2365edc6829feb65c056b160584cb018af496ece55f2832a15fdcc8769e1154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:34 GMT
via: 1.1 7858d9a710c9f9ade149eac1339a9a6c.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91970
etag: "c53c054e0aac3f0068266f077d66ec4d"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 11110
x-amz-cf-id: gIjd8P7PnQpkIylh5RTgJTpNRk00Hl_4XhYGfFqR5LE3IraC-lpEJw==

GET
H2 200 beneficios-desktop.webp
vexpenses.com.br/images/sections/ 22 KB
23 KB 391ms
384ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/sections/beneficios-desktop.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d858a58ce6f0808a4aa065f57ba2be8aa4d03245d6b4b80e6a767abbc001865a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:35 GMT
via: 1.1 afd822e99baebd9321fa9aa8f9350e78.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91969
etag: "d32c5f7b1576d23e77c82cf3f6820e9c"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 22702
x-amz-cf-id: _P8akEl3arwGPdifIjoTyAs1I4p9qRJlXfcZQXrcFqAcYGuPUDSa_A==

GET
H2 200 beneficios-desktop-mobile.webp
vexpenses.com.br/images/sections/ 10 KB
10 KB 432ms
426ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/sections/beneficios-desktop-mobile.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acaf5fd4bce5ca020be010ed54fecf3aad43a128ec935c1f9af55e269d53dbb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:35 GMT
via: 1.1 312f8b716ad43246758aa8031a8e0342.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91969
etag: "31e2a0daeed0f11a27ea68c93960dc2d"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 10194
x-amz-cf-id: nLVQbW4BQdwm2pP2Edvs0qou4Ul9P2AWy_amkHOG1cxQWhIy_2a1tw==

GET
H2 200 decima-dobra-canto-superior-esquerdo.webp
vexpenses.com.br/images/textures/ 12 KB
12 KB 431ms
425ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/textures/decima-dobra-canto-superior-esquerdo.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 220fcf577b3a191a34246e11744fa3a65a652e99356c9888040d6fdb2f7888e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 11:48:17 GMT
via: 1.1 f9ffa60c9d8e866d90f2c98c19adc4f4.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2349727
etag: "8aa708250f3e362e71bb561321a7fa71"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 11816
x-amz-cf-id: V3yEK78b0cztel5OIjZIO8zrfYhY2a3aEf3JRVuoeHz7d8hr-R8r8Q==

GET
H2 200 decima-dobra-canto-inferior-direito.webp
vexpenses.com.br/images/textures/ 13 KB
13 KB 393ms
387ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/textures/decima-dobra-canto-inferior-direito.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45b657f3c06d57141503e14a37ab0fe7d79661f2af32e8fd34a2a16ce36d4427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:35 GMT
via: 1.1 6cf4081c1099e7ccfdba44532a13bc54.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91969
etag: "bd435185efdd5d12dc605518bb43f534"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 13066
x-amz-cf-id: _czx4Le89weQj62eDNlcO9QpYqyulyabuJys-s2Xk2fZ3EgklcA7Zg==

GET
H2 200 g1.webp
vexpenses.com.br/images/medias/ 474 B
915 B 426ms
420ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/medias/g1.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b0a151b8d8dd214d5d21d08af57e4df98b7a3a3ff86bb41a27670da5b4993a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 12:54:34 GMT
via: 1.1 7858d9a710c9f9ade149eac1339a9a6c.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 1827350
etag: "84ea14fd254156166e39be08891de4aa"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 474
x-amz-cf-id: 7cABDCZWAdepeOdSCc9H4QmaVEcGvFMrfFSgRKxrpJxqgdjd3W0p8g==

GET
H2 200 estadao.webp
vexpenses.com.br/images/medias/ 2 KB
2 KB 392ms
386ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/medias/estadao.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f85e0af597fba87f07bd6a2c32e727677796ccd4fa2c431b2c6484ae9cd5c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:27:19 GMT
via: 1.1 f03ced384777449538f7af55da0e2760.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2494985
etag: "67b9d0c82730af903274b2f0bb191a16"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 2082
x-amz-cf-id: DOkXM4B7kYPYjyobQvFqgFQ2zz5DfwD2QAqVPMpyxshAy08CDcEX6w==

GET
H2 200 exm.webp
vexpenses.com.br/images/medias/ 1 KB
2 KB 290ms
284ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/medias/exm.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff3303fb3f64d8f498dabbdcfd6c49d45455a5abe29175bf3ff821b147e86f46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 19:27:19 GMT
via: 1.1 7007d03050a44a1c68abb38fc262d3f4.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2494985
etag: "5f1b9083cd4c1d73eac49b5da9d60a5b"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 1204
x-amz-cf-id: 7ZYJmWRHFg8yo3X6N0JVhlMgLrOU4yEppQAnMgCe30xaus_GSp1uQg==

GET
H2 200 valor-economico.webp
vexpenses.com.br/images/medias/ 1 KB
2 KB 434ms
429ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/medias/valor-economico.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a0d8cf6f3a3308fc2b637db99a9d6fc8007c14ca66fdff3ccd5b6677fac7c02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:36 GMT
via: 1.1 b97ecc65af57f73e17a5596e8dc5a2d4.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91968
etag: "946856533d5711c8e50a4884a63c49b6"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 1512
x-amz-cf-id: 5Kwadv4o1ivM2PDnv97o2qucp4eKR3rIQE-HfsgJaRzQJUiGBoNDEQ==

GET
H2 200 textura-decima-segunda-dobra-canto-inferior.png
vexpenses.com.br/images/ 5 KB
6 KB 390ms
385ms Image
image/png 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/textura-decima-segunda-dobra-canto-inferior.png
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0af7befaef8ae6a713c1874492aa2417f6fca1efe7140de546e9a8cab3498341

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 15:34:20 GMT
via: 1.1 3289feb7922c3bed2dd498f7353add3e.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 1040164
etag: "e8d863bda14992e26750f590b7bf9814"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 5195
x-amz-cf-id: rCl4r79OyeX_ic5wGr_1g9qwzwjiYydku6LTSLNXEG9hD9WMPg06vA==

GET
H2 200 logo-vertical.webp
vexpenses.com.br/images/logos/ 3 KB
3 KB 393ms
388ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/logos/logo-vertical.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 133df52014040f58b80acdec28c7504b2ae956a1f5d8fc720a9ced591c1903cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 06:59:37 GMT
via: 1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2367047
etag: "a6d8ba2783057e8a09381890dfdd115c"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 3134
x-amz-cf-id: HpyJ7DKwui1-qha2ZaWz7gS7NcyDG9yFqgjW3ZtW_lOo7QUbJbsOeg==

GET
H2 200 google-play.webp
vexpenses.com.br/images/store/ 2 KB
3 KB 290ms
285ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/store/google-play.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 746d997bc0d420796397ed66e2df1b273708f035fa5f3cef9342d4b797f8750f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:36 GMT
via: 1.1 f9ffa60c9d8e866d90f2c98c19adc4f4.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91968
etag: "5a4e81d36265e3add3ced1f88474348e"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 2534
x-amz-cf-id: O3qC9vaKAdv8CEEl_B7TfZSP2WhRr5DUeCytsVld4ZZoNAg475wktA==

GET
H2 200 app-store.webp
vexpenses.com.br/images/store/ 3 KB
3 KB 288ms
284ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/store/app-store.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc6a558b3f0d3b684040f6148ce0340ef6b186da1e170062afac756c9764bb09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 06:19:47 GMT
via: 1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2887837
etag: "b38c0456e9cc42e19273d8c66f39eff3"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 2624
x-amz-cf-id: Ji4NeVD2CN7KYzxS_s6k9runuGybZgpy2frb9DIpYjkBxPqt5TBCMw==

GET
H2 200 top-1-ranking.webp
vexpenses.com.br/images/seals/ 48 KB
49 KB 293ms
288ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/seals/top-1-ranking.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d23fd8e1e5f82d171452b4d49aa91f1503cb384fe2130a0fb8f370bdf219d199

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 06:19:47 GMT
via: 1.1 1f133079dc1c94415e666e3b032459fe.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 2887837
etag: "ab9574c9fff21ebe6ba80d497cbdff46"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 49352
x-amz-cf-id: C0WxMRLW3nyC3CjdDMr5iGZ79UmwVom35dpeJWWUWFa24XCT9CTYSA==

GET
H2 200 cubo.webp
vexpenses.com.br/images/seals/ 3 KB
3 KB 421ms
416ms Image
image/webp 13.32.110.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vexpenses.com.br/images/seals/cubo.webp
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-7.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f12ecf942fba35a2a4f1c1f56a1e8b73aec0df80862e3e9ee6e077e19c36ef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:57:36 GMT
via: 1.1 49f322be3af49b998559c8c7dffadf10.cloudfront.net (CloudFront), 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jan 2023 15:13:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P5, VIE50-C2
age: 91968
etag: "03a0b1e6e127966f0855efcee08f66a1"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=0, must-revalidate, s-maxage=2
accept-ranges: bytes
content-length: 2938
x-amz-cf-id: pJR-1CNNzVAf2RoZza0ELK4EnjTxtqPtV3dUUmHZ6fQzBKHHtJToVA==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 70ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vexpenses.com.br/
Origin: https://vexpenses.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 22:40:20 GMT
x-content-type-options: nosniff
age: 323403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 22:40:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 81ms
38ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c095079d4a8e339b58e50c7dd7e2c205604265ce6ed653d5af15110e774c2d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vexpenses.com.br/
Origin: https://vexpenses.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 09:32:19 GMT
x-content-type-options: nosniff
age: 543484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10992
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 09:32:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 65ms
23ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vexpenses.com.br/
Origin: https://vexpenses.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 08:25:08 GMT
x-content-type-options: nosniff
age: 115515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11040
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 08:25:08 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
895 B 158ms
60ms Script
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/_next/static/chunks/227-14a480c3aca346b3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f884d24f2368dde069effbcec982c1df894b24fbc2b35addef1a24cbbbb39728

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 575
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2023 16:30:24 GMT

