lp.xpi.com.br Open in urlscan Pro
2a02:26f0:e300::5f64:9218 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lp.xpi.com.br/minicontratos-opere
Submission Tags: google_ads
Submission: On September 08 via api (September 8th 2024, 9:44:09 pm UTC) from BR — Scanned from DE

Summary HTTP 102 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 24 domains to perform 102 HTTP transactions. The main IP is 2a02:26f0:e300::5f64:9218, located in Prague, Czech Republic and belongs to AKAMAI-ASN1, NL. The main domain is lp.xpi.com.br.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 18th 2024. Valid for: a year.

This is the only time lp.xpi.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2a02:26f0:e30... 2a02:26f0:e300::5f64:9218	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2606:4700:440... 2606:4700:4400::ac40:9226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	34.36.17.181 34.36.17.181	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2606:4700:440... 2606:4700:4400::6812:29da	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:96fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
8	151.101.129.175 151.101.129.175	54113 (FASTLY) (FASTLY)
5	95.100.146.25 95.100.146.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.35.58.148 13.35.58.148	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
1	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
6	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.155.246.37 35.155.246.37	16509 (AMAZON-02) (AMAZON-02)
2	172.67.185.227 172.67.185.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.193.175 151.101.193.175	54113 (FASTLY) (FASTLY)
7	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
102	32

7 2a02:26f0:e300::5f64:9218 (Prague, Czech Republic) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

lp.xpi.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::ac40:9226 (United States)

ASN13335 (CLOUDFLARENET, US)

g.fastcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.17.181 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 181.17.36.34.bc.googleusercontent.com

cdn.instapagemetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:4400::6812:29da (United States)

ASN13335 (CLOUDFLARENET, US)

v.fastcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:96fb (United States)

ASN13335 (CLOUDFLARENET, US)

heatmap-events-collector.instapage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.129.175 (San Francisco, United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.100.146.25 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-25.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.58.148 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-148.fra60.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net

9143205.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.155.246.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-246-37.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.185.227 (United States)

ASN13335 (CLOUDFLARENET, US)

ec.instapagemetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.175 (San Francisco, United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	fastcdn.co g.fastcdn.co — Cisco Umbrella Rank: 85407 v.fastcdn.co — Cisco Umbrella Rank: 63934	1 MB
16	kampyle.com nebula-cdn.kampyle.com — Cisco Umbrella Rank: 7396 udc-neb.kampyle.com — Cisco Umbrella Rank: 3965	132 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	703 KB
7	xpi.com.br 1 redirects lp.xpi.com.br	115 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 534	32 KB
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252 td.doubleclick.net — Cisco Umbrella Rank: 481 9143205.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 210	321 B
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	136 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
4	gstatic.com fonts.gstatic.com	55 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 468 region1.analytics.google.com — Cisco Umbrella Rank: 3773	18 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	83 KB
3	instapagemetrics.com cdn.instapagemetrics.com — Cisco Umbrella Rank: 72115 ec.instapagemetrics.com — Cisco Umbrella Rank: 72730	55 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6716	126 B
2	segment.com cdn.segment.com — Cisco Umbrella Rank: 3005	29 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1485	173 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1356	723 B
1	t.co t.co — Cisco Umbrella Rank: 979	623 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
1	instapage.com heatmap-events-collector.instapage.com — Cisco Umbrella Rank: 69236	9 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
0	clarity.ms Failed www.clarity.ms Failed
102	24

	Domain	Requested by
19	v.fastcdn.co	lp.xpi.com.br
9	nebula-cdn.kampyle.com	www.googletagmanager.com nebula-cdn.kampyle.com
7	udc-neb.kampyle.com	nebula-cdn.kampyle.com
7	www.googletagmanager.com	lp.xpi.com.br www.google-analytics.com www.googletagmanager.com
7	g.fastcdn.co	lp.xpi.com.br
7	lp.xpi.com.br	1 redirects lp.xpi.com.br
6	bat.bing.com	lp.xpi.com.br bat.bing.com
5	analytics.tiktok.com	lp.xpi.com.br analytics.tiktok.com
4	www.facebook.com	lp.xpi.com.br
4	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	lp.xpi.com.br connect.facebook.net
2	ec.instapagemetrics.com	cdn.instapagemetrics.com
2	www.google.de	lp.xpi.com.br
2	stats.g.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	cdn.segment.com	lp.xpi.com.br cdn.segment.com
2	www.google-analytics.com	lp.xpi.com.br www.google-analytics.com
1	api.segment.io	cdn.segment.com
1	ad.doubleclick.net	lp.xpi.com.br
1	9143205.fls.doubleclick.net	www.googletagmanager.com
1	td.doubleclick.net	www.googletagmanager.com
1	www.googleadservices.com	lp.xpi.com.br
1	adservice.google.com	1 redirects
1	analytics.twitter.com	lp.xpi.com.br
1	t.co	lp.xpi.com.br
1	static.ads-twitter.com	lp.xpi.com.br
1	heatmap-events-collector.instapage.com	lp.xpi.com.br
1	cdn.jsdelivr.net	lp.xpi.com.br
1	cdn.instapagemetrics.com	lp.xpi.com.br
1	fonts.googleapis.com	lp.xpi.com.br
0	www.clarity.ms Failed	lp.xpi.com.br
102	31

This site contains links to these domains. Also see Links.

