recargahypepagamentos.site Open in urlscan Pro
2606:4700:3031::6815:16a2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://recargahypepagamentos.site/diamantesff/
Submission Tags: 7391482
Submission: On December 20 via api (December 20th 2021, 8:00:18 pm UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 64 HTTP transactions. The main IP is 2606:4700:3031::6815:16a2, located in United States and belongs to CLOUDFLARENET, US. The main domain is recargahypepagamentos.site.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 7th 2021. Valid for: a year.

This is the only time recargahypepagamentos.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Garena Free Fire (Gaming)

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3031::6815:16a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:9000:225... 2600:9000:2250:c200:b:9da4:d440:21	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:223... 2600:9000:223c:8200:11:b70:f800:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
20	2600:9000:224... 2600:9000:2240:1400:1c:37e5:3f40:21	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
64	9

8 2606:4700:3031::6815:16a2 (United States)

ASN13335 (CLOUDFLARENET, US)

recargahypepagamentos.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2250:c200:b:9da4:d440:21 (United States)

ASN16509 (AMAZON-02, US)

dhtiece9044ep.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223c:8200:11:b70:f800:21 (United States)

ASN16509 (AMAZON-02, US)

dd7tel2830j4w.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:2240:1400:1c:37e5:3f40:21 (United States)

ASN16509 (AMAZON-02, US)

d1muf25xaso8hp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	cloudfront.net dhtiece9044ep.cloudfront.net dd7tel2830j4w.cloudfront.net d1muf25xaso8hp.cloudfront.net	1 MB
23	gstatic.com fonts.gstatic.com	403 KB
8	recargahypepagamentos.site recargahypepagamentos.site	14 KB
2	facebook.com www.facebook.com	384 B
2	facebook.net connect.facebook.net	113 KB
1	googleapis.com fonts.googleapis.com	2 KB
64	6

	Domain	Requested by
23	fonts.gstatic.com	fonts.googleapis.com
20	d1muf25xaso8hp.cloudfront.net	recargahypepagamentos.site
8	recargahypepagamentos.site	recargahypepagamentos.site dhtiece9044ep.cloudfront.net
5	dhtiece9044ep.cloudfront.net	recargahypepagamentos.site
3	dd7tel2830j4w.cloudfront.net	recargahypepagamentos.site
2	www.facebook.com	recargahypepagamentos.site
2	connect.facebook.net	recargahypepagamentos.site connect.facebook.net
1	fonts.googleapis.com	dhtiece9044ep.cloudfront.net
64	8

This site contains no links.

Subject Issuer	Validity	Valid
recargahypepagamentos.site Cloudflare Inc ECC CA-3	`2021-12-07` - `2022-12-06`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-01` - `2021-12-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://recargahypepagamentos.site/diamantesff/
Frame ID: 628E5EB13D33DD39CDD5F72E77FE9CE3
Requests: 65 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bônus de Diamantes para Free Fire | Hype Games

Detected technologies

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

1751 kB
Transfer

4021 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
recargahypepagamentos.site/diamantesff/ 12 KB
5 KB 626ms
588ms Document
text/html 2606:4700:3031::6815:16a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://recargahypepagamentos.site/diamantesff/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:16a2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0774e7b9d1fa43e93b64b7f444046151d22de754d5e87b551d502463e9aefb3c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 20 Dec 2021 20:00:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
referrer-policy: origin
x-frame-options: DENY
cache-control: no-store
x-bubble-perf: {"total":378.4,"percents":{"top":{"bubble_cpu":9.7,"block":90.3,"capacity_rl":0,"other_pause":0,"pre_fiber":0.1},"sub":{"pp_userdb":3.4,"pp_wait_userdb":0,"http_request":0,"serverjson":11.1,"appserver_cache_misses_time":0,"redis":41.1,"fiber_queue":1.1,"capacity_wait":1.5}},"counts":{"pp_userdb":4,"http_request":0,"derived_build":0,"derived_cache_attempts":16,"derived_cache_memory_misses":16,"serverjson":33,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":65,"fiber_queue":71,"blocks":70},"misc":{"userdb_results":3,"userdb_data":219,"spent_time":12522438,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.193 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 6c0b7491be551756-FRA
Content-Encoding: br

GET
H2 200 xfalse Show response
dhtiece9044ep.cloudfront.net/package/early_js/dd268d133928160ce0477aa496e40e77dc989e7bf0f4dba4f88bcf7132d53b15/ 23 KB
10 KB 35ms
7ms Script
application/javascript 2600:9000:2250:c200:b:9da4:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dhtiece9044ep.cloudfront.net/package/early_js/dd268d133928160ce0477aa496e40e77dc989e7bf0f4dba4f88bcf7132d53b15/xfalse
Requested by: Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:c200:b:9da4:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8925f1e8a34a8944098b7073f62d681d67ee3d3619a04dba9032b2618d6d0f00

Request headers

Referer: https://recargahypepagamentos.site/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 00:09:03 GMT
content-encoding: gzip
cf-cache-status: MISS
x-bubble-perf: {"total":115.1,"percents":{"top":{"bubble_cpu":3,"block":96.5,"capacity_rl":0,"other_pause":0,"pre_fiber":0.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":0,"fiber_queue":0.2,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":0,"fiber_queue":3,"blocks":2},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":518895,"derived_build_time_spent":0}}
age: 12772268
x-powered-by: Express
x-cache: Hit from cloudfront
x-bubble-capacity-used: 0.008 unit-seconds used
content-length: 8711
timing-allow-origin: *
access-control-allow-origin: *
server: cloudflare
etag: dd268d133928160ce0477aa496e40e77dc989e7bf0f4dba4f88bcf7132d53b15
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d13436be9e793d00b0273db3f7904817.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
cf-ray: 674965a3791a1776-FRA
x-amz-cf-id: -1P2g0BPfbHXNolwxoZ7hZJzk-JHQiddRb_xsEMmK7PHnXf4SdRWyw==
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 xfalse
dhtiece9044ep.cloudfront.net/package/run_css/60f33bd096612dc8fb4984baf654a9bb0314d94aa64efb29c8b933bb5f9e7fec/ff04/live/diamantesff/xfalse/ 56 KB
12 KB 47ms
20ms Stylesheet
text/css 2600:9000:2250:c200:b:9da4:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dhtiece9044ep.cloudfront.net/package/run_css/60f33bd096612dc8fb4984baf654a9bb0314d94aa64efb29c8b933bb5f9e7fec/ff04/live/diamantesff/xfalse/xfalse
Requested by: Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:c200:b:9da4:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f4db4effcce1bb6762371e635d5ba37a21d95a1daf8bf7373b1f5190adb9cc2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 15:52:02 GMT
content-encoding: gzip
cf-cache-status: MISS
x-bubble-perf: {"total":22.8,"percents":{"top":{"bubble_cpu":29.8,"block":67.6,"capacity_rl":0,"other_pause":0,"pre_fiber":1.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":28.6,"appserver_cache_misses_time":0,"redis":62.9,"fiber_queue":9.3,"capacity_wait":21.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":11,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":15,"fiber_queue":16,"blocks":15},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1018292,"derived_build_time_spent":0}}
age: 274089
x-powered-by: Express
x-cache: Hit from cloudfront
x-bubble-capacity-used: 0.016 unit-seconds used
content-length: 11008
timing-allow-origin: *
access-control-allow-origin: *
server: cloudflare
etag: 60f33bd096612dc8fb4984baf654a9bb0314d94aa64efb29c8b933bb5f9e7fec
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
cf-ray: 6bf150f7bd072bdd-FRA
x-amz-cf-id: iw3lgPaloFN8kaEvgou4F6bjpthTMtdTSuXBJLytz0YJyQiXcKnEug==
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 x15 Show response
dhtiece9044ep.cloudfront.net/package/run_js/8e76f4ac926cdda8b515aa4d03440412172bc85d24bce8e2c37d234fd798d583/xfalse/ 2 MB
564 KB 39ms
12ms Script
application/javascript 2600:9000:2250:c200:b:9da4:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dhtiece9044ep.cloudfront.net/package/run_js/8e76f4ac926cdda8b515aa4d03440412172bc85d24bce8e2c37d234fd798d583/xfalse/x15
Requested by: Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:c200:b:9da4:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d05249466a1b959ca7446607b4ffaad9aefe6aa44e2c654beee346b95988918b