GET
H/1.1 200
OK vexpensesCookie.js Show response
app.vexpenses.com/assets/js/ 8 KB
3 KB 556ms
114ms Script
application/javascript 52.73.27.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.vexpenses.com/assets/js/vexpensesCookie.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/_next/static/chunks/main-227d8a355acfa369.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.27.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-27-165.compute-1.amazonaws.com
Software: Apache /
Resource Hash: decb509babf355febb523bcb457f311a591467bd5ac007410a6469ef330111de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Wed, 08 Feb 2023 16:30:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 20:43:24 GMT
Server: Apache
ETag: "1f1f-5d0edfa080677-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2369

GET
H2 200 32718be9-3d67-4d65-8ccd-a1e4374ed640-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 4 KB
2 KB 333ms
253ms Script
application/javascript 52.222.250.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/32718be9-3d67-4d65-8ccd-a1e4374ed640-loader.js
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/_next/static/chunks/main-227d8a355acfa369.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-26.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f274e7d9e1c6fef33cac97e5dc98150ea2313de1e453e730d0ed8b7a8a1d3e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-version-id: AYTsr9dS6GBzwgzTEbXNaO8HsihtpeXT
last-modified: Wed, 14 Dec 2022 14:19:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: W/"23cc2b0c9573eec58ccb5fae82529c81"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: oJQIvrt2NQeRJOV4WpRdUMJi-cqei-Qd1wklkq1dHU3amlu6T-JdBA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 266 KB
86 KB 168ms
76ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M287ZMQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00577975ab18d570e386561f02a1464df28bcfaec267437740dd6bd9154476aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:30:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87910
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Feb 2023 16:30:24 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 406 KB
162 KB 130ms
37ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vexpenses.com.br/
Origin: https://vexpenses.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 13:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 13:38:22 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 82ms
23ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M287ZMQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=68851
accept-ranges: bytes
content-length: 4777

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 76ms
22ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M287ZMQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Feb 2023 14:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5734
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 08 Feb 2023 16:54:50 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 108ms
48ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M287ZMQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 08 Feb 2023 16:30:24 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AAA1CBA34A434EF49B028236B0686F0E Ref B: FRAEDGE1218 Ref C: 2023-02-08T16:30:24Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11563

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023072011/ 2 KB
1 KB 118ms
69ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023072011/?random=1675873824601&cv=11&fst=1675873824601&bg=ffffff&guid=ON&async=1&gtm=45He3260&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fvexpenses.com.br%2F&tiba=VExpenses%3A%20Gest%C3%A3o%20de%20despesas%20e%20cart%C3%B5es%20corporativos%20do%20jeito%20certo&auid=31202066.1675873825&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M287ZMQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8243e1ce5b01f66eb8ced17513f0bc3ad6417b8b96f2de1038cac40be1a9cd39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 16:30:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 897
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 70ms
22ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Feb 2023 16:30:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ZJgQ5BiI7/0eIGn9BqwQciye3baPF/Yh6PhwMr/XMuoGJRan4NQgZnW/Zwk0cYTCAcsgN8T9FgS2TccrcqihXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 4zq0byphgx Show response
www.clarity.ms/tag/ 1 KB
1 KB 185ms
111ms Script
application/x-javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/4zq0byphgx
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: da44b00bd7d6488aadbcc8efd3ff0c9807691a1dc68f636d55f0a5f3174458ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: application/x-javascript
date: Wed, 08 Feb 2023 16:30:24 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0IM7jYwAAAAB3QKVktNSiQIxH1y/A8J1aRlJBMzFFREdFMDMxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H/1.1 200
OK webtracking.js Show response
app.qualzz.com/assets/trackingScript/ 427 KB
31 KB 499ms
228ms Script
application/javascript 3.20.16.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualzz.com/assets/trackingScript/webtracking.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M287ZMQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.20.16.147 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-16-147.us-east-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 171d35c016d7df1eb9f27ffe168eb2b3687c317dedee31857880e0d4f3c54c10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Wed, 08 Feb 2023 16:30:24 GMT
Content-Encoding: gzip
last-modified: Thu, 07 Apr 2022 15:27:33 GMT
Server: nginx/1.16.1
etag: W/"5655418-31593-2022-04-07T15:27:33.000Z"
Content-Type: application/javascript
cache-control: max-age=3600
Connection: keep-alive
Content-Length: 31593

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 206ms
129ms Script
application/javascript 2.16.186.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE3MOQBC77U4LIST3RJ0&lib=ttq
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4f967aaed3dc04616b0c0bb0a0196f3fcbf7ba7d8d5a2a19ed5fbd472d2fdb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 596f44a.15697a5e
date: Wed, 08 Feb 2023 16:30:24 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-175.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 102,2.16.186.175
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=12, inner; dur=2
content-length: 1144
pragma: no-cache
server: nginx
x-tt-logid: 2023020816302456C8615CB1D6F8E09D1F
x-cache-remote: TCP_MISS from a23-59-250-21.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.59.250.21
x-tt-trace-host: 01b87769a7f79dff1aa5e504345fe20f9780e2728f69f5284d3982b7946bd249b87dbb32fb184d49dcf6c7160c3a0a7189f579a83252c4cddf99a6d0a84794e573beacea9beecb9825e6e2a5c858d600b945dc705195854beeddf750315a0d96ee78e0116ead0e34c1740208231dd5c2b4
expires: Wed, 08 Feb 2023 16:30:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
80 KB 68ms
66ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KC8FYJCH58&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M287ZMQ&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b7ef63ccbeb4f840efedcc417f9c604a40b4a834ff2ca6f0fcbeb591dcd89a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:30:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81662
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 08 Feb 2023 16:30:24 GMT

GET
H2 200 bundle.js Show response
d335luupugsy2.cloudfront.net/scout/ 45 KB
14 KB 234ms
234ms Script
application/javascript 52.222.250.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/scout/bundle.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/32718be9-3d67-4d65-8ccd-a1e4374ed640-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-26.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-version-id: xvE1oD7N95F7Ryla0IJ0XqZzWjVm9lt6
last-modified: Thu, 28 Jan 2021 17:27:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: W/"88819ce057f99124674a75d611e4f53a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-store
x-amz-cf-id: PnPfByd4QCKd5s4uylJT5sYDYikp_B-jwIxOZEY3ZbTA-hzR0gyKYg==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/525153/domain/vexpenses.com.br/ 36 B
378 B 82ms
27ms XHR
application/json 2600:9000:2204:e200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/525153/domain/vexpenses.com.br/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:e200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 12:04:38 GMT
content-encoding: gzip
via: 1.1 abc3ecd1d98ae9cd426d47386509de18.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 15946
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=23454
x-amz-cf-id: RZGXK73Ap9CFtF7TmWo0l76AYvjZeRMrPkh8RgNy_7Ptin1oO3IIOw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1675873824683&url=https%3A%2F%2Fvexpenses.com.br%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D525153%26time%3D1675873824683%26url%3Dhttps%253A%252F%252Fvexpenses.com.br%252F%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1675873824683&url=https%3A%2F%2Fvexpenses.com.br%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1675873824683&url=https%3A%2F%2Fvexpenses.com.br%2F&liSync=true&e_ipv6=AQLMCtwb3p3FgQAAAYYx3TEfSuh82t7N5oLYnCdZt81p-gAeqyYndmZWQCOlaH...

0
264 B

170ms
120ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1675873824683&url=https%3A%2F%2Fvexpenses.com.br%2F&liSync=true&e_ipv6=AQLMCtwb3p3FgQAAAYYx3TEfSuh82t7N5oLYnCdZt81p-gAeqyYndmZWQCOlaHOnrKbsoKD8RKpe
Requested by: Host: vexpenses.com.br
URL: https://vexpenses.com.br/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:30:24 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1A250B9B5706432DA43ED1A93D6B7D84 Ref B: FRAEDGE1405 Ref C: 2023-02-08T16:30:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0MsgKiW9BxTsNJnuCdQ==

Redirect headers

date: Wed, 08 Feb 2023 16:30:24 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A9A808BA946046F89451177F50950B42 Ref B: FRAEDGE1518 Ref C: 2023-02-08T16:30:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1675873824683&url=https%3A%2F%2Fvexpenses.com.br%2F&liSync=true&e_ipv6=AQLMCtwb3p3FgQAAAYYx3TEfSuh82t7N5oLYnCdZt81p-gAeqyYndmZWQCOlaHOnrKbsoKD8RKpe
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX0MsgHu6Tbn/mtbVLQLA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 28ms
28ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=123740714&t=pageview&_s=1&dl=https%3A%2F%2Fvexpenses.com.br%2F&ul=en-us&de=UTF-8&dt=VExpenses%3A%20Gest%C3%A3o%20de%20despesas%20e%20cart%C3%B5es%20corporativos%20do%20jeito%20certo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=921773257&gjid=1764854960&cid=1136627198.1675873825&tid=UA-73039654-1&_gid=1372392078.1675873825&_r=1&_slc=1&gtm=45He3260n81M287ZMQ&z=1877476118

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 16:30:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vexpenses.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 899472353483770 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 160ms
159ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/899472353483770?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31c01fbd11d81a9a2f9745f02c3113063239b76cf2ba4ef11857d4da29ad0b7c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 08 Feb 2023 16:30:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: JYcD7L8ApYojWZ94nQ7a2pj7zbQoKfhr+Tuj/HleOe166HsY+Bu00kx6rNXOGbT/QkZ0NxaBR5jTzWap5Jg9LA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 87ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KC8FYJCH58&gtm=45je3260&_p=123740714&_gaz=1&cid=1136627198.1675873825&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675873824&sct=1&seg=0&dl=https%3A%2F%2Fvexpenses.com.br%2F&dt=VExpenses%3A%20Gest%C3%A3o%20de%20despesas%20e%20cart%C3%B5es%20corporativos%20do%20jeito%20certo&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KC8FYJCH58&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 16:30:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vexpenses.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 89ms
30ms Ping
text/plain 2a00:1450:4025:401::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KC8FYJCH58&cid=1136627198.1675873825&gtm=45je3260&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KC8FYJCH58&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 16:30:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vexpenses.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 108ms
49ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KC8FYJCH58&cid=1136627198.1675873825&gtm=45je3260&aip=1&z=1646317911