Domain
www.xpi.com.br

Subject Issuer	Validity	Valid
xpi.com.br DigiCert TLS RSA SHA256 2020 CA1	`2024-06-18` - `2025-06-20`	a year	crt.sh
fastcdn.co Cloudflare Inc ECC CA-3	`2024-07-15` - `2024-12-31`	6 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
cdn.instapagemetrics.com WR3	`2024-08-12` - `2024-11-10`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
instapage.com WE1	`2024-07-30` - `2024-10-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-18` - `2024-09-16`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
t.co E6	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.kampyle.com SSL.com RSA SSL subCA	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.de WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
instapagemetrics.com WE1	`2024-08-28` - `2024-11-26`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://lp.xpi.com.br/minicontratos-opere
Frame ID: 508B2BD966371D1B89E944A17633586C
Requests: 97 HTTP requests in this frame

Frame: https://lp.xpi.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js
Frame ID: 36816562D7E0F3C8FE1B7A731440D20C
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-6EFVX5924N&gacid=1390201815.1725831844&gtm=45je4940v9181281427za200&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=900997160
Frame ID: 592555D706320958939642EA72F1C1F5
Requests: 1 HTTP requests in this frame

Frame: https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-se0;ord=1390201815.1725831844--20240908;npa=1;auiddc=562670438.1725831844;u1=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere;u3=1390201815.1725831844;ps=1;pcor=465344063;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190498507z878378273za201zb78378273;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101529666;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere
Frame ID: 234D4AA0B3B7FE42E8133D61C24D2D75
Requests: 1 HTTP requests in this frame

Frame: https://nebula-cdn.kampyle.com/us/wu/634815/forms/50195/form1717495852351.html?formId=50195&type=live&isMobile=true&referrer=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere&region=digital-cloud-us-main&displayType=lightbox&isSeparateFormTemplateFromData=true&domainsListRelativePath=..%7C..%7C..%7C..%7C..%7Cus%2Fwu%2F634815%2Fonsite
Frame ID: A6223B8087BA1BFF1CA59D1D0A3843A1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XP Investimentos - Uptrade

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

102
Requests

97 %
HTTPS

44 %
IPv6

24
Domains

31
Subdomains

32
IPs

4
Countries

2466 kB
Transfer

6374 kB
Size

39
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xpi.com.br/custos-operacionais
Title: www.xpi.com.br/custos-operacionais.

Search URL Search Domain Scan URL

URL: https://www.xpi.com.br/custos-operacionais/?_ga=2.93895385.577460845.1720524489-160862123.1716473370&_gac=1.90759528.1719521689.CjwKCAjwm_SzBhAsEiwAXE2Cv86p2HPh9wxC6YJwHQArQwLs5UU6wNZAwl4BIIvkVbMicJYI9xOKdxoC80QQAvD_BwE
Title: clique aqui.

Search URL Search Domain Scan URL

URL: https://www.xpi.com.br/assets/documents/politica-de-privacidade.pdf
Title: visite nossa política de privacidade.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://lp.xpi.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://lp.xpi.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js

Request Chain 47

https://adservice.google.com/pagead/regclk?auid=562670438.1725831844&ref=www.google.com&url=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere&tft=1725831844105&tfd=1441&frm=0&gtm=45be4940v9137012643za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&npa=1&tag_exp=0 HTTP 302
https://www.googleadservices.com/pagead/set_partitioned_cookie/?auid=562670438.1725831844&ref=www.google.com&url=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere&tft=1725831844105&tfd=1441&frm=0&gtm=45be4940v9137012643za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&npa=1&tag_exp=0

102 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request minicontratos-opere Show response
lp.xpi.com.br/ 199 KB
33 KB 980ms
470ms Document
text/html 2a02:26f0:e300::5f64:9218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300::5f64:9218 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

cloudflare /

Resource Hash

91ebc318f157f3215c453023a445e3152f17ba7845a6cf24fbe3b10b242dad74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8c021e1d8e5e83b4-MXP
content-encoding: gzip
content-length: 32452
content-type: text/html; charset=utf-8
date: Sun, 08 Sep 2024 21:44:03 GMT
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-akamai-transformed: 9 31811 0 pmb=mTOE,1