Request headers

Referer: https://recargahypepagamentos.site/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 18:26:28 GMT
content-encoding: gzip
cf-cache-status: MISS
x-bubble-perf: {"total":111.1,"percents":{"top":{"bubble_cpu":10.5,"block":88.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":0,"fiber_queue":0.3,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":0,"fiber_queue":3,"blocks":2},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1755773,"derived_build_time_spent":0}}
age: 5623
x-powered-by: Express
x-cache: Hit from cloudfront
x-bubble-capacity-used: 0.027 unit-seconds used
content-length: 575981
timing-allow-origin: *
access-control-allow-origin: *
server: cloudflare
etag: 8e76f4ac926cdda8b515aa4d03440412172bc85d24bce8e2c37d234fd798d583
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d13436be9e793d00b0273db3f7904817.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
cf-ray: 6c0aeb4efb7368f2-FRA
x-amz-cf-id: KlHNVYgNhie_6dEzibHXdBa0ypsRMsaYmVewMYGAOCEIkU1z_vrAKw==
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 xfalse Show response
dhtiece9044ep.cloudfront.net/package/static_js/afaa0d99b68227e16f9dc5877d2839f725b3bf1ebfcbe61361fe389a29209889/ff04/live/diamantesff/xnull/xfalse/xfalse/ 327 KB
78 KB 63ms
36ms Script
application/javascript 2600:9000:2250:c200:b:9da4:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dhtiece9044ep.cloudfront.net/package/static_js/afaa0d99b68227e16f9dc5877d2839f725b3bf1ebfcbe61361fe389a29209889/ff04/live/diamantesff/xnull/xfalse/xfalse/xfalse
Requested by: Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:c200:b:9da4:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9254d1ced10109d4575851acfb39f3300376ba91a601339fea239e5254b5cc81

Request headers

Referer: https://recargahypepagamentos.site/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 12:43:59 GMT
content-encoding: gzip
cf-cache-status: MISS
x-bubble-perf: {"total":152,"percents":{"top":{"bubble_cpu":11.7,"block":88.3,"capacity_rl":0,"other_pause":0,"pre_fiber":0.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":4.6,"appserver_cache_misses_time":0,"redis":10.4,"fiber_queue":2,"capacity_wait":0.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":11,"derived_cache_memory_misses":11,"serverjson":15,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":37,"fiber_queue":34,"blocks":33},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":2657501,"derived_build_time_spent":0}}
age: 458172
x-powered-by: Express
x-cache: Hit from cloudfront
x-bubble-capacity-used: 0.041 unit-seconds used
content-length: 78461
timing-allow-origin: *
access-control-allow-origin: *
server: cloudflare
etag: afaa0d99b68227e16f9dc5877d2839f725b3bf1ebfcbe61361fe389a29209889
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d13436be9e793d00b0273db3f7904817.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
cf-ray: 6bdfc2b9acc7c2ea-FRA
x-amz-cf-id: 5OZYBJ_4eI5b4I-fuua5RBxxkfqmlL65O6BXYrfXCp7SKAZIVkf-eA==
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 xfalse Show response
dhtiece9044ep.cloudfront.net/package/dynamic_js/e6c44b424c6402d802eae608082f2d246e88eaf6686292ce821431e6589200b8/ff04/live/diamantesff/xnull/xfalse/xfalse/pt_br/xfalse/ 140 KB
22 KB 64ms
38ms Script
application/javascript 2600:9000:2250:c200:b:9da4:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dhtiece9044ep.cloudfront.net/package/dynamic_js/e6c44b424c6402d802eae608082f2d246e88eaf6686292ce821431e6589200b8/ff04/live/diamantesff/xnull/xfalse/xfalse/pt_br/xfalse/xfalse
Requested by: Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:c200:b:9da4:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 75b2ce033a33bf44ed090285093f84d83ea6112ec6600be6cafe6eb11bba71d7

Request headers

Referer: https://recargahypepagamentos.site/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 18:50:25 GMT
content-encoding: gzip
cf-cache-status: MISS
x-bubble-perf: {"total":15.8,"percents":{"top":{"bubble_cpu":37.1,"block":58.1,"capacity_rl":0,"other_pause":0,"pre_fiber":2.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":16.6,"appserver_cache_misses_time":0,"redis":34.4,"fiber_queue":9.2,"capacity_wait":34}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":9,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":14,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":877682,"derived_build_time_spent":0}}
age: 4186
x-powered-by: Express
x-cache: Hit from cloudfront
x-bubble-capacity-used: 0.014 unit-seconds used
content-length: 21637
timing-allow-origin: *
access-control-allow-origin: *
server: cloudflare
etag: e6c44b424c6402d802eae608082f2d246e88eaf6686292ce821431e6589200b8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d13436be9e793d00b0273db3f7904817.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
cf-ray: 6c0b0e63ba014315-FRA
x-amz-cf-id: -GnirZhHgKI28qc34tMPCueIGMWh_y6VWGc59npJB1NxikFjbBX7fg==
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 clipboard.min.js Show response
dd7tel2830j4w.cloudfront.net/f1618227041113x740068462949819800/ 10 KB
11 KB 35ms
8ms Script
text/javascript 2600:9000:223c:8200:11:b70:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd7tel2830j4w.cloudfront.net/f1618227041113x740068462949819800/clipboard.min.js
Requested by: Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8200:11:b70:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 01:50:20 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age: 65542
x-amz-meta-app-version: live
x-cache: Hit from cloudfront
content-length: 10662
x-amz-meta-appname: meta
last-modified: Mon, 12 Apr 2021 11:30:42 GMT
server: AmazonS3
etag: "3f3688138a1b9fc4ef669ce9056b6674"
x-amz-version-id: FtdIjRneKqegeOl8FxopA45YbrIlmvEe
cache-control: public,max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-type: text/javascript
x-amz-cf-id: ZijsOSdO3_s0svwnqYb8huheYJ0e9o4sKNZnUaBEzCrWuic84XjwVg==

GET
H2 200 jquery.creditCardValidator.js Show response
dd7tel2830j4w.cloudfront.net/f1560368653637x894798677478442900/ 8 KB
9 KB 39ms
12ms Script
text/javascript 2600:9000:223c:8200:11:b70:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd7tel2830j4w.cloudfront.net/f1560368653637x894798677478442900/jquery.creditCardValidator.js
Requested by: Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8200:11:b70:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c5f8fcc96153880f57cb501646dca91ab644f972b43a851e3b087ce4339e5079

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 7ug9F6JHxV3xIqiAlI8skLdkbpXepNHG
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
etag: "0bd4315906225c8d21713149d658cdcd"
age: 5125081
x-amz-meta-app-version: live
x-cache: Hit from cloudfront
content-length: 8625
x-amz-meta-appname: meta
last-modified: Wed, 12 Jun 2019 19:44:14 GMT
server: AmazonS3
date: Fri, 22 Oct 2021 12:22:11 GMT
content-type: text/javascript
cache-control: public,max-age=290304000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: kn72KCEA2d9O2T9X_5ZSLBufdlBdNY6tmsDQOOwwjAPSCKCvVNJD3w==