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 16:30:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 95CB 43 KB
23 KB 70ms
69ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi&co=aHR0cHM6Ly92ZXhwZW5zZXMuY29tLmJyOjQ0Mw..&hl=de&type=image&v=gEr-ODersURoIfof1hiDm7R5&theme=light&size=invisible&badge=bottomright&cb=u57mw6o43dvm

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/_next/static/chunks/227-14a480c3aca346b3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0641daa994d0ea8f0a6af45037da147c87810f954851a013248effa9aff2c2bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-corhZOXfeI1fv0-hUV26qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vexpenses.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22887
content-security-policy: script-src 'report-sample' 'nonce-corhZOXfeI1fv0-hUV26qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 16:30:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame ED32 47 KB
26 KB 104ms
99ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/_next/static/chunks/227-14a480c3aca346b3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

69a770bfd8772669a5f62ef6317468bc977b378151d1a40979ac63b3de187f39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EIplvxP2V1XBTrtWF2p9RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vexpenses.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26158
content-security-policy: script-src 'report-sample' 'nonce-EIplvxP2V1XBTrtWF2p9RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 16:30:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 1EA6 43 KB
23 KB 79ms
78ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/_next/static/chunks/227-14a480c3aca346b3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

50e7ee4c043d310506161a6a44b391a13db1832c689d9f07f29fa4e60526f4b5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RlRlXFsbSXswQFWVRltdhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vexpenses.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22940
content-security-policy: script-src 'report-sample' 'nonce-RlRlXFsbSXswQFWVRltdhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 16:30:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 59ms
31ms XHR
text/plain 2a00:1450:4025:401::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-73039654-1&cid=1136627198.1675873825&jid=921773257&gjid=1764854960&_gid=1372392078.1675873825&_u=YEBAAEAAAAAAACAAI~&z=694089709

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Feb 2023 16:30:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vexpenses.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1023072011/ 42 B
314 B 109ms
109ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1023072011/?random=1675873824601&cv=11&fst=1675872000000&bg=ffffff&guid=ON&async=1&gtm=45He3260&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fvexpenses.com.br%2F&tiba=VExpenses%3A%20Gest%C3%A3o%20de%20despesas%20e%20cart%C3%B5es%20corporativos%20do%20jeito%20certo&fmt=3&is_vtc=1&random=2499334997&rmt_tld=0&ipr=y

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 16:30:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1023072011/ 42 B
455 B 45ms
36ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1023072011/?random=1675873824601&cv=11&fst=1675872000000&bg=ffffff&guid=ON&async=1&gtm=45He3260&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fvexpenses.com.br%2F&tiba=VExpenses%3A%20Gest%C3%A3o%20de%20despesas%20e%20cart%C3%B5es%20corporativos%20do%20jeito%20certo&fmt=3&is_vtc=1&random=2499334997&rmt_tld=1&ipr=y

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 16:30:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 25058104.js Show response
bat.bing.com/p/action/ 0
116 B 119ms
117ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25058104.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 08 Feb 2023 16:30:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B28019DA0717468583A5F8058D1EC158 Ref B: FRAEDGE1218 Ref C: 2023-02-08T16:30:24Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 45ms
44ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25058104&tm=gtm002&Ver=2&mid=fb649a01-c84f-490c-b511-00a2cf3ea376&sid=e3ac68c0a7cd11ed983b1709c4371f95&vid=e3ac8d40a7cd11ed952eff0cdd32929a&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=VExpenses%3A%20Gest%C3%A3o%20de%20despesas%20e%20cart%C3%B5es%20corporativos%20do%20jeito%20certo&p=https%3A%2F%2Fvexpenses.com.br%2F&r=&lt=1385&evt=pageLoad&sv=1&rn=16715

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 08 Feb 2023 16:30:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1FDB3E46BA6B44208B39BC4DD4FE5636 Ref B: FRAEDGE1218 Ref C: 2023-02-08T16:30:24Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-c/s/0.7.1/ 55 KB
19 KB 27ms
26ms Script
application/javascript 2620:1ec:4e:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-c/s/0.7.1/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/4zq0byphgx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:30:24 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0A8fjYwAAAABI9OmASdfVS4SuwmYpz+ysRlJBMjMxMDUwNDE4MDMxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d936557825629e"
x-azure-ref: 0IM7jYwAAAADIlgjzan36SpYQw9fClnbIRlJBMzFFREdFMDMxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 74ms
72ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-73039654-1&cid=1136627198.1675873825&jid=921773257&_u=YEBAAEAAAAAAACAAI~&z=1117052677

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 16:30:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 47ms
45ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-73039654-1&cid=1136627198.1675873825&jid=921773257&_u=YEBAAEAAAAAAACAAI~&z=1117052677

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 16:30:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 95CB 55 KB
24 KB 123ms
51ms Stylesheet
text/css 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi&co=aHR0cHM6Ly92ZXhwZW5zZXMuY29tLmJyOjQ0Mw..&hl=de&type=image&v=gEr-ODersURoIfof1hiDm7R5&theme=light&size=invisible&badge=bottomright&cb=u57mw6o43dvm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 18:01:31 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 95CB 406 KB
162 KB 163ms
92ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 13:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 13:38:22 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 1EA6 55 KB
24 KB 64ms
35ms Stylesheet
text/css 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 18:01:31 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 1EA6 406 KB
162 KB 122ms
92ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 13:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 13:38:22 GMT

GET
H2 200 main.MWNiNWY1N2YyNQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 278 KB
72 KB 25ms
24ms Script
application/javascript 2.16.186.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE3MOQBC77U4LIST3RJ0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6cbc0e665ba23c67394e2ab842b39c231e8cc28e474184a14922eae1bcd90661

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 15697b54
date: Wed, 08 Feb 2023 16:30:24 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230207211044E02F4EEF6D7E639D17D4
vary: Accept-Encoding
x-cache: TCP_HIT from a2-16-186-175.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01efb3db22dda05faa86c4751332b46157b70d585c8f6f2948619fe8bc6f814945d5f2aedced7af62ffd04e9042b06135458a692c51ae35c42b5bfb9dce648e5b23f7c0500dc0b92725a5bcd27eee4549858a3b29bfd8158eaa6296103e900a5ba
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 73501

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame ED32 55 KB
24 KB 84ms
65ms Stylesheet
text/css 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 18:01:31 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame ED32 406 KB
162 KB 121ms
103ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 13:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 13:38:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 69ms
22ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=899472353483770&ev=PageView&dl=https%3A%2F%2Fvexpenses.com.br%2F&rl=&if=false&ts=1675873824946&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.2.1675873824944.470223173&it=1675873824710&coo=false&rqm=GET

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 08 Feb 2023 16:30:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect Show response
h.clarity.ms/ 0
166 B 593ms
323ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: https://vexpenses.com.br
date: Wed, 08 Feb 2023 16:30:25 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 identify_5f1fb.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 30ms
29ms Script
application/javascript 2.16.186.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_5f1fb.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-akamai-request-id: 15697bcd
date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230207210835ED587EA76F2DDA2C46A4
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-186-175.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01956abcaf44d08aca0da36e4ec326ae40c7165054cdb8b36ea3f94247421419d5796929c3ef2973cccba740028433c3cb82f9fe2c74ee9279efa2045efff2f074e07bb11ef543186a3ce0ca557ccd1c72cbf9c16dacb7e7d6b492f88c466f19d8
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30754