GET
H2 200 utils.b1dbc60ee3a19ce6094c.js Show response
g.fastcdn.co/js/ 58 KB
20 KB 147ms
55ms Script
application/javascript 2606:4700:4400::ac40:9226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/utils.b1dbc60ee3a19ce6094c.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c68d672e21eab4ef878cb09748967f161f2c79859f1a802067ce965cf1e68

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 545964
x-guploader-uploadid: AD-8ljtBmYOep9S3KcvzlNHub0EgGfwTm_kFD_dBStaxROLLjJUujs-w5-pFPQEq1jFhg6p0KxbHCDIKPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 20025
last-modified: Mon, 02 Sep 2024 11:33:43 GMT
server: cloudflare
etag: "22219c581b542b628f6813326412a03a"
vary: Accept-Encoding
x-goog-generation: 1725276823355786
content-type: application/javascript
x-goog-hash: crc32c=KiShUw==, md5=IiGcWBtUK2KPaBMyZBKgOg==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 20025
accept-ranges: bytes
cf-ray: 8c021e1f9e02d2c2-FRA
expires: Mon, 08 Sep 2025 21:44:03 GMT

GET
H2 200 Cradle.30914f633beab2a2559e.js Show response
g.fastcdn.co/js/ 18 KB
5 KB 146ms
55ms Script
application/javascript 2606:4700:4400::ac40:9226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/Cradle.30914f633beab2a2559e.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c96ef65197c2b41c1212e37c88c8dee886d4eb44cdd3a31709c4c74e8f6e1092

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 545964
x-guploader-uploadid: AD-8ljuEpBtmOZTRox9H0pqHJvD0qOgAFXM4yhpYQuZTMUMYeNSQv7ZcWxy8Q8f1OAgqW5ChNao
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 4338
last-modified: Mon, 02 Sep 2024 11:33:41 GMT
server: cloudflare
etag: "c528792ad836c9b1c9c4c9e8e0c3e9f3"
vary: Accept-Encoding
x-goog-generation: 1725276821035561
content-type: application/javascript
x-goog-hash: crc32c=0PTwwA==, md5=xSh5Ktg2ybHJxMno4MPp8w==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4338
accept-ranges: bytes
cf-ray: 8c021e1f9e04d2c2-FRA
expires: Mon, 08 Sep 2025 21:44:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 28 KB
2 KB 134ms
49ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ab8dc2e07d8d388c713d002bbf9f77f758c0eddc7ab0d4caeaff1b6d2602fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Sep 2024 21:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Sep 2024 21:44:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 133ms
40ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 08 Sep 2024 20:40:40 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3803
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 08 Sep 2024 22:40:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 462 KB
132 KB 233ms
144ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0fbfeb1dedb32f10fff2c4c8ce63f823094293a8c2634de9bb342100f28229fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135315
x-xss-protection: 0
last-modified: Sun, 08 Sep 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Sep 2024 21:44:03 GMT

GET
H2 200 it.js Show response
cdn.instapagemetrics.com/t/js/3/ 54 KB
54 KB 131ms
41ms Script
text/javascript 34.36.17.181
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.instapagemetrics.com/t/js/3/it.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.17.181 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 181.17.36.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:27:09 GMT
age: 1014
x-guploader-uploadid: AD-8ljsfCDB1zH8ieqFDZFEEengNqpwJOW_DV1fkmTLE4EOAFVeO4ELTN_E2OhIrdZuljMlhoakSK2zK0Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55266
last-modified: Tue, 13 Jun 2023 11:21:34 GMT
server: UploadServer
etag: "eee931187060719ab17a352de2424e0c"
x-goog-generation: 1686655294888925
x-goog-hash: crc32c=JVvUKA==, md5=7ukxGHBgcZqxejUt4kJODA==
content-type: text/javascript
cache-control: public,max-age=3600
x-goog-stored-content-length: 55266
accept-ranges: bytes

GET
H2 200 sptw.051afd940be1c95d0063.js Show response
g.fastcdn.co/js/ 63 KB
20 KB 58ms
54ms Script
application/javascript 2606:4700:4400::ac40:9226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/sptw.051afd940be1c95d0063.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9c19d88d9366bfa36ffd12f6237c58322e91c1f2e57a896172a05f41318134a

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 545959
x-guploader-uploadid: AD-8ljtdx1Vkye187C3aPcQSkvxjpWt4j8yqQhRkeLuTX6KTwFvUHkyej4WjFXHPrjLwQ0KSNwM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 20505
last-modified: Mon, 02 Sep 2024 11:33:43 GMT
server: cloudflare
etag: "6ef7f49017e8190f22a389f4a0462fae"
vary: Accept-Encoding
x-goog-generation: 1725276823205082
content-type: application/javascript
x-goog-hash: crc32c=ddebnQ==, md5=bvf0kBfoGQ8io4n0oEYvrg==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 20505
accept-ranges: bytes
cf-ray: 8c021e201fc7d2c2-FRA
expires: Mon, 08 Sep 2025 21:44:03 GMT