GET
H2 200 jquery.mask.js Show response
dd7tel2830j4w.cloudfront.net/f1609444289049x173863893158045200/ 23 KB
23 KB 41ms
14ms Script
text/javascript 2600:9000:223c:8200:11:b70:f800:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd7tel2830j4w.cloudfront.net/f1609444289049x173863893158045200/jquery.mask.js
Requested by: Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8200:11:b70:f800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 01:55:14 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age: 65098
x-amz-meta-app-version: live
x-cache: Hit from cloudfront
content-length: 23176
x-amz-meta-appname: meta
last-modified: Thu, 31 Dec 2020 19:51:30 GMT
server: AmazonS3
etag: "24992f1ed62baf9393609f3c6c2ad20e"
x-amz-version-id: f7Vv0sAN_ylJ2h_koQVIJCaX5Z3xEBlZ
cache-control: public,max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-type: text/javascript
x-amz-cf-id: Yb3mDZ67TWwqTPuvydo0jv8AnAwHwGozLOYHddoxoWs2XINROxCl6w==

GET
H2 200 css
fonts.googleapis.com/ 30 KB
2 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow+Semi+Condensed:700%7CBarlow:500%7CBarlow:600%7CBarlow:700%7CBarlow:800%7CBarlow:italic%7CBarlow:regular%7CExo+2:700%7CLato%7CLato:700%7CLato:900%7CLato:italic%7CLato:regular%7CMontserrat:600%7COpen+Sans%7COpen+Sans:600%7COpen+Sans:italic%7COpen+Sans:regular%7CPoppins:300%7CPoppins:500%7CPoppins:500italic%7CPoppins:600%7CPoppins:700%7CPoppins:italic%7CPoppins:regular%7CRoboto+Slab:regular

Requested by

Host: dhtiece9044ep.cloudfront.net
URL: https://dhtiece9044ep.cloudfront.net/package/early_js/dd268d133928160ce0477aa496e40e77dc989e7bf0f4dba4f88bcf7132d53b15/xfalse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd5915e5993cf2d3757a1aa28aff675ffa93444beda44bb7b00831327d2fbb3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Dec 2021 20:00:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Dec 2021 20:00:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Dec 2021 20:00:11 GMT

GET
H/1.1 200
OK data Show response
recargahypepagamentos.site/api/1.1/init/ 293 B
1 KB 245ms
244ms XHR
text/plain 2606:4700:3031::6815:16a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://recargahypepagamentos.site/api/1.1/init/data?location=https%3A%2F%2Frecargahypepagamentos.site%2Fdiamantesff%2F
Requested by: Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:16a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3d4843643bcef216a0145a2fcdd3f7916be5ff0887ec7410690cf634a0d3df03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 20:00:11 GMT
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":32.3,"percents":{"top":{"bubble_cpu":16.8,"block":80.7,"capacity_rl":0,"other_pause":0,"pre_fiber":1.1},"sub":{"pp_userdb":15.5,"pp_wait_userdb":0,"http_request":0,"serverjson":3.9,"appserver_cache_misses_time":0,"redis":47.4,"fiber_queue":5.2,"capacity_wait":7}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":14,"fiber_queue":17,"blocks":16},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":6811600,"derived_build_time_spent":0}}
Server: cloudflare
x-powered-by: Express
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.105 unit-seconds used
CF-RAY: 6c0b7495cca01756-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfw6-_B2sl.woff2
fonts.gstatic.com/s/barlowsemicondensed/v7/ 22 KB
22 KB 55ms
28ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowsemicondensed/v7/wlpigxjLBV1hqnzfr-F8sEYMB0Yybp0mudRfw6-_B2sl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow+Semi+Condensed:700%7CBarlow:500%7CBarlow:600%7CBarlow:700%7CBarlow:800%7CBarlow:italic%7CBarlow:regular%7CExo+2:700%7CLato%7CLato:700%7CLato:900%7CLato:italic%7CLato:regular%7CMontserrat:600%7COpen+Sans%7COpen+Sans:600%7COpen+Sans:italic%7COpen+Sans:regular%7CPoppins:300%7CPoppins:500%7CPoppins:500italic%7CPoppins:600%7CPoppins:700%7CPoppins:italic%7CPoppins:regular%7CRoboto+Slab:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0e2872c56d99d01955376b676c0577360bac6b1768c5be36898be67dd02d26e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 04:29:26 GMT
x-content-type-options: nosniff
age: 315045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22184
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 18:26:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Dec 2022 04:29:26 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v5/ 20 KB
20 KB 58ms
32ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 17:22:02 GMT
x-content-type-options: nosniff
age: 527889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20348
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:07:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 17:22:02 GMT

GET
H2 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v5/ 21 KB
21 KB 57ms
31ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 18:06:15 GMT
x-content-type-options: nosniff
age: 6836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21072
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 20 Dec 2022 18:06:15 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v5/ 21 KB
21 KB 56ms
30ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 17:56:21 GMT
x-content-type-options: nosniff
age: 439430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21080
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 17:56:21 GMT

GET
H2 200 7cHqv4kjgoGqM7E3q-0s51os.woff2
fonts.gstatic.com/s/barlow/v5/ 21 KB
21 KB 54ms
29ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3q-0s51os.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa773a6c9bc50be41bb6ce8e5f8fc0e6ad1b1e409a19c65704cfdcf7ce9f3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:35 GMT
x-content-type-options: nosniff
age: 438636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21268
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:06:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 18:09:35 GMT

GET
H2 200 7cHrv4kjgoGqM7E_Cfs7wH8.woff2
fonts.gstatic.com/s/barlow/v5/ 22 KB
22 KB 52ms
27ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHrv4kjgoGqM7E_Cfs7wH8.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62d5040b4c68f23598726ba32798f9465c6a6cc06d102e7cdc31bc76c0007497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 14:04:01 GMT
x-content-type-options: nosniff
age: 539770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22548
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:06:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 14:04:01 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v5/ 20 KB
20 KB 60ms
35ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 10:46:05 GMT
x-content-type-options: nosniff
age: 378846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20444
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 16 Dec 2022 10:46:05 GMT

GET
H2 200 7cH1v4okm5zmbvwkAx_sfcEuiD8jWfWsOdC_.woff2
fonts.gstatic.com/s/exo2/v15/ 15 KB
15 KB 62ms
36ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v15/7cH1v4okm5zmbvwkAx_sfcEuiD8jWfWsOdC_.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1243779bbd131116656823b9f1c0e7beae2a0214f2d155a393b9e978b5d6bc7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 14:21:23 GMT
x-content-type-options: nosniff
age: 538728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 17:21:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 14:21:23 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 47ms
22ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:26:28 GMT
x-content-type-options: nosniff
age: 599623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 13 Dec 2022 21:26:28 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 36ms
11ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 04:27:49 GMT
x-content-type-options: nosniff
age: 315142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Dec 2022 04:27:49 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 42ms
17ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 08:02:57 GMT
x-content-type-options: nosniff
age: 561434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 08:02:57 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v20/ 24 KB
24 KB 57ms
33ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 09:35:45 GMT
x-content-type-options: nosniff
age: 469466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 09:35:45 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 59ms
34ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 10:02:14 GMT
x-content-type-options: nosniff
age: 467877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19824
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 10:02:14 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 48ms
24ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 281289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Dec 2022 13:52:02 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ 17 KB
17 KB 44ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 14:26:25 GMT
x-content-type-options: nosniff
age: 538426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17768
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:14 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 14:26:25 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 60ms
36ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:17:53 GMT
x-content-type-options: nosniff
age: 438138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7848
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 18:17:53 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 55ms
32ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:35:21 GMT
x-content-type-options: nosniff
age: 599090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 13 Dec 2022 21:35:21 GMT