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
688 B 142ms
140ms Ping
text/plain 2.16.186.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7b7f1c5.15697c02
date: Wed, 08 Feb 2023 16:30:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-175.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 94,2.16.186.175
server-timing: cdn-cache; desc=MISS, edge; dur=112, origin; dur=8, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230208163025551DDB3B03D6F2073963
x-cache-remote: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.19
x-tt-trace-host: 01b87769a7f79dff1aa5e504345fe20f9780e2728f69f5284d3982b7946bd249b824ff30cf7ca875212c945ace4218afea9289ec60a6dd8aea0701ee36c22aabcb20f35653a08fbb46ffa3fbe386858288d3b9bee84c01a808621f761a9b4faf923c636e7c1edf6bee2ce8f5dc9e796b16
expires: Wed, 08 Feb 2023 16:30:25 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
690 B 128ms
126ms Ping
text/plain 2.16.186.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 8266319.15697c05
date: Wed, 08 Feb 2023 16:30:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-175.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 97,2.16.186.175
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=9, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230208163025744D5C6090DCDCCE179E
x-cache-remote: TCP_MISS from a23-220-104-11.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.220.104.11
x-tt-trace-host: 01b87769a7f79dff1aa5e504345fe20f9780e2728f69f5284d3982b7946bd249b82b72a5240a12198794507b80c73ebf56554b2ba2e438ca4a8f69b56d240c47690583b3abc8a6b23efe3d149dbf2863a5d283faad8727bd331b8272de4b21710f5f9e2ebab172d66dc2ffa1ddcd565fcd
expires: Wed, 08 Feb 2023 16:30:25 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
691 B 220ms
219ms Ping
text/plain 2.16.186.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 429024f.15697c06
date: Wed, 08 Feb 2023 16:30:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-175.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 179,2.16.186.175
server-timing: cdn-cache; desc=MISS, edge; dur=149, origin; dur=38, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023020816302599815922843447E2D9A0
x-cache-remote: TCP_MISS from a23-59-250-54.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 38,23.59.250.54
x-tt-trace-host: 01b87769a7f79dff1aa5e504345fe20f9780e2728f69f5284d3982b7946bd249b80c88652870421c4e8b0e4061961f5e5450f30f8594e0d6cf5fd22897b8cffad735242e70b615379b7f380ea22601720dbfa1f8445308a1e72bff6bb31a02bb3c5aad55538b1f1594fc9793f0c00c1644
expires: Wed, 08 Feb 2023 16:30:25 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
690 B 179ms
179ms Ping
text/plain 2.16.186.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4ab06538.15697c2b
date: Wed, 08 Feb 2023 16:30:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-175.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 98,2.16.186.175
server-timing: cdn-cache; desc=MISS, edge; dur=130, origin; dur=8, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202302081630258C0737A196D8EC120C49
x-cache-remote: TCP_MISS from a23-220-104-24.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.24
x-tt-trace-host: 01b87769a7f79dff1aa5e504345fe20f9780e2728f69f5284d3982b7946bd249b8f40508f3d780060e92421d3c49a9340c181c3ce03a8f3f60077a1721efa8d0d4542e60143b11d91e082d9d7cb265f631858e697de769be62c4b2209824d5e0f0fec7fa98250668b47a63178cabda9fdc
expires: Wed, 08 Feb 2023 16:30:25 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
690 B 203ms
203ms Ping
text/plain 2.16.186.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 112722f.15697c30
date: Wed, 08 Feb 2023 16:30:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-175.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 159,2.16.186.175
server-timing: cdn-cache; desc=MISS, edge; dur=113, origin; dur=50, inner; dur=14
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023020816302530760DF5DC98E8D46BD2
x-cache-remote: TCP_MISS from a23-59-250-68.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 50,23.59.250.68
x-tt-trace-host: 01b87769a7f79dff1aa5e504345fe20f9780e2728f69f5284d3982b7946bd249b861da771821939c48dc2268ae55cfdecc6c209f2b2abc279612a7ba634a839c338dd057cb8bd85f7ca4aad862f7d8f424901ddd0acc7ee8ce46f08510d3cc6e5d33f9ac27066970a527c5afd399d55395
expires: Wed, 08 Feb 2023 16:30:25 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
695 B 320ms
319ms Ping
text/plain 2.16.186.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 189d7f36.15697c31
date: Wed, 08 Feb 2023 16:30:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-175.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 269,2.16.186.175
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=184, inner; dur=156
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202302081630254801C9EEFAA9527F2C85
x-cache-remote: TCP_MISS from a23-59-250-86.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 184,23.59.250.86
x-tt-trace-host: 01b87769a7f79dff1aa5e504345fe20f9780e2728f69f5284d3982b7946bd249b828b34a7de4b35f9ec89e089fed94f24f2cb7a0fafb2415fa608d6a5bb614393c14b47d01eba6b9999313991a6d1ece4fc59ddf485c823a561e0e1660b688d28b06b1b93e02b91e1cc1602d2bd2926221
expires: Wed, 08 Feb 2023 16:30:25 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
689 B 155ms
155ms Ping
text/plain 2.16.186.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7b7f008.15697c32
date: Wed, 08 Feb 2023 16:30:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-175.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 96,2.16.186.175
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=8, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202302081630254D43D6C15D5814F367F3
x-cache-remote: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.104.19
x-tt-trace-host: 01b87769a7f79dff1aa5e504345fe20f9780e2728f69f5284d3982b7946bd249b824ff30cf7ca875212c945ace4218afea80401ef53fa8cdfcd78a8f08d088501f8a060dd97ff56d157db263c48f63742184e7c769765e900d9d54a779c49f71789ac0b156f47c6fd6c70aaa49b3845d3f
expires: Wed, 08 Feb 2023 16:30:25 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
693 B 171ms
171ms Ping
text/plain 2.16.186.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7b7effd.15697c33
date: Wed, 08 Feb 2023 16:30:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-175.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 110,2.16.186.175
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=22, inner; dur=19
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230208163025F9ABC62C37325C6B2310
x-cache-remote: TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.220.104.19
x-tt-trace-host: 01b87769a7f79dff1aa5e504345fe20f9780e2728f69f5284d3982b7946bd249b824ff30cf7ca875212c945ace4218afea944900ef8bddfaab41542fe91f4f83675b36c631cfc7388268506bf48dd025ede9a5d7fd9c7e4944ec1150973657483abd59ff8b2272bfbf4bdced1af4df9f38
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H2 200 lead-tracking.min.js Show response
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 2 KB
2 KB 21ms
20ms Script
application/javascript 52.222.250.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/32718be9-3d67-4d65-8ccd-a1e4374ed640-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-26.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
date: Wed, 08 Feb 2023 02:14:49 GMT
last-modified: Mon, 17 Aug 2020 12:56:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 51349
etag: W/"361325c86c17ebc03ff0f4d88d267a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: h1Dr3h_Z7dzxM7wEDlDfNbXpFzAdGk-znYEzYjk7VzI1-iZ_uyH8eA==

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 22ms
21ms Script
application/javascript 52.222.250.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/32718be9-3d67-4d65-8ccd-a1e4374ed640-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-26.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: QfrmjXJN9imPm0CvR.Kk8uxg0RnubrVf
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
date: Tue, 07 Feb 2023 16:44:31 GMT
last-modified: Mon, 09 Jan 2023 17:04:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 85554
etag: W/"dae3ed517b23abad11d0bd6b79f24080"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: IlA1R6CSBcgViBccA9KIyNdLB2DaanakGC24z0b2MsWL0PwjBEfYJQ==

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
689 B 141ms
141ms Ping
text/plain 2.16.186.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNiNWY1N2YyNQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.179 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4ab062b2.15697c65
date: Wed, 08 Feb 2023 16:30:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-175.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
x-parent-response-time: 95,2.16.186.175
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=9, inner; dur=6
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230208163025F1A655D2197C1D1EFEDB
x-cache-remote: TCP_MISS from a23-220-104-24.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.220.104.24
x-tt-trace-host: 01b87769a7f79dff1aa5e504345fe20f9780e2728f69f5284d3982b7946bd249b8f40508f3d780060e92421d3c49a9340c6a5516b9eb8d0164a9555b48132e990f62c6ddbc8a39b9382b1ceb3f79ba3cadfb7c3336a4e957e2b0b04cc39c14b81297d8727cc56a414b394296394736e781
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H/1.1 200
OK visitor.js Show response
app.qualzz.com/assets/trackingScript/ 13 KB
4 KB 116ms
115ms Script
application/javascript 3.20.16.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualzz.com/assets/trackingScript/visitor.js
Requested by: Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.20.16.147 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-16-147.us-east-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 7115859e0f8d8aaae76c7e279ec5d4c3f0f7b357813f4a906b9c77902cdb9203

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Wed, 08 Feb 2023 16:30:25 GMT
Content-Encoding: gzip
last-modified: Thu, 07 Apr 2022 15:27:33 GMT
Server: nginx/1.16.1
etag: W/"5655415-3602-2022-04-07T15:27:33.000Z"
Content-Type: application/javascript
cache-control: max-age=3600
Connection: keep-alive
Content-Length: 3602

GET
H/1.1 200
OK tracking.js Show response
app.qualzz.com/notifications/assets/js/ 56 KB
57 KB 233ms
116ms Script
application/javascript 3.20.16.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualzz.com/notifications/assets/js/tracking.js
Requested by: Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.20.16.147 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-16-147.us-east-2.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: a772454fa7a9857bdf8557cdff0bc1f3e4bcf2cac673c19c13ca632c5987be82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Wed, 08 Feb 2023 16:30:25 GMT
Server: nginx/1.16.1
X-Powered-By: Express
ETag: W/"e158-MJZeYMei5MDGch8QeXEK7ct6qs8"
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57688

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
85 KB 90ms
21ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 13:40:12 GMT
x-content-type-options: nosniff
age: 442213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86659
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 13:40:12 GMT

GET
H2 200 font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 37 KB
6 KB 83ms
30ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4746939
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5884
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-9226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3UBbavN3swT63mUxtpMmiRySWUCytj0WlPyZX7nlvi%2FNkI0GsDldqZxUOq%2FeDkh0bTwGhjFhUyuXF4W22ZX2%2Fe166O6KQ2FGyitiRvhCU3AQSYydetxjILlpU7Am5vGw3l8FmAutc4wXYt0N%2FHS8kpL"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7965bfef8d67696a-FRA
expires: Mon, 29 Jan 2024 16:30:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 1000 B
820 B 154ms
58ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bangers

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2be948ebf3d16847cc53895a83ab40f63f50cbffcc751496a8df9c26469c17d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 15:58:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 356 B
362 B 158ms
61ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arvo

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b3974d529dfe79cc7959c1d293d84fe4d633f1415d60c9c9ff15cbb996fc464b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 16:17:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 722 B
446 B 157ms
61ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Abril+Fatface

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff0b683f20f821e1329f3dedccffeae3a259c9b41701e73a8073a3134bccdccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 14:53:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 372 B
373 B 187ms
91ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Tangerine

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f1fc6dcd4272a077a30a910cc467c9a53415f9cbbf37325c8195cd6c3991292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 14:49:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
601 B 186ms
91ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Old+Standard+TT

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9953dbaae92d56aa29aad8b7fe81cc45ffff89aee955eb696c62095289927b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 16:23:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 399 B
397 B 157ms
62ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Slab

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9ab93061dc9100d5ded94be7081c3c0d6a8e8ce99f480071b6e98ec247f0ca83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 14:51:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
595 B 158ms
62ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b429ca1187dfb9f541ba7546b40038ac56244ca228cb46b6b284284a2829282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 16:20:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
694 B 157ms
62ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 16:04:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 704 B
441 B 181ms
86ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sacramento

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef16b7930dd52280d86275f84f024df9ed02adbda5745a93bbb680850243a215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 16:25:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
703 B 159ms
65ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 16:03:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 697 B
416 B 184ms
90ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Courgette

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d73b14e2547445155e2ae071321775554c28abebca36d9b5283819b2999352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 16:30:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 729 B
452 B 153ms
59ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Butterfly+Kids

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5387ee7b908c1d423aadd0dd0e099c73c690dfe8c8d1af11d4965c7d75f5987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 16:30:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H2 200 css
fonts.googleapis.com/ 371 B
350 B 180ms
86ms Stylesheet
text/css 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Rock+Salt

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/webtracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0df525c856d17372ad8bb120b0fa70cc25105f546928e9b1c251f71e433fcee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Feb 2023 16:30:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 95CB 102 B
133 B 56ms
56ms Other
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gEr-ODersURoIfof1hiDm7R5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi&co=aHR0cHM6Ly92ZXhwZW5zZXMuY29tLmJyOjQ0Mw..&hl=de&type=image&v=gEr-ODersURoIfof1hiDm7R5&theme=light&size=invisible&badge=bottomright&cb=u57mw6o43dvm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame ED32 102 B
133 B 56ms
55ms Other
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gEr-ODersURoIfof1hiDm7R5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi&co=aHR0cHM6Ly92ZXhwZW5zZXMuY29tLmJyOjQ0Mw..&hl=de&type=image&v=gEr-ODersURoIfof1hiDm7R5&theme=light&size=invisible&badge=bottomright&cb=h4523kadlj4e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 1EA6 102 B
133 B 55ms
55ms Other
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gEr-ODersURoIfof1hiDm7R5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi&co=aHR0cHM6Ly92ZXhwZW5zZXMuY29tLmJyOjQ0Mw..&hl=de&type=image&v=gEr-ODersURoIfof1hiDm7R5&theme=light&size=invisible&badge=bottomright&cb=r9wq2d278y7t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2023 16:30:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 22ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vexpenses.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 226879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 01:29:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vexpenses.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 05:09:29 GMT
x-content-type-options: nosniff
age: 472856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 05:09:29 GMT