GET
H2 200 pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 60ms
37ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a77d294c68601de11ee6eeb15b7beed162ba2b70763ef412d0816a8187b4cd5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 07:45:10 GMT
x-content-type-options: nosniff
age: 562501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8548
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 07:45:10 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 59ms
35ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 04:07:14 GMT
x-content-type-options: nosniff
age: 316377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Dec 2022 04:07:14 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 51ms
28ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 04:20:35 GMT
x-content-type-options: nosniff
age: 315576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Dec 2022 04:20:35 GMT

GET
H2 200 pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
9 KB 59ms
35ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiGyp8kv8JHgFVrJJLucHtA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f41bc54bcb1241a706432b6ca646835b27140a2eca0f50595ac4fbdd9eeef0f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 09:51:49 GMT
x-content-type-options: nosniff
age: 468502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8656
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 09:51:49 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 60ms
37ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 18 Dec 2021 14:28:31 GMT
x-content-type-options: nosniff
age: 192700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 18 Dec 2022 14:28:31 GMT

GET
H2 200 BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v16/ 12 KB
12 KB 56ms
34ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v16/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c636cdf8f523ada818ad53ff012d37b57190cc6702fdf0e6a35a502fcd4f625f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://recargahypepagamentos.site
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 18:20:46 GMT
x-content-type-options: nosniff
age: 5965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12488
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:06 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 20 Dec 2022 18:20:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: 1sVLyveDeIgMJPkZtT+HOhh1fDqOIJ9MrkcIfGKHBlCyR9h5KpeKTFBSeDmXKwd8PEWyHodGOkUoKd/x62/RqQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 20 Dec 2021 20:00:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK hi Show response
recargahypepagamentos.site/user/ 57 B
1 KB 220ms
220ms XHR
application/json 2606:4700:3031::6815:16a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://recargahypepagamentos.site/user/hi
Requested by: Host: dhtiece9044ep.cloudfront.net
URL: https://dhtiece9044ep.cloudfront.net/package/run_js/8e76f4ac926cdda8b515aa4d03440412172bc85d24bce8e2c37d234fd798d583/xfalse/x15
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:16a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 113cd0665ac57aeb8d405e25f862ad5d31414f6f2a25c57bd20890cd8372ad6d

Request headers

X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-UTM-Data: {}
X-Bubble-Fiber-ID: 1640030411592x612198491603159000
X-Bubble-PL: 1640030411592x2964
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-Bubble-Epoch-ID: 1640030411475x504337019614911500
Content-Type: application/json
X-Bubble-R: https://recargahypepagamentos.site/diamantesff/
Accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
X-Requested-With: XMLHttpRequest
Referer: https://recargahypepagamentos.site/
X-Bubble-Breaking-Revision: 5

Response headers

Date: Mon, 20 Dec 2021 20:00:11 GMT
Content-Encoding: br
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":21.7,"percents":{"top":{"bubble_cpu":21.1,"block":77.1,"capacity_rl":0,"other_pause":0,"pre_fiber":2.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":21.7,"appserver_cache_misses_time":0,"redis":42.2,"fiber_queue":18.7,"capacity_wait":17.6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":685898,"derived_build_time_spent":0}}
x-bubble-appname: ff04
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.011 unit-seconds used
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-bubble-request-took: 21
Content-Type: application/json
cache-control: no-cache
CF-RAY: 6c0b7498796e1756-FRA
x-bubble-capacity-limit: 0 ms slower

POST
H/1.1 200
OK m Show response
recargahypepagamentos.site/user/ 4 B
1 KB 382ms
363ms XHR
application/json 2606:4700:3031::6815:16a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://recargahypepagamentos.site/user/m
Requested by: Host: dhtiece9044ep.cloudfront.net
URL: https://dhtiece9044ep.cloudfront.net/package/run_js/8e76f4ac926cdda8b515aa4d03440412172bc85d24bce8e2c37d234fd798d583/xfalse/x15
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:16a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-UTM-Data: {}
X-Bubble-Fiber-ID: 1640030411597x431105289282900400
X-Bubble-PL: 1640030411592x2964
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://recargahypepagamentos.site/diamantesff/
cache-control: no-cache
X-Requested-With: XMLHttpRequest
Referer: https://recargahypepagamentos.site/
X-Bubble-Breaking-Revision: 5

Response headers

Date: Mon, 20 Dec 2021 20:00:11 GMT
Content-Encoding: br
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":130.8,"percents":{"top":{"bubble_cpu":2.9,"block":86.1,"capacity_rl":0,"other_pause":0,"pre_fiber":11},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":32.2,"appserver_cache_misses_time":0,"redis":57.9,"fiber_queue":33.7,"capacity_wait":5}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":568641,"derived_build_time_spent":0}}
x-bubble-appname: ff04
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.009 unit-seconds used
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-bubble-request-took: 130
Content-Type: application/json
cache-control: no-cache
CF-RAY: 6c0b749899a9692e-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634222770000x453065894196093250%2F1a543781-695e-460a-ae47-4b44b4f73988bab01644-7abb-4f22-958e-cf8507f7e85bfreefirebackgroundjune.jpg
d1muf25xaso8hp.cloudfront.net/ 116 KB
117 KB 45ms
17ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634222770000x453065894196093250%2F1a543781-695e-460a-ae47-4b44b4f73988bab01644-7abb-4f22-958e-cf8507f7e85bfreefirebackgroundjune.jpg?w=2048&h=650&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

28a81c79c69a8ae80362638bd66eac007208aa3471b56bd2354631b4207ba02c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 19:16:37 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2614
x-cache: Hit from cloudfront
x-imgix-id: 901a755b7a3eefa8476bd0244df35112b4ecfdf8
content-length: 118872
x-served-by: cache-sjc10024-SJC, cache-fra19138-FRA
last-modified: Mon, 20 Dec 2021 19:16:37 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: YnEN4bppmRb8bASQh_g0nH8fJ2VsiNPzPTdWHMILf-o2VkodEUsKVA==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634222956623x657064916287075000%2F617f3fc9-7752-4482-a067-b4acd376421dfreefirelogo.png
d1muf25xaso8hp.cloudfront.net/ 8 KB
9 KB 38ms
10ms Image
image/png 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634222956623x657064916287075000%2F617f3fc9-7752-4482-a067-b4acd376421dfreefirelogo.png?w=512&h=111&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

4ed18175708555c9581bd16fecf1cf13af086461fa6936ad18bc8920c10949dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:57 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56304
x-cache: Hit from cloudfront
x-imgix-id: 795955ff3ab35061976d97261e01f638109e472e
content-length: 8501
x-served-by: cache-sjc10054-SJC, cache-hhn4025-HHN
last-modified: Mon, 20 Dec 2021 04:21:47 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: Qr78MrXRLIzsm41OhoGt-SpRUGOtJPV-u0zZ3HuYH0fV5835QhmvCA==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634222837365x308617587482272500%2Fhype-logo.png
d1muf25xaso8hp.cloudfront.net/ 3 KB
4 KB 37ms
9ms Image
image/png 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634222837365x308617587482272500%2Fhype-logo.png?w=128&h=69&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

18d21d1f6a5e07823355638f86af7d7ee360e0329a96db6deeee272ef95b8aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:57 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56305
x-cache: Hit from cloudfront
x-imgix-id: f70d49ce9302f104beb810e68b98263171b4cb33
content-length: 3476
x-served-by: cache-sjc10071-SJC, cache-hhn4029-HHN
last-modified: Mon, 20 Dec 2021 04:21:47 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: ouKYvT5aLY9X7APJimS18bX6RtqPJnmGAXfEU1-UfAPfNOiiLcZjcA==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634223503760x723657102077428700%2Fpagamento-carteira.png
d1muf25xaso8hp.cloudfront.net/ 2 KB
3 KB 38ms
11ms Image
image/png 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634223503760x723657102077428700%2Fpagamento-carteira.png?w=48&h=61&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

d9f9d41edbc0c401d3cd2e2e825839064c5ed6cec3a29a268ef5683c9de57cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:57 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56305
x-cache: Hit from cloudfront
x-imgix-id: dc86f226918cef788241ccf48e3471ae890e82c7
content-length: 2351
x-served-by: cache-sjc10045-SJC, cache-fra19127-FRA
last-modified: Mon, 20 Dec 2021 04:21:47 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: eap8iIqCDNAI6M45nu0Q3Vinmj-0V45bHhGBkq4rELgQHlAOcirE9Q==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634308658160x993186314200305300%2F1cb016a1-9bc7-4805-adc0-b83efac5ea8b190729_cover_hype_1550_Diamantes.jpg
d1muf25xaso8hp.cloudfront.net/ 9 KB
10 KB 42ms
14ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634308658160x993186314200305300%2F1cb016a1-9bc7-4805-adc0-b83efac5ea8b190729_cover_hype_1550_Diamantes.jpg?w=192&h=165&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

f7d65ebc52ecc77287bed93dc9d87a0495c9f260862fc13a3c96667fcf939daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:58 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56304
x-cache: Hit from cloudfront
x-imgix-id: 2bdb1301b531e287fdf21b0e6b14aaf260cb8a34
content-length: 9685
x-served-by: cache-sjc10043-SJC, cache-fra19134-FRA
last-modified: Mon, 20 Dec 2021 04:21:46 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: CqWeDDdAaEqVtWHH9UMbUDl2bemT6ZH6i4tpKvO8-43-QaIsjzEKSw==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634308743501x246167253864255200%2Fe4c7b1e0-40e5-4da9-9535-22f4c16cc1d1190729_cover_hype_2350_Diamantes.jpg
d1muf25xaso8hp.cloudfront.net/ 8 KB
8 KB 39ms
11ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634308743501x246167253864255200%2Fe4c7b1e0-40e5-4da9-9535-22f4c16cc1d1190729_cover_hype_2350_Diamantes.jpg?w=192&h=164&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

0d0a8c8da3c6cea21547b995c746289b66d8c10d2de097b1bafd6e24652836d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:57 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56305
x-cache: Hit from cloudfront
x-imgix-id: 92a63ca51bc85d61bd691afa66e8916440189cd9
content-length: 7888
x-served-by: cache-sjc10048-SJC, cache-hhn4025-HHN
last-modified: Mon, 20 Dec 2021 04:21:46 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: hQMR0IlQsmzGYApT_7lBYwjrL_i8ugatjgB7kYofP31FwTaf4TFCXg==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634308701169x195341687718272320%2Fbd6e7d6b-e49e-472d-a220-7700d1f4cceb190729_cover_hype_5100_Diamantes.jpg
d1muf25xaso8hp.cloudfront.net/ 9 KB
9 KB 17ms
15ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634308701169x195341687718272320%2Fbd6e7d6b-e49e-472d-a220-7700d1f4cceb190729_cover_hype_5100_Diamantes.jpg?w=192&h=165&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

cfc523915a21f695c4dc9e20bc5fbe02ff9b7c351615a541b5c6fef5b9ba2124

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:58 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56304
x-cache: Hit from cloudfront
x-imgix-id: dc44df505074b7779ed77a674d77fc06948ab864
content-length: 9160
x-served-by: cache-sjc10083-SJC, cache-fra19127-FRA
last-modified: Mon, 20 Dec 2021 04:21:46 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: FRIXQKXhid-vwipCrP2TdiICIIX4hRhtdjCLwuGF-XK6BcglT1itNg==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634308604396x874556930670337500%2F175a959e-831b-483e-afd6-d00453e0bc8d190729_cover_hype_610_Diamantes%2520%25282%2529.jpg
d1muf25xaso8hp.cloudfront.net/ 8 KB
8 KB 18ms
16ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634308604396x874556930670337500%2F175a959e-831b-483e-afd6-d00453e0bc8d190729_cover_hype_610_Diamantes%2520%25282%2529.jpg?w=192&h=165&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

560fe6fb67cd13be61f0d7cecfc15b8231d0f953d07d310c2ab92c60fd69ead4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:58 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56304
x-cache: Hit from cloudfront
x-imgix-id: 1c1a9cd8c17be55efd457b49b8ef9c4fefbafb3f
content-length: 8188
x-served-by: cache-sjc10042-SJC, cache-hhn4029-HHN
last-modified: Mon, 20 Dec 2021 04:21:47 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: 3S2yKfM7HIrwKc2QpsMaQmNBoSkgY61AzaXiAnemHlQQxaOMBtZnRw==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634308589310x109242565135845300%2Fd3b1ef24-2b1c-414b-9d11-e551cc3b0725190729_cover_hype_285_Diamantes%2520%25282%2529.jpg
d1muf25xaso8hp.cloudfront.net/ 9 KB
10 KB 18ms
17ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634308589310x109242565135845300%2Fd3b1ef24-2b1c-414b-9d11-e551cc3b0725190729_cover_hype_285_Diamantes%2520%25282%2529.jpg?w=192&h=164&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

f304b69433e7517902995fb75bf41fc62299f59082e2c0090fb9f5f171f5b569

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:58 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56304
x-cache: Hit from cloudfront
x-imgix-id: ebfff988facd79b10f619c30c76bb26f493aa355
content-length: 9425
x-served-by: cache-sjc10054-SJC, cache-hhn4053-HHN
last-modified: Mon, 20 Dec 2021 04:21:46 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: mFlC6rlHWHmclax8xWMWga2dKrdHm5Mtjo8uKs00cLENIh0XgARdEQ==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634308523753x557978743122355900%2F806ec0a7-0067-482e-9bf7-a72ed006c725190729_cover_hype_85_Diamantes%2520%25281%2529.jpg
d1muf25xaso8hp.cloudfront.net/ 8 KB
9 KB 23ms
22ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634308523753x557978743122355900%2F806ec0a7-0067-482e-9bf7-a72ed006c725190729_cover_hype_85_Diamantes%2520%25281%2529.jpg?w=192&h=164&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

da2856fb632291c67b446d2c236fd71b6a04d4504d43140d47f1880fcc6c668e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:58 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56304
x-cache: Hit from cloudfront
x-imgix-id: 824552bb4b75f637823b15aae5fd57c7ae6a27b5
content-length: 8592
x-served-by: cache-sjc10038-SJC, cache-hhn4053-HHN
last-modified: Mon, 20 Dec 2021 04:21:46 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: OFk0w5O4N61GZOS7keRA227Zre0g0EBK54qNlPWE7Fvy6SP2KNIq0Q==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634311444749x225765108581794680%2F21a1a652-93d2-435f-9895-e94de5861ba52.jpg
d1muf25xaso8hp.cloudfront.net/ 28 KB
29 KB 20ms
18ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634311444749x225765108581794680%2F21a1a652-93d2-435f-9895-e94de5861ba52.jpg?w=512&h=269&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

5cc170736cfe8757e00b6fcee7cf821b07327f98414b2fd76c0c0a29fe051dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:58 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56304
x-cache: Hit from cloudfront
x-imgix-id: 982a045b85057f3e791acf51907fe9931f364670
content-length: 29074
x-served-by: cache-sjc10063-SJC, cache-fra19125-FRA
last-modified: Mon, 20 Dec 2021 04:21:47 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: 2ZI6pEXhYvGj-fCkrumMUgwuQUKUzxL131kpEb_U9utOAAewSSC4lg==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634311524951x712767117468677840%2F66a55a51-8b96-4a24-a394-14eb33c65c111.jpg
d1muf25xaso8hp.cloudfront.net/ 26 KB
27 KB 22ms
20ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634311524951x712767117468677840%2F66a55a51-8b96-4a24-a394-14eb33c65c111.jpg?w=512&h=269&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