GET
H/1.1 200 getAllByWebsite Show response
app.qualzz.com/api/user/campaign/ 50 KB
51 KB 320ms
313ms XHR
application/json 3.20.16.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualzz.com/api/user/campaign/getAllByWebsite?websiteId=b43eb71a-a470-4049-bf17-e7b27c50ac61&websiteURL=
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.20.16.147 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-16-147.us-east-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 7419b1161b6a38040ab80506af9a1a6864c1399c54e7444eaedc06928904a9af

Request headers

Accept: */*
Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 08 Feb 2023 16:30:25 GMT
Server: nginx/1.16.1
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://vexpenses.com.br
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H3

200

loader.js Show response
www.gstatic.com/charts/
Redirect Chain

https://www.google.com/jsapi?callback=gloader_loaded
https://www.gstatic.com/charts/loader.js?callback=gloader_loaded

65 KB
19 KB

37ms
36ms

Script
text/javascript

2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js?callback=gloader_loaded

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/

Protocol

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:11:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19937
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gviz"
vary: Accept-Encoding, Origin
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Wed, 08 Feb 2023 17:11:28 GMT

Redirect headers

date: Wed, 08 Feb 2023 16:06:13 GMT
x-content-type-options: nosniff
server: sffe
age: 1452
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js?callback=gloader_loaded
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 261
x-xss-protection: 0
expires: Wed, 08 Feb 2023 16:36:13 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 49AD 7 KB
1 KB 65ms
61ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7879cfe21a3ff2e4364ec808c1ecd97d9980b0658d331bccae58f25e6e38951c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nRz7s3l40ed86bxBDpOXhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vexpenses.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1111
content-security-policy: script-src 'report-sample' 'nonce-nRz7s3l40ed86bxBDpOXhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 16:30:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 1259 7 KB
1 KB 66ms
63ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c6cd32aa7fc1b757622baec955bf7ed5807840557060d236d87edad3210d57c4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ivemQMeD6lXElaCV4wDVwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vexpenses.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1112
content-security-policy: script-src 'report-sample' 'nonce-ivemQMeD6lXElaCV4wDVwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 16:30:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 200 getAllByWebsite
app.qualzz.com/api/user/campaign/ Frame 0
0 340ms
113ms Preflight 3.20.16.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualzz.com/api/user/campaign/getAllByWebsite?websiteId=b43eb71a-a470-4049-bf17-e7b27c50ac61&websiteURL=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.20.16.147 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-16-147.us-east-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://vexpenses.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,PUT,null,DELETE,POST
Access-Control-Allow-Origin: https://vexpenses.com.br
Connection: keep-alive
Content-Length: 0
Date: Wed, 08 Feb 2023 16:30:25 GMT
Server: nginx/1.16.1
Vary: Origin

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 814A 0
50 B 20ms
20ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://vexpenses.com.br
Referer: https://vexpenses.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://vexpenses.com.br
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 16:30:25 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
33 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: app.qualzz.com
URL: https://app.qualzz.com/notifications/assets/js/tracking.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 14:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 14:03:56 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
23ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=123740714&t=event&ni=1&_s=2&dl=https%3A%2F%2Fvexpenses.com.br%2F&ul=en-us&de=UTF-8&dt=VExpenses%3A%20Gest%C3%A3o%20de%20despesas%20e%20cart%C3%B5es%20corporativos%20do%20jeito%20certo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1i218ay&_u=aHBAAEABAAAAACAAI~&jid=&gjid=&cid=1136627198.1675873825&tid=UA-73039654-1&_gid=1372392078.1675873825&gtm=45He3260n81M287ZMQ&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F4zq0byphgx%2Fuid1n1%2F1i218ay&z=1360062538

Requested by

Host: vexpenses.com.br
URL: https://vexpenses.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 11:06:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19460
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 85EF 7 KB
1 KB 68ms
67ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1d0f07f40291e16ba11563275f4210908a95c868595588be24186664efb4b3aa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7VR153tbHiI2V4VX907ZhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vexpenses.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1113
content-security-policy: script-src 'report-sample' 'nonce-7VR153tbHiI2V4VX907ZhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 16:30:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 49AD 55 KB
24 KB 36ms
36ms Stylesheet
text/css 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 18:01:31 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 49AD 406 KB
162 KB 39ms
38ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 13:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 13:38:22 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 1259 55 KB
24 KB 40ms
40ms Stylesheet
text/css 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 18:01:31 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 1259 406 KB
162 KB 42ms
42ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 13:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 13:38:22 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 85EF 55 KB
24 KB 35ms
35ms Stylesheet
text/css 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 18:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 18:01:31 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 85EF 406 KB
162 KB 36ms
36ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 13:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Feb 2024 13:38:22 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 1259 39 KB
24 KB 108ms
108ms XHR
application/json 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc28bd7b09639122bc038eb8a2e59e521912e575a014b4d18076c50c5a9b87ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 08 Feb 2023 16:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24416
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2023 16:30:26 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 49AD 39 KB
24 KB 108ms
108ms XHR
application/json 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

192b50b1a4264ce9e094ac83a01df8bca69bccf54c0d151ffad5bae4be29cc6f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 08 Feb 2023 16:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24377
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2023 16:30:26 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=5B8C4417EC03436B9F62B9CFA5D45547&RedC=c.clarity.ms&MXFR=0CE9B5F3702A6D072DA2A741742A63EA
https://c.clarity.ms/c.gif?CtsSyncId=5B8C4417EC03436B9F62B9CFA5D45547&MUID=2691DA3322AF662B3066C881237D67E0

42 B
368 B

41ms
41ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=5B8C4417EC03436B9F62B9CFA5D45547&MUID=2691DA3322AF662B3066C881237D67E0
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 16:30:26 GMT
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
server: Microsoft-IIS/10.0
etag: "b1c8df6cb32ad91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 08 Feb 2023 16:30:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0AA2EBBAA08D4F069300CCEAE0BF98B0 Ref B: FRAEDGE1218 Ref C: 2023-02-08T16:30:26Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=5B8C4417EC03436B9F62B9CFA5D45547&MUID=2691DA3322AF662B3066C881237D67E0
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 200 send Show response
pageview-notify.rdstation.com.br/ 36 B
619 B 572ms
134ms XHR
text/html 35.223.116.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pageview-notify.rdstation.com.br/send

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.116.223.35.bc.googleusercontent.com

Software

Resource Hash

a71982cd6d96693f7a5ed23f8cb03a0c3552f1e34530e7c7847740523708b547

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 08 Feb 2023 16:30:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: https://vexpenses.com.br
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length: 36
x-xss-protection: 1; mode=block

GET
H/1.1 400
Bad Request site Show response
app.qualzz.com/notifications/api/optins/ 64 B
586 B 307ms
117ms XHR
application/json 3.20.16.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualzz.com/notifications/api/optins/site?site=https://vexpenses.com.br

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.20.16.147 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-16-147.us-east-2.compute.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

f1eae4ef63974ac3c7cd22af0bc083b9dc96ac5c0a52cda02fdfc4998f3f233c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Wed, 08 Feb 2023 16:30:26 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Server: nginx/1.16.1
ETag: W/"40-k2j7yKIEDafS8iZ10hC1+sFDTgI"
X-Download-Options: noopen
Vary: Origin, Accept-Encoding
X-DNS-Prefetch-Control: off
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://vexpenses.com.br
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Content-Length: 64
X-XSS-Protection: 1; mode=block

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 85EF 40 KB
24 KB 112ms
109ms XHR
application/json 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1dca4670e488c324a5493136b2040ea9e3410626d76c1d70ec2265030969d965

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 08 Feb 2023 16:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24524
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2023 16:30:26 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1259 600 B
624 B 36ms
36ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:58:49 GMT
x-content-type-options: nosniff
age: 174697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 13 Feb 2023 15:58:49 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1259 530 B
554 B 37ms
36ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:21:00 GMT
x-content-type-options: nosniff
age: 90566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 14 Feb 2023 15:21:00 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1259 665 B
689 B 37ms
36ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:30:27 GMT
x-content-type-options: nosniff
age: 165599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 13 Feb 2023 18:30:27 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1259 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 09:35:04 GMT
x-content-type-options: nosniff
age: 24922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 09:35:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1259 15 KB
15 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 07:57:55 GMT
x-content-type-options: nosniff
age: 289951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 07:57:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1259 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 597702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:28:44 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 1259 23 KB
24 KB 63ms
62ms Image
image/jpeg 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFY_a8Xeb8UsK9ardFTuRMNRiYYxn8NG7PtvrQglnWUAq0MDww98pwLONiQw-e_1HsM0OjmHXjmzJIPpajJW1173sMFQ1OJMeuZ8Wq4dw35AAWfX_neTflLPSDzuUXhpFSwxnGKciWQjrmQ5n5j_9kkq6IjGzFCH0kcmaSL4Ye7nTPiisIKsyBiEStPEJ4T_u7-fjv-NhoQ7zwm2pCzug059d5-ba8JKng&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9b5cc95d479e9d7e168c67218547dd18695e9a69e5bff1529184324aaf3324c3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:30:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24059
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2023 16:30:26 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 49AD 600 B
624 B 36ms
35ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:58:49 GMT
x-content-type-options: nosniff
age: 174697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 13 Feb 2023 15:58:49 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 49AD 530 B
554 B 38ms
37ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:21:00 GMT
x-content-type-options: nosniff
age: 90566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 14 Feb 2023 15:21:00 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 49AD 665 B
689 B 39ms
37ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:30:27 GMT
x-content-type-options: nosniff
age: 165599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 13 Feb 2023 18:30:27 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 49AD 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 09:35:04 GMT
x-content-type-options: nosniff
age: 24922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 09:35:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 49AD 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 07:57:55 GMT
x-content-type-options: nosniff
age: 289951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 07:57:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 49AD 15 KB
15 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 597702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:28:44 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 49AD 26 KB
26 KB 58ms
58ms Image
image/jpeg 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFY_a8UOo91JGr1dkm5ggpLEAGacVGn0f7s5dj-y3xiYYuCMQZJ7_XAcCBsYGU41gq54PiFTowibyF9-17XGZPPQy7nDmJDJ8Yrkzquz-n3YLOKN9uttNTzV_euS7VP5dTymf6dVUD7L0vidq8hkCe7s8Lgc9gkubWEhio2_uGdJCm734yIsmquf-CeChi_itqVsDaVjGYbs8eoUvxtY431AKm-a32xlxQ&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

db9b49ceeacf996e0f328d5bd1e7e36e7b6e618201cb3695779f594206517ab0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:30:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26844
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2023 16:30:26 GMT

POST
H2 204 collect Show response
h.clarity.ms/ 0
25 B 109ms
109ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: https://vexpenses.com.br
date: Wed, 08 Feb 2023 16:30:25 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 202 KB
56 KB 23ms
22ms Script
application/javascript 52.222.250.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/32718be9-3d67-4d65-8ccd-a1e4374ed640-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-26.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 725f72689e5ba9a97c76911f47fbeca274c6cc17ddc2f678403a2f90a82a5bd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 20:13:54 GMT
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-version-id: 7etOM.fCC2JKRFPQt1xxYszCXx_NZcFD
last-modified: Tue, 07 Feb 2023 20:13:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 72992
etag: "2e10386ead766151bf27f5efb3d7c593"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 56650
x-amz-cf-id: vEddfzhKRMWlRMP2tAP5f7pWDWqumqAm62hTzZ0urBfOK90CKG6skQ==

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 85EF 600 B
624 B 35ms
34ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 15:58:49 GMT
x-content-type-options: nosniff
age: 174697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 13 Feb 2023 15:58:49 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 85EF 530 B
554 B 36ms
35ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 15:21:00 GMT
x-content-type-options: nosniff
age: 90566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 14 Feb 2023 15:21:00 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 85EF 665 B
689 B 36ms
35ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 18:30:27 GMT
x-content-type-options: nosniff
age: 165599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 13 Feb 2023 18:30:27 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 85EF 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 09:35:04 GMT
x-content-type-options: nosniff
age: 24922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Feb 2024 09:35:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 85EF 15 KB
15 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 07:57:55 GMT
x-content-type-options: nosniff
age: 289951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 07:57:55 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 85EF 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 18:28:44 GMT
x-content-type-options: nosniff
age: 597702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Feb 2024 18:28:44 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 85EF 22 KB
22 KB 60ms
59ms Image
image/jpeg 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFY_a8U1QhQ-VFOy8c3PYcCnOCEkZPQ0dNR4aBqxqwe8IUJNshoe9GCOnpWg3hjtXi4vw2JjfDMlHpxeR086kaO888B8naFcNQ5jtnF0KokZVVGHN2UOef7VkYG7rBXcDVR-HNCXEqQBV_acU6ed-ThkOl3WcS_bKmLEhsIyWJDVZM_SM2APuW53PECrbIpsQXCNOy3_B4nX-ob34xyqS4UBFNf3vi31fQ&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4bab7100a59ad1ec9a15ae25e1a93bfdec0bcd9e951eab36230fdb99c7a7d8e8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gEr-ODersURoIfof1hiDm7R5&k=6LezMiMUAAAAAECt4RetWD23zCfkBXA3iT1yD9Wi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:30:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22742
x-xss-protection: 1; mode=block
expires: Wed, 08 Feb 2023 16:30:26 GMT

GET
H2 200 show.json Show response
popups.rdstation.com.br/popup/ 13 B
248 B 506ms
157ms XHR
application/json 34.68.90.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://popups.rdstation.com.br/popup/show.json?account_id=11920&uniq=_u6cy5eq4j&ref=aHR0cHM6Ly92ZXhwZW5zZXMuY29tLmJyLw%3D%3D

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

188.90.68.34.bc.googleusercontent.com

Software

Resource Hash

96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=7776000
date: Wed, 08 Feb 2023 16:30:26 GMT
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
content-length: 13

GET
H2 429 /
ipinfo.io/ 0
0 196ms
140ms Script
application/json 34.117.59.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ipinfo.io/?callback=jQuery17208413323919678755_1675873825890&_=1675873826229
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 81.59.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET organic.json
app.qualzz.com/assets/trackingScript/ 0
0

GET social.json
app.qualzz.com/assets/trackingScript/ 0
0

GET
H2 429 /
ipinfo.io/ 0
0 190ms
135ms Script
application/json 34.117.59.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ipinfo.io/?callback=jQuery17208413323919678755_1675873825891&_=1675873826230
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 81.59.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET organic.json
app.qualzz.com/assets/trackingScript/ 0
0

GET social.json
app.qualzz.com/assets/trackingScript/ 0
0

GET
H2 429 /
ipinfo.io/ 0
0 188ms
134ms Script
application/json 34.117.59.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ipinfo.io/?callback=jQuery17208413323919678755_1675873825892&_=1675873826231
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 81.59.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET organic.json
app.qualzz.com/assets/trackingScript/ 0
0

GET social.json
app.qualzz.com/assets/trackingScript/ 0
0

GET
H2 429 /
ipinfo.io/ 0
0 192ms
139ms Script
application/json 34.117.59.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ipinfo.io/?callback=jQuery17208413323919678755_1675873825893&_=1675873826231
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 81.59.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET organic.json
app.qualzz.com/assets/trackingScript/ 0
0

GET social.json
app.qualzz.com/assets/trackingScript/ 0
0

GET
H2 429 /
ipinfo.io/ 0
0 189ms
136ms Script
application/json 34.117.59.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ipinfo.io/?callback=jQuery17208413323919678755_1675873825894&_=1675873826232
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 81.59.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET organic.json
app.qualzz.com/assets/trackingScript/ 0
0

GET social.json
app.qualzz.com/assets/trackingScript/ 0
0

GET
H2 429 /
ipinfo.io/ 0
0 190ms
138ms Script
application/json 34.117.59.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ipinfo.io/?callback=jQuery17208413323919678755_1675873825895&_=1675873826233
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 81.59.117.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vexpenses.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

POST
H2 204 collect Show response
h.clarity.ms/ 0
48 B 107ms
106ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://vexpenses.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin: https://vexpenses.com.br
date: Wed, 08 Feb 2023 16:30:27 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/organic.json

Domain: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/social.json

Domain: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/organic.json

Domain: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/social.json

Domain: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/organic.json

Domain: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/social.json

Domain: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/organic.json

Domain: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/social.json

Domain: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/organic.json

Domain: app.qualzz.com
URL: https://app.qualzz.com/assets/trackingScript/social.json