204a2623f844b4000ad75624c468e00895dcb00e29b46de13d6262e3175e1175

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:58 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56304
x-cache: Hit from cloudfront
x-imgix-id: 89e4693a226359ab17aeac17820e56f28a70134b
content-length: 26919
x-served-by: cache-sjc10050-SJC, cache-hhn4061-HHN
last-modified: Mon, 20 Dec 2021 04:21:47 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: bCZ9kJFBmQ3S2JzEa_ZmBmTB_SmuuSlWJvCVcZqsJUUBP1lzPvKlVA==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634312785179x317173178976996740%2Fvisa-icon.png
d1muf25xaso8hp.cloudfront.net/ 2 KB
3 KB 22ms
21ms Image
image/png 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634312785179x317173178976996740%2Fvisa-icon.png?w=64&h=47&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

d216ee59c4f6548975b4090443e97e3fc1131e8236a2a14988fbb9314d125221

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:58 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56304
x-cache: Hit from cloudfront
x-imgix-id: 4651a08cd80921d89f3ca7e4648503ae5aeefc69
content-length: 2144
x-served-by: cache-sjc10083-SJC, cache-hhn4053-HHN
last-modified: Mon, 20 Dec 2021 04:21:47 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: nh-HMvaxYMmZhwXZ7bYCECP9cqzZXphwMMsODOvdNck2eRVCL8IPrw==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634312878314x256858574790225200%2Fcredito-mastercard-icon.png
d1muf25xaso8hp.cloudfront.net/ 3 KB
3 KB 19ms
18ms Image
image/png 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634312878314x256858574790225200%2Fcredito-mastercard-icon.png?w=64&h=47&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

becbb167a34c407cff337a96545e44e8b1d481ad5d4c3fe40dcb23c3489045c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:58 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56305
x-cache: Hit from cloudfront
x-imgix-id: d41874670cec7469eb6eca4959740908aa7ca35f
content-length: 2574
x-served-by: cache-sjc10024-SJC, cache-fra19166-FRA
last-modified: Mon, 20 Dec 2021 04:21:47 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: pPucn5Pyx7xBn3PXEAECdP450m3NcjJ_eQh7vFDY5BD3A7xFesxq0g==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634312894512x795787421600921100%2Fcredito-elo-icon.png
d1muf25xaso8hp.cloudfront.net/ 1 KB
2 KB 21ms
20ms Image
image/png 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634312894512x795787421600921100%2Fcredito-elo-icon.png?w=64&h=47&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

181b01abd819edb385c0f266cec6fc96ab937a49e7862a9fd30c02babb91408d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:59 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56304
x-cache: Hit from cloudfront
x-imgix-id: b582960551be1dd9bc97395e2c18290a51c5c4d6
content-length: 1434
x-served-by: cache-sjc10070-SJC, cache-hhn4053-HHN
last-modified: Mon, 20 Dec 2021 04:21:47 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: VNH8g9BvQiKdFV7SPHPZE_YzAsNUNhpkRO6apnvrkrGzT8gVIRwcyQ==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634312907084x445501067888180800%2Fcredito-diners-icon.png
d1muf25xaso8hp.cloudfront.net/ 2 KB
2 KB 23ms
21ms Image
image/png 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634312907084x445501067888180800%2Fcredito-diners-icon.png?w=64&h=47&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

1b3245a9880a6d4723fa733e64971a8537779e95f615d3c7e815e7239055138a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:59 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56304
x-cache: Hit from cloudfront
x-imgix-id: 4db5131adc08de18ae95fd4287cfea2cc0999507
content-length: 1736
x-served-by: cache-sjc10078-SJC, cache-hhn4061-HHN
last-modified: Mon, 20 Dec 2021 04:21:47 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: JZviQ2Moo0lD2XPVloaXqQBvRwAu80TrsK2xy0CuSCGHx33j5ZzhVg==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634312920826x375817767674506700%2Fboleto.png
d1muf25xaso8hp.cloudfront.net/ 1015 B
1 KB 18ms
17ms Image
image/png 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634312920826x375817767674506700%2Fboleto.png?w=64&h=47&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

0f8a04d62077e19b997865ce13bd03ea4a9d7f3893a6c449afccfad7560b7e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:59 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56304
x-cache: Hit from cloudfront
x-imgix-id: 9bf31323c2572b2fbbbb89494aa6ae29ee07e7b2
content-length: 1015
x-served-by: cache-sjc10029-SJC, cache-fra19125-FRA
last-modified: Mon, 20 Dec 2021 04:21:47 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: rZdxELC33h6174855YsZCIZ-2M8GIm8Ox-f7HGMXDz6cEfm_LDRzhQ==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634313092526x819626529376441300%2Fpix.png
d1muf25xaso8hp.cloudfront.net/ 2 KB
2 KB 19ms
18ms Image
image/png 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634313092526x819626529376441300%2Fpix.png?w=64&h=47&auto=compress&fit=crop&dpr=1

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

bcdc37aa4f584d833cdc1ba854170b38dd3865e98064f72f34ff4afd34ea43bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 16:12:59 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 56304
x-cache: Hit from cloudfront
x-imgix-id: 2d581473d7f6e1eb67746ff4aed707e8cf9c211b
content-length: 1603
x-served-by: cache-sjc10050-SJC, cache-hhn4061-HHN
last-modified: Mon, 20 Dec 2021 04:21:47 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: KzX_MWZbhRU717BO7ZFb8r3hcgVrsJLz3lsHFcfhd4n1FZD8pvu2Qw==
cross-origin-resource-policy: cross-origin

GET
H2 200 908157796797136 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 49ms
48ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/908157796797136?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5cd22efa308c0e98b1e29f550b266551528729d623a54020e0a8cd132afb7e74

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: pzwpLweus4PVoTiCXuvpyKkmipcUB7SyCuPK1fPqresHTwL4UT2fflcZft1ZYvK/4LwR4IgKxdpz7l5nKcCT9A==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 20 Dec 2021 20:00:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK start Show response
recargahypepagamentos.site/workflow/ 616 B
1 KB 623ms
598ms XHR
application/json 2606:4700:3031::6815:16a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://recargahypepagamentos.site/workflow/start
Requested by: Host: dhtiece9044ep.cloudfront.net
URL: https://dhtiece9044ep.cloudfront.net/package/run_js/8e76f4ac926cdda8b515aa4d03440412172bc85d24bce8e2c37d234fd798d583/xfalse/x15
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:16a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a5aaed725ceb4a78ea8248f8f3bc30d8c58058889f2136e0c9e84da3c5af3112

Request headers

X-Bubble-UTM-Data: {}
X-Bubble-Fiber-ID: 1640030411634x876648485870275000
X-Bubble-PL: 1640030411592x2964
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://recargahypepagamentos.site/diamantesff/
cache-control: no-cache
X-Requested-With: XMLHttpRequest
Referer: https://recargahypepagamentos.site/
X-Bubble-Breaking-Revision: 5