Verdicts & Comments Add Verdict or Comment

180 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 13:50:25	Name: _GRECAPTCHA Value: 09AO3N79e6uKKKnggY0Wwz2_4nsNZ63mLxHWYpdIOzQL3kQitxMJ4E-lh-HdNFV8tFZRDHdGcc6YfSFwHsWSvbdOM
.vexpenses.com.br/	1970-01-20 11:40:49	Name: _gcl_au Value: 1.1.31202066.1675873825
.vexpenses.com.br/	1970-01-20 09:32:40	Name: _gid Value: GA1.3.1372392078.1675873825
.vexpenses.com.br/	1970-01-20 09:31:13	Name: _gat_UA-73039654-1 Value: 1
.doubleclick.net/	1970-01-20 09:31:14	Name: test_cookie Value: CheckForPermission
.vexpenses.com.br/	1970-01-20 19:07:13	Name: _ga_KC8FYJCH58 Value: GS1.1.1675873824.1.0.1675873824.60.0.0
.vexpenses.com.br/	1970-01-20 19:07:13	Name: _ga Value: GA1.1.1136627198.1675873825
www.clarity.ms/	1970-01-20 18:16:49	Name: CLID Value: 22aaa02435fe4ba8ad33807e86d22040.20230208.20240208
vexpenses.com.br/	1970-01-20 09:32:40	Name: ln_or Value: eyI1MjUxNTMiOiJkIn0%3D
.vexpenses.com.br/	1970-01-20 09:32:40	Name: _uetsid Value: e3ac68c0a7cd11ed983b1709c4371f95
.vexpenses.com.br/	1970-01-20 18:52:49	Name: _uetvid Value: e3ac8d40a7cd11ed952eff0cdd32929a
.linkedin.com/	1970-01-20 10:14:25	Name: UserMatchHistory Value: AQIlZjp-whF8mAAAAYYx3TAaoJ5YfDjpTaVDVu2cnzNMKqLVymhoBPsNgZ7szPMN3i26HYKgY-rneA
.linkedin.com/	1970-01-20 10:14:25	Name: AnalyticsSyncHistory Value: AQKundAcol3A2wAAAYYx3TAa_7qxIhxdUpQFE-qDeTViyIZt-WmlAAYDdtZZgZiLVbSRsRG7HXsrRwx4NqOaSA
.linkedin.com/	1970-01-20 18:16:49	Name: bcookie Value: "v=2&6c03b657-9a40-4b18-8597-895caf8040aa"
.linkedin.com/	1970-01-20 09:32:40	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2543:u=1:x=1:i=1675873824:t=1675960224:v=2:sig=AQEflSaMGdtvSTktrBuhMxAKO_CVDzEh"
.tiktok.com/	1970-01-20 18:52:49	Name: _ttp Value: 2LSoQ2Ca5psH0ql4DkTRTSMkhoB
.bing.com/	1970-01-20 18:52:49	Name: MUID Value: 2691DA3322AF662B3066C881237D67E0
.vexpenses.com.br/	1970-01-20 18:16:49	Name: _clck Value: uid1n1\|1\|f8y\|0
.vexpenses.com.br/	1970-01-20 18:16:49	Name: VExpensesCookie Value: eyJmaXJzdFNlc3Npb24iOlt7Imhvc3RuYW1lIjoidmV4cGVuc2VzLmNvbS5ici8iLCJyZWZlcnJlciI6IiIsImNyZWF0ZWRfYXQiOjE2NzU4NzM4MjQuOTMxLCJ1dG1fc291cmNlIjoiKE5vbmUpIiwiZG9tYWluIjoiU0lURSJ9XSwibGFzdFNlc3Npb24iOnsiaG9zdG5hbWUiOiJ2ZXhwZW5zZXMuY29tLmJyLyIsInJlZmVycmVyIjoiIiwiY3JlYXRlZF9hdCI6MTY3NTg3MzgyNC45MzEsInV0bV9zb3VyY2UiOiIoTm9uZSkifSwicGFnZUNvdW50ZXIiOjEsImlkTGVhZCI6IjZjNjE2Y2Y3LTgzN2ItNDcxYi04Zjc3LTE4ZmIwMWNhZjNjZCIsIm9wZXJhdGlvbmFsU3lzdGVtIjoiV2luZG93cyBOVCAxMC4wIiwiYnJvd3NlciI6IkNocm9tZSIsImNyZWF0ZWRfYXQiOjE2NzU4NzM4MjQuOTMxLCJ1cGRhdGVkX2F0IjoxNjc1ODczODI0LjkzMX0=
.vexpenses.com.br/	1970-01-20 11:40:49	Name: _fbp Value: fb.2.1675873824944.470223173
.www.linkedin.com/	1970-01-20 18:16:49	Name: bscookie Value: "v=1&202302081630243f8b59f1-4793-426c-87c5-3a80a3eea2dbAQEINW06YaDv2hQYPFlc_8HURxAlzM76"
.linkedin.com/	1970-01-20 13:50:25	Name: li_gc Value: MTswOzE2NzU4NzM4MjQ7MjswMjGW4tyxG4GrMwa/aRZLzTQHXqsOpZ2++GkS+U/C5tSKGg==
.vexpenses.com.br/	1970-01-20 18:52:49	Name: _tt_enable_cookie Value: 1
.vexpenses.com.br/	1970-01-20 18:52:49	Name: _ttp Value: 9iB0PKw7tmKdXCFVyBPDazmZXr-
vexpenses.com.br/	1969-12-31 23:59:59	Name: first_session Value: %7B%22visits%22%3A1%2C%22search%22%3A%7B%22engine%22%3Anull%2C%22query%22%3Anull%7D%2C%22referrer%22%3A%22%22%2C%22url%22%3A%22https%3A//vexpenses.com.br/%22%2C%22path%22%3A%22/%22%2C%22start%22%3A1675873825476%2C%22last_visit%22%3A1675873825476%7D
.vexpenses.com.br/	1970-01-20 09:32:40	Name: _clsk Value: 1i218ay\|1675873825711\|1\|1\|h.clarity.ms/collect
vexpenses.com.br/	1970-01-20 19:07:13	Name: location Value: undefined
.c.bing.com/	1970-01-20 18:52:49	Name: SRM_B Value: 2691DA3322AF662B3066C881237D67E0
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 18:52:49	Name: MUID Value: 2691DA3322AF662B3066C881237D67E0
.c.clarity.ms/	1970-01-20 09:31:14	Name: ANONCHK Value: 0
.vexpenses.com.br/	1970-01-20 18:16:49	Name: rdtrk Value: %7B%22id%22%3A%229c12939a-e18f-4375-b84a-a995b0fbbee5%22%7D

31 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	Message: Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other	warning	Message: Dropped srcset candidate "/images/icons/home/reembolsos-e-"
other	warning	Message: Failed parsing 'srcset' attribute value since it has an unknown descriptor.
other	warning	Message: Dropped srcset candidate "/images/icons/home/reembolsos-e-"
network	error	URL: https://app.qualzz.com/notifications/api/optins/site?site=https://vexpenses.com.br Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript	error	URL: https://vexpenses.com.br/ Message: Access to XMLHttpRequest at 'https://app.qualzz.com/assets/trackingScript/organic.json' from origin 'https://vexpenses.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.qualzz.com/assets/trackingScript/organic.json Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://ipinfo.io/?callback=jQuery17208413323919678755_1675873825892&_=1675873826231 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://ipinfo.io/?callback=jQuery17208413323919678755_1675873825891&_=1675873826230 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://ipinfo.io/?callback=jQuery17208413323919678755_1675873825894&_=1675873826232 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://ipinfo.io/?callback=jQuery17208413323919678755_1675873825895&_=1675873826233 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://ipinfo.io/?callback=jQuery17208413323919678755_1675873825893&_=1675873826231 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://ipinfo.io/?callback=jQuery17208413323919678755_1675873825890&_=1675873826229 Message: Failed to load resource: the server responded with a status of 429 ()
javascript	error	URL: https://vexpenses.com.br/ Message: Access to XMLHttpRequest at 'https://app.qualzz.com/assets/trackingScript/social.json' from origin 'https://vexpenses.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.qualzz.com/assets/trackingScript/social.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://vexpenses.com.br/ Message: Access to XMLHttpRequest at 'https://app.qualzz.com/assets/trackingScript/organic.json' from origin 'https://vexpenses.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.qualzz.com/assets/trackingScript/organic.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://vexpenses.com.br/ Message: Access to XMLHttpRequest at 'https://app.qualzz.com/assets/trackingScript/social.json' from origin 'https://vexpenses.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.qualzz.com/assets/trackingScript/social.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://vexpenses.com.br/ Message: Access to XMLHttpRequest at 'https://app.qualzz.com/assets/trackingScript/organic.json' from origin 'https://vexpenses.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.qualzz.com/assets/trackingScript/organic.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://vexpenses.com.br/ Message: Access to XMLHttpRequest at 'https://app.qualzz.com/assets/trackingScript/organic.json' from origin 'https://vexpenses.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.qualzz.com/assets/trackingScript/organic.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://vexpenses.com.br/ Message: Access to XMLHttpRequest at 'https://app.qualzz.com/assets/trackingScript/social.json' from origin 'https://vexpenses.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.qualzz.com/assets/trackingScript/social.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://vexpenses.com.br/ Message: Access to XMLHttpRequest at 'https://app.qualzz.com/assets/trackingScript/social.json' from origin 'https://vexpenses.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.qualzz.com/assets/trackingScript/social.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://vexpenses.com.br/ Message: Access to XMLHttpRequest at 'https://app.qualzz.com/assets/trackingScript/organic.json' from origin 'https://vexpenses.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.qualzz.com/assets/trackingScript/organic.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://vexpenses.com.br/ Message: Access to XMLHttpRequest at 'https://app.qualzz.com/assets/trackingScript/social.json' from origin 'https://vexpenses.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.qualzz.com/assets/trackingScript/social.json Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.tiktok.com
app.qualzz.com
app.vexpenses.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
connect.facebook.net
d335luupugsy2.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
h.clarity.ms
ipinfo.io
pageview-notify.rdstation.com.br
popups.rdstation.com.br
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
stats.g.doubleclick.net
vexpenses.com
vexpenses.com.br
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
app.qualzz.com
13.107.42.14
13.32.110.7
2.16.186.179
20.234.93.27
2001:4860:4802:32::36
2600:9000:2204:e200:2:53b2:240:93a1
2606:4700::6811:180e
2620:1ec:21::14
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1450:4001:810::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400d:807::2004
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2003
2a00:1450:400d:80e::2008
2a00:1450:4025:401::9a
2a02:26f0:3500:16::215:149b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.20.16.147
34.117.59.81
34.68.90.188
35.223.116.65
52.222.250.26
52.224.31.34
52.73.27.165
54.224.52.252
00577975ab18d570e386561f02a1464df28bcfaec267437740dd6bd9154476aa
04d15d2abb17ac0e81c2eacf48ef078f075a335ec6ed7074265f340ec703478c
05ea2a983a80430b6326c7029c493aad80e989719a68fc3da0a46364fadc4a64
0641daa994d0ea8f0a6af45037da147c87810f954851a013248effa9aff2c2bf
07bc68af61e6c0a9564bb913cc972b06f42dc6b37fd92397647536f692c53828
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0af7befaef8ae6a713c1874492aa2417f6fca1efe7140de546e9a8cab3498341
0df525c856d17372ad8bb120b0fa70cc25105f546928e9b1c251f71e433fcee8
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
13338cb761b48cf12516f50f9e78b56bfcfa1b61b51f5b9dd9da66b9df0f63aa
133df52014040f58b80acdec28c7504b2ae956a1f5d8fc720a9ced591c1903cd
135b3211860000144a141bed02f17d3d9bf59b26c151319020ef6733cae18798
171d35c016d7df1eb9f27ffe168eb2b3687c317dedee31857880e0d4f3c54c10
176f7a901f0927a23bf8373655ff2720b6cf31fc3f3d32c060e1bd1c9f073cc1
192b50b1a4264ce9e094ac83a01df8bca69bccf54c0d151ffad5bae4be29cc6f
1a0d8cf6f3a3308fc2b637db99a9d6fc8007c14ca66fdff3ccd5b6677fac7c02
1ade205d46e37b520877cec385474596386d1a236819df3494b378bfc88b549e
1d0f07f40291e16ba11563275f4210908a95c868595588be24186664efb4b3aa
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
1dca4670e488c324a5493136b2040ea9e3410626d76c1d70ec2265030969d965
1f9b9393746cfc109a91ac97605f504b740bfe5deece4bbbacddc5bfa691b130
2035742fc10527688d5cbe9c5b5f909e2e826e7c8288f401c78a6844aef8c92a
20b047ed889da719e3fd8df75208674dd3c4df7513f5f1cbdba9e0350b7243c0
215ba5c67fcbff57d1b8a1fc9d13b5541745fba1272526a5df794e10297da33b
220fcf577b3a191a34246e11744fa3a65a652e99356c9888040d6fdb2f7888e9
24d1582dc657bd6edde2d2ccd538a4993f8095ea14e83f4ea5816b549d4ded7c
297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4
2b45dc9434aef88654c0676b653dba398186e71469e84fea1708190f5f964544
2be948ebf3d16847cc53895a83ab40f63f50cbffcc751496a8df9c26469c17d4
2f1fc6dcd4272a077a30a910cc467c9a53415f9cbbf37325c8195cd6c3991292
2f274e7d9e1c6fef33cac97e5dc98150ea2313de1e453e730d0ed8b7a8a1d3e4
2f5696231e1af86e991b997ab81bf6d91bff3289854f285e5c04e129de6649c1
31c01fbd11d81a9a2f9745f02c3113063239b76cf2ba4ef11857d4da29ad0b7c
328e234cdf923a89e12c9ff43deec034d1991ad1eab0594e52b3ef3a6045e327
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
3b5fe271503a9037639a3a0beaf9b5c1d5a4b533e9ec1da21ea371a46bba8ab8
3bba77068885d0e2744f18abc3f70404599650db3652aba6c8e6114366a6f73f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7899d0e9426d916c7b6741aae1bba6ff98331562561b3726c37fe6dc75b023
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
45b657f3c06d57141503e14a37ab0fe7d79661f2af32e8fd34a2a16ce36d4427
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4926639da8f2c3bd1c0c55946553b058c6ac9abf62a4751e1b4d982365d5ab4b
4b0a151b8d8dd214d5d21d08af57e4df98b7a3a3ff86bb41a27670da5b4993a4
4b429ca1187dfb9f541ba7546b40038ac56244ca228cb46b6b284284a2829282
4bab7100a59ad1ec9a15ae25e1a93bfdec0bcd9e951eab36230fdb99c7a7d8e8
4f85e0af597fba87f07bd6a2c32e727677796ccd4fa2c431b2c6484ae9cd5c27
4f967aaed3dc04616b0c0bb0a0196f3fcbf7ba7d8d5a2a19ed5fbd472d2fdb9e
50e7ee4c043d310506161a6a44b391a13db1832c689d9f07f29fa4e60526f4b5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
596e54d63ed7b5be6b657f51883af0ba97401d329cb1800f3c2d8da1f4aebf80
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59da42db9e4075ae230df5b9aa124903e5ba81b6702fb43523b8fbc38540d662
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b77b20e54ce4c8f7b394deda3ce9f891e432f912ef3827a7555ce17510f7147
5bdf420612d74574736b56dd5b519602c3e1de86f864627b75eb3b0914df2514
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
65cae41d2dca4ebf2b8a513dd989ac8d982c5fe3887d035b035e11da0d7f811b
65e63dbdb6a9ace548059f1b75ac2c40b6d1d343eabebd8871c05167f350769e
69a770bfd8772669a5f62ef6317468bc977b378151d1a40979ac63b3de187f39
6a655e6c088999853de7049f443a25325e9bbc5331fe608179e165cc86f05911
6cbc0e665ba23c67394e2ab842b39c231e8cc28e474184a14922eae1bcd90661
6f12ecf942fba35a2a4f1c1f56a1e8b73aec0df80862e3e9ee6e077e19c36ef7
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
7115859e0f8d8aaae76c7e279ec5d4c3f0f7b357813f4a906b9c77902cdb9203
725f72689e5ba9a97c76911f47fbeca274c6cc17ddc2f678403a2f90a82a5bd0
7419b1161b6a38040ab80506af9a1a6864c1399c54e7444eaedc06928904a9af
746d997bc0d420796397ed66e2df1b273708f035fa5f3cef9342d4b797f8750f
74c3211bbf0907ca026d196e071b0763b1a1a94c1c2fa53a86c7e2cb6c2be390
75654a31e87c7575f45b2c392b07abec6be405828d142105b85d7c8b775bdc72
7668a3fc8c1d03d35fb79e65c40c4875a6c43c7c85c40d42c42d4241d4394922
7879cfe21a3ff2e4364ec808c1ecd97d9980b0658d331bccae58f25e6e38951c
78d5f347705d3aff1b63383895562133a01b83e90028d12ae48c572c96ebde4e
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b7ef63ccbeb4f840efedcc417f9c604a40b4a834ff2ca6f0fcbeb591dcd89a4
7e2ae7be1dd59681bb1a47720d9e924b6eb75ba0f70e1045cd82efa5cfbbb3d4
7eb1e94b7824e042ebf73b7a3896f11738f37897d1231fbd1acaeca3cd7a500e
8243e1ce5b01f66eb8ced17513f0bc3ad6417b8b96f2de1038cac40be1a9cd39
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fb494a67248021d5a6515c68d423112ff21dc9843bef294c0207444ff33f61
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85d0fbb5733e3b39323ba2fded6d198fc54f4f82904d32a4e77df8267aa2ef8f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
9953dbaae92d56aa29aad8b7fe81cc45ffff89aee955eb696c62095289927b89
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ab93061dc9100d5ded94be7081c3c0d6a8e8ce99f480071b6e98ec247f0ca83
9b4d6b061229f6283944b220723dd1e897e9c59a8165d02446d1db3219a21ddb
9b5cc95d479e9d7e168c67218547dd18695e9a69e5bff1529184324aaf3324c3
a03178258439d1e63128eb40b198047ec3704277d9557c078d8a507880ecdd85
a482ca677196e5a6925d474bdbbea9d02b036236cb2008fa25b8fa84d2304325
a5f4e79c9d051bc7eab521979de436cf4d57691fad72dda50ceb15268b15d3e5
a71982cd6d96693f7a5ed23f8cb03a0c3552f1e34530e7c7847740523708b547
a772454fa7a9857bdf8557cdff0bc1f3e4bcf2cac673c19c13ca632c5987be82
a9829aab999435b4bd49912bef6f2ecd35dcd6de5679111b43277f9dc5d5f6f7
acaf5fd4bce5ca020be010ed54fecf3aad43a128ec935c1f9af55e269d53dbb3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af06fad4abc51c3042cf3cbb12c80fae9f787777ab8bbc25e2af4a4d7dcd2fe0
b22215e20cb56235d69c1d9f3ab4313c98648f933c57c3bc6b01102a986777c8
b3974d529dfe79cc7959c1d293d84fe4d633f1415d60c9c9ff15cbb996fc464b
b46fca6b4d139e92fbf6e7c1ccc7eb23a102d772d76c9c59eb929e57a1f970c4
b869bef925ac878756904f5ea09b9a544ee54d9a84fc8650603251e2058336d0
bc6a558b3f0d3b684040f6148ce0340ef6b186da1e170062afac756c9764bb09
c095079d4a8e339b58e50c7dd7e2c205604265ce6ed653d5af15110e774c2d29
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c360e782c1926d15a985385d16462d07ca2b59afe02661e7e2ca3c2f0abef572
c5ff2fa04313b9bdde8f074e52191621d10741c197493f3dbce988542148c7e0
c6cd32aa7fc1b757622baec955bf7ed5807840557060d236d87edad3210d57c4
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cb7e6f9cbfc9312b8386f962aa5785fca88309e3fa30da38edf4fad0495ddb00
cc0bb8bd86f235e11e9e8eff6d6d814ab30196b1f94727534d68f30eac66bfd8
ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5
ce3783d4091c989beac6560ce4ba0032d52339854010ac19358dfb702f226167
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736
d016f927e1a6613bfa69327507b6b9bc6da58973df291f33733ef6e5e467b181
d23fd8e1e5f82d171452b4d49aa91f1503cb384fe2130a0fb8f370bdf219d199
d2dd0fc7455581b5ff2d3a912353f63368479453cc8ad0b011f2627d4fd1af74
d73b14e2547445155e2ae071321775554c28abebca36d9b5283819b2999352bc
d858a58ce6f0808a4aa065f57ba2be8aa4d03245d6b4b80e6a767abbc001865a
da44b00bd7d6488aadbcc8efd3ff0c9807691a1dc68f636d55f0a5f3174458ba
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
db9b49ceeacf996e0f328d5bd1e7e36e7b6e618201cb3695779f594206517ab0
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
decb509babf355febb523bcb457f311a591467bd5ac007410a6469ef330111de
e2365edc6829feb65c056b160584cb018af496ece55f2832a15fdcc8769e1154
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5387ee7b908c1d423aadd0dd0e099c73c690dfe8c8d1af11d4965c7d75f5987
ef16b7930dd52280d86275f84f024df9ed02adbda5745a93bbb680850243a215
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efae08ea13a1a8df89d633357c39882b62b5b971cd88261dcfdfc21c3ec8dd9b
f0d08e6fa18c66302c7b15b7d757a4e53a93b12a0bd7d382307f538db42b2e25
f1eae4ef63974ac3c7cd22af0bc083b9dc96ac5c0a52cda02fdfc4998f3f233c
f533b94f00cce7d20abe60dc1c94c4e97811033899a51abef2a29493c47fc23f
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5
f884d24f2368dde069effbcec982c1df894b24fbc2b35addef1a24cbbbb39728
fa229fc57162453c1e254ea89698062ae97fccb96d685bb4e0c9cac9a29646f0
fc28bd7b09639122bc038eb8a2e59e521912e575a014b4d18076c50c5a9b87ce
fc9a9b0e86d770a8cfc04409be77e2a1d7f7444d1adda02d7421ee9ffbb89fb2
ff0b683f20f821e1329f3dedccffeae3a259c9b41701e73a8073a3134bccdccd
ff3303fb3f64d8f498dabbdcfd6c49d45455a5abe29175bf3ff821b147e86f46
ffa08be32deb7ac9cf4aadca167e688194e747349df15a2b088a0ea5e5f48cdb

vexpenses.com.br Open in urlscan Pro 13.32.110.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

213 Requests

94 %HTTPS

61 %IPv6

22 Domains

33 Subdomains

30 IPs

4 Countries

3630 kBTransfer

8047 kBSize

32 Cookies

12 Outgoing links

Page URL History

Redirected requests

213 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

vexpenses.com.br Open in urlscan Pro
13.32.110.7 Public Scan

Screenshot
Live screenshot

Full Image

213
Requests

94 %
HTTPS

61 %
IPv6

22
Domains

33
Subdomains

30
IPs

4
Countries

3630 kB
Transfer

8047 kB
Size

32
Cookies

213 HTTP transactions
0 data transactions