Response headers

Date: Mon, 20 Dec 2021 20:00:12 GMT
Content-Encoding: br
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":327.4,"percents":{"top":{"bubble_cpu":7.1,"block":92.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.2},"sub":{"pp_userdb":4.6,"pp_wait_userdb":0,"http_request":0,"serverjson":18.7,"appserver_cache_misses_time":0,"redis":30,"fiber_queue":0.9,"capacity_wait":0.2}},"counts":{"pp_userdb":6,"http_request":0,"derived_build":0,"derived_cache_attempts":3,"derived_cache_memory_misses":3,"serverjson":18,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":36,"fiber_queue":37,"blocks":36},"misc":{"userdb_results":4,"userdb_data":257,"spent_time":7466806,"derived_build_time_spent":0}}
x-bubble-appname: ff04
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.115 unit-seconds used
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-bubble-request-took: 327
Content-Type: application/json
cache-control: no-cache
CF-RAY: 6c0b7498ecc21456-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 /
www.facebook.com/tr/ 44 B
293 B 22ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=908157796797136&ev=PageView&dl=https%3A%2F%2Frecargahypepagamentos.site%2Fdiamantesff%2F&rl=&if=false&ts=1640030411706&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1640030411705.222977870&it=1640030411615&coo=false&rqm=GET

Requested by

Host: recargahypepagamentos.site
URL: https://recargahypepagamentos.site/diamantesff/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 20:00:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 20 Dec 2021 20:00:11 GMT

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634222770000x453065894196093250%2F1a543781-695e-460a-ae47-4b44b4f73988bab01644-7abb-4f22-958e-cf8507f7e85bfreefirebackgroundjune.jpg
d1muf25xaso8hp.cloudfront.net/ 116 KB
117 KB 11ms
11ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

b1431a7d8cc3a270ba526f226538be20671f7a7cefce7d71e5748f71dda36935

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 19:16:37 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2614
x-cache: Hit from cloudfront
x-imgix-id: e5e2c7462f305615f1b1d264196276a5bcb8fda4
content-length: 119234
x-served-by: cache-sjc10063-SJC, cache-hhn4065-HHN
last-modified: Mon, 20 Dec 2021 19:16:37 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: NRyHUnAor3DfEXMVu8HFIPKPPdMV3bjdY_bzcg8doRoW92nyFG4aKg==
cross-origin-resource-policy: cross-origin

GET
H2 200 https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1634222770000x453065894196093250%2F1a543781-695e-460a-ae47-4b44b4f73988bab01644-7abb-4f22-958e-cf8507f7e85bfreefirebackgroundjune.jpg
d1muf25xaso8hp.cloudfront.net/ 116 KB
117 KB 18ms
18ms Image
image/jpeg 2600:9000:2240:1400:1c:37e5:3f40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2240:1400:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

imgix /

Resource Hash

b1431a7d8cc3a270ba526f226538be20671f7a7cefce7d71e5748f71dda36935

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 19:16:37 GMT
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2614
x-cache: Hit from cloudfront
x-imgix-id: e5e2c7462f305615f1b1d264196276a5bcb8fda4
content-length: 119234
x-served-by: cache-sjc10063-SJC, cache-hhn4065-HHN
last-modified: Mon, 20 Dec 2021 19:16:37 GMT
server: imgix
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: S9GVZmJeERHUVqoJ8sF_snMb6j_5bl1Z2-PnRHcPv9bxsrMhXLRAqQ==
cross-origin-resource-policy: cross-origin

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=908157796797136&ev=Microdata&dl=https%3A%2F%2Frecargahypepagamentos.site%2Fdiamantesff%2F&rl=&if=false&ts=1640030412209&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22B%C3%B4nus%20de%20Diamantes%20para%20Free%20Fire%20%7C%20Hype%20Games%22%2C%22meta%3Adescription%22%3A%22O%20site%20oficial%20para%20comprar%20diamantes%20no%20Free%20Fire.%20Envio%20Digital%20Imediato!%20Compre%20Conosco!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Recarga%20Jogo%20%7C%20Free%20Fire%22%2C%22og%3Asite_name%22%3A%22Recarga%20Jogo%20%7C%20Free%20Fire%22%2C%22og%3Adescription%22%3A%22O%20site%20oficial%20para%20comprar%20diamantes%20no%20Free%20Fire.%20Envio%20Digital%20Imediato!%20Compre%20Conosco!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd1muf25xaso8hp.cloudfront.net%2Fhttps%253A%252F%252Fs3.amazonaws.com%252Fappforest_uf%252Ff1626879770423x469772777224110300%252F392-3928798_logo-point-blank-garena-png-logo-garena-free.png%3Fw%3D%26h%3D%26auto%3Dcompress%26dpr%3D1%26fit%3Dmax%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Frecargahypepagamentos.site%2Fdiamantesff%2F%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1640030411705.222977870&it=1640030411615&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://recargahypepagamentos.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 20:00:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 20 Dec 2021 20:00:12 GMT

POST
H/1.1 200
OK mget Show response
recargahypepagamentos.site/elasticsearch/ 361 B
1 KB 225ms
224ms XHR
application/json 2606:4700:3031::6815:16a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://recargahypepagamentos.site/elasticsearch/mget
Requested by: Host: dhtiece9044ep.cloudfront.net
URL: https://dhtiece9044ep.cloudfront.net/package/run_js/8e76f4ac926cdda8b515aa4d03440412172bc85d24bce8e2c37d234fd798d583/xfalse/x15
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:16a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a201c83a04d306966ffff40e2583ec9864cb660a03d7922ad10488a55516826b

Request headers

X-Bubble-UTM-Data: {}
X-Bubble-Fiber-ID: 1640030412283x189140589263282460
X-Bubble-PL: 1640030411592x2964
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://recargahypepagamentos.site/diamantesff/
cache-control: no-cache
X-Requested-With: XMLHttpRequest
Referer: https://recargahypepagamentos.site/
X-Bubble-Breaking-Revision: 5

Response headers

Date: Mon, 20 Dec 2021 20:00:12 GMT
Content-Encoding: br
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":23.2,"percents":{"top":{"bubble_cpu":21.2,"block":77.3,"capacity_rl":0,"other_pause":0,"pre_fiber":1.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":67.1,"appserver_cache_misses_time":0,"redis":64,"fiber_queue":6.9,"capacity_wait":9.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":5,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":739616,"derived_build_time_spent":0}}
x-bubble-appname: ff04
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.011 unit-seconds used
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-bubble-request-took: 23
Content-Type: application/json
cache-control: no-cache
CF-RAY: 6c0b749ccc7c1456-FRA
x-bubble-capacity-limit: 0 ms slower

POST
H/1.1 200
OK apm Show response
recargahypepagamentos.site/user/ 4 B
1 KB 217ms
217ms XHR
application/json 2606:4700:3031::6815:16a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://recargahypepagamentos.site/user/apm
Requested by: Host: dhtiece9044ep.cloudfront.net
URL: https://dhtiece9044ep.cloudfront.net/package/run_js/8e76f4ac926cdda8b515aa4d03440412172bc85d24bce8e2c37d234fd798d583/xfalse/x15
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:16a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-UTM-Data: {}
X-Bubble-Fiber-ID: 1640030413396x738911735418320800
X-Bubble-PL: 1640030411592x2964
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://recargahypepagamentos.site/diamantesff/
cache-control: no-cache
X-Requested-With: XMLHttpRequest
Referer: https://recargahypepagamentos.site/
X-Bubble-Breaking-Revision: 5

Response headers

Date: Mon, 20 Dec 2021 20:00:13 GMT
Content-Encoding: br
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":6.5,"percents":{"top":{"bubble_cpu":41.9,"block":49.2,"capacity_rl":0,"other_pause":0,"pre_fiber":6.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":4.4,"appserver_cache_misses_time":0,"redis":48.4,"fiber_queue":3.3,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":5,"blocks":4},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":411957,"derived_build_time_spent":0}}
x-bubble-appname: ff04
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.006 unit-seconds used
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-bubble-request-took: 7
Content-Type: application/json
cache-control: no-cache
CF-RAY: 6c0b74a3b8761456-FRA
x-bubble-capacity-limit: 0 ms slower

POST
H/1.1 200
OK frg Show response
recargahypepagamentos.site/ 5 B
1 KB 278ms
278ms XHR
application/json 2606:4700:3031::6815:16a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://recargahypepagamentos.site/frg
Requested by: Host: dhtiece9044ep.cloudfront.net
URL: https://dhtiece9044ep.cloudfront.net/package/run_js/8e76f4ac926cdda8b515aa4d03440412172bc85d24bce8e2c37d234fd798d583/xfalse/x15
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:16a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

X-Bubble-UTM-Data: {}
X-Bubble-Fiber-ID: 1640030414598x850290075264330800
X-Bubble-PL: 1640030411592x2964
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://recargahypepagamentos.site/diamantesff/
cache-control: no-cache
X-Requested-With: XMLHttpRequest
Referer: https://recargahypepagamentos.site/
X-Bubble-Breaking-Revision: 5

Response headers

Date: Mon, 20 Dec 2021 20:00:14 GMT
Content-Encoding: br
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
x-bubble-perf: {"total":63.5,"percents":{"top":{"bubble_cpu":6.3,"block":93.2,"capacity_rl":0,"other_pause":0,"pre_fiber":0.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":14.9,"appserver_cache_misses_time":0,"redis":41.8,"fiber_queue":37.8,"capacity_wait":14}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":603046,"derived_build_time_spent":0}}
x-bubble-appname: ff04
x-powered-by: Express
Transfer-Encoding: chunked
Connection: keep-alive
x-bubble-capacity-used: 0.009 unit-seconds used
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-bubble-request-took: 63
Content-Type: application/json
cache-control: no-cache
CF-RAY: 6c0b74ab4d241456-FRA
x-bubble-capacity-limit: 0 ms slower

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Garena Free Fire (Gaming)

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.recargahypepagamentos.site/	1970-01-19 23:38:09	Name: ff04_live_u2main Value: 1640030410862x502221659905220300
.recargahypepagamentos.site/	1970-01-19 23:38:09	Name: ff04_live_u2main.sig Value: DJKD4zdSW2DzbyWA02Bhhgps7Po
.recargahypepagamentos.site/	1969-12-31 23:59:59	Name: ff04_u1main Value: 1640030410665x630121710497118600
.recargahypepagamentos.site/	1970-01-20 01:43:26	Name: _fbp Value: fb.1.1640030411705.222977870

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
d1muf25xaso8hp.cloudfront.net
dd7tel2830j4w.cloudfront.net
dhtiece9044ep.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
recargahypepagamentos.site
www.facebook.com
2600:9000:223c:8200:11:b70:f800:21
2600:9000:2240:1400:1c:37e5:3f40:21
2600:9000:2250:c200:b:9da4:d440:21
2606:4700:3031::6815:16a2
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
023694a0472dde38c6600bf88e6330765839e53f64f94edb63714aeab3de7e51
0774e7b9d1fa43e93b64b7f444046151d22de754d5e87b551d502463e9aefb3c
0d0a8c8da3c6cea21547b995c746289b66d8c10d2de097b1bafd6e24652836d3
0f8a04d62077e19b997865ce13bd03ea4a9d7f3893a6c449afccfad7560b7e75
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
113cd0665ac57aeb8d405e25f862ad5d31414f6f2a25c57bd20890cd8372ad6d
1243779bbd131116656823b9f1c0e7beae2a0214f2d155a393b9e978b5d6bc7c
181b01abd819edb385c0f266cec6fc96ab937a49e7862a9fd30c02babb91408d
18d21d1f6a5e07823355638f86af7d7ee360e0329a96db6deeee272ef95b8aac
1b3245a9880a6d4723fa733e64971a8537779e95f615d3c7e815e7239055138a
204a2623f844b4000ad75624c468e00895dcb00e29b46de13d6262e3175e1175
28a81c79c69a8ae80362638bd66eac007208aa3471b56bd2354631b4207ba02c
3834f0a520d623453cdb6b03b88331bc0394367eb18809f1037ea18c699ebded
3d4843643bcef216a0145a2fcdd3f7916be5ff0887ec7410690cf634a0d3df03
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
46710f0509008ad4a31212927e35441764b757d672b2ed4f892ee4e2f0804abb
4c52e4274ebdbe29cd5b4983d888c247496b6d3bb55e05d4c0769d1b946d14f8
4ed18175708555c9581bd16fecf1cf13af086461fa6936ad18bc8920c10949dd
560fe6fb67cd13be61f0d7cecfc15b8231d0f953d07d310c2ab92c60fd69ead4
5cc170736cfe8757e00b6fcee7cf821b07327f98414b2fd76c0c0a29fe051dd2
5cd22efa308c0e98b1e29f550b266551528729d623a54020e0a8cd132afb7e74
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
62d5040b4c68f23598726ba32798f9465c6a6cc06d102e7cdc31bc76c0007497
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
75b2ce033a33bf44ed090285093f84d83ea6112ec6600be6cafe6eb11bba71d7
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8925f1e8a34a8944098b7073f62d681d67ee3d3619a04dba9032b2618d6d0f00
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9254d1ced10109d4575851acfb39f3300376ba91a601339fea239e5254b5cc81
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
a201c83a04d306966ffff40e2583ec9864cb660a03d7922ad10488a55516826b
a5aaed725ceb4a78ea8248f8f3bc30d8c58058889f2136e0c9e84da3c5af3112
a77d294c68601de11ee6eeb15b7beed162ba2b70763ef412d0816a8187b4cd5f
aa773a6c9bc50be41bb6ce8e5f8fc0e6ad1b1e409a19c65704cfdcf7ce9f3db0
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b1431a7d8cc3a270ba526f226538be20671f7a7cefce7d71e5748f71dda36935
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bcdc37aa4f584d833cdc1ba854170b38dd3865e98064f72f34ff4afd34ea43bd
becbb167a34c407cff337a96545e44e8b1d481ad5d4c3fe40dcb23c3489045c8
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
c0e2872c56d99d01955376b676c0577360bac6b1768c5be36898be67dd02d26e
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5f8fcc96153880f57cb501646dca91ab644f972b43a851e3b087ce4339e5079
c636cdf8f523ada818ad53ff012d37b57190cc6702fdf0e6a35a502fcd4f625f
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
cd5915e5993cf2d3757a1aa28aff675ffa93444beda44bb7b00831327d2fbb3f
cfc523915a21f695c4dc9e20bc5fbe02ff9b7c351615a541b5c6fef5b9ba2124
d05249466a1b959ca7446607b4ffaad9aefe6aa44e2c654beee346b95988918b
d216ee59c4f6548975b4090443e97e3fc1131e8236a2a14988fbb9314d125221
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d9f9d41edbc0c401d3cd2e2e825839064c5ed6cec3a29a268ef5683c9de57cd9
da2856fb632291c67b446d2c236fd71b6a04d4504d43140d47f1880fcc6c668e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0
f304b69433e7517902995fb75bf41fc62299f59082e2c0090fb9f5f171f5b569
f41bc54bcb1241a706432b6ca646835b27140a2eca0f50595ac4fbdd9eeef0f5
f4db4effcce1bb6762371e635d5ba37a21d95a1daf8bf7373b1f5190adb9cc2e
f7d65ebc52ecc77287bed93dc9d87a0495c9f260862fc13a3c96667fcf939daa
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

recargahypepagamentos.site Open in urlscan Pro 2606:4700:3031::6815:16a2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

100 %IPv6

6 Domains

8 Subdomains

9 IPs

2 Countries

1751 kBTransfer

4021 kBSize

4 Cookies

0 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

recargahypepagamentos.site Open in urlscan Pro
2606:4700:3031::6815:16a2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

1751 kB
Transfer

4021 kB
Size

4
Cookies

64 HTTP transactions
1 data transactions