GET
H2 200 cm.js Show response
g.fastcdn.co/js/ 51 KB
18 KB 62ms
59ms Script
application/javascript 2606:4700:4400::ac40:9226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/cm.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1183351
x-guploader-uploadid: ABPtcPpuBnJVPbAHoRQ8pzqSGloYEKfNNMKSFHSs3Ywslbz6mq-VbtjQvynuDVsYuH75ER_I4E6CNa8MIg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 17906
last-modified: Thu, 30 Jun 2022 02:12:17 GMT
server: cloudflare
etag: "8e466d98fa1f746c74b1b409d20a0cf3"
vary: Accept-Encoding
x-goog-generation: 1656555137097208
content-type: application/javascript
x-goog-hash: crc32c=ZpZBfw==, md5=jkZtmPofdGx0sbQJ0goM8w==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 17906
accept-ranges: bytes
cf-ray: 8c021e201fc8d2c2-FRA
expires: Mon, 08 Sep 2025 21:44:03 GMT

GET
H2 200 slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ 2 KB
1 KB 136ms
48ms Stylesheet
text/css 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11008073
x-jsd-version: 1.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 590
x-served-by: cache-fra-etou8220022-FRA, cache-lga21934-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6kT5SjqsP3AnuL%2BAp1nm4JMx3ec7R7lPiXvE7BosqvGt9kcJxyQmjdPHNHPDkdbnxWNAy%2FsryISKlBx5J0hzcBo8FmqL9JyRxMkguZrmihweYjCokpJk2SHVxn%2BzLnU%2BtTwuvzmkqprH1m5%2F5E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c021e1fcc3ed380-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
93 KB 146ms
57ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11113439646

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1541a7ee5e8c6d6b3bbae570e689db76d4f8cd6ec52cf5bb2259dee1c226aaf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95010
x-xss-protection: 0
last-modified: Sun, 08 Sep 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Sep 2024 21:44:03 GMT

GET
H2 200 65054958-0-Arena-Trader-XP---Po.png
v.fastcdn.co/u/344766a4/ 10 KB
11 KB 149ms
57ms Image
image/webp 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/65054958-0-Arena-Trader-XP---Po.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daf30c7fcc32948d031ec62440dec45b1822068e715387039585b8000102325f

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
cf-cache-status: HIT
age: 804227
cf-polished: origFmt=png, origSize=24211
x-guploader-uploadid: AD-8ljuW1Bxsu6Utrmu_YaAzQkkUWw40xDtYG3HucKnMDNmffX-OH7GOfsZmhaPvAGSY_HYCEszBvBfR-g
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="65054958-0-Arena-Trader-XP---Po.webp"
x-goog-meta-expires: Sat, 30 Aug 2025 04:00:33 GMT
content-length: 10732
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Jul 2024 12:00:33 GMT
server: cloudflare
etag: "f78750a3013c004dd36ce4dc7333ade9"
vary: Accept
x-goog-generation: 1720526433227480
content-type: image/webp
x-goog-hash: crc32c=5WdRyg==, md5=94dQowE8AE3TbOTcczOt6Q==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 24211
accept-ranges: bytes
cf-ray: 8c021e1fc973372c-FRA
expires: Wed, 06 Sep 2034 21:44:03 GMT

GET
H2 200 63997284-0-form-mobile-1.png
v.fastcdn.co/u/344766a4/ 25 KB
25 KB 373ms
282ms Image
image/png 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/63997284-0-form-mobile-1.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25f437bd5c3576d516f6d1712d35c24d6311f76518b3835a9d2bca22fd56094c

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:04 GMT
cf-cache-status: MISS
x-guploader-uploadid: AD-8ljtVD1J0nHXnQRPtbjODf81Jqw4obuFxEbL2y-bJFl-VjnWzO5Mtv8Vke7QxL2DClKRtHNU
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sun, 09 Jun 2024 10:00:17 GMT
content-length: 25701
last-modified: Wed, 19 Apr 2023 18:00:18 GMT
server: cloudflare
etag: "738470d79e51af90b89dd274264d299f"
vary: Accept-Encoding
x-goog-generation: 1681927218065347
content-type: image/png
x-goog-hash: crc32c=9Ljzqw==, md5=c4Rw155Rr5C4ndJ0Jk0pnw==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 25701
accept-ranges: bytes
cf-ray: 8c021e1fc974372c-FRA
expires: Wed, 06 Sep 2034 21:44:04 GMT

GET
H2 200 64894219-0-Animation---17123231.gif
v.fastcdn.co/u/344766a4/ 6 KB
6 KB 107ms
103ms Image
image/webp 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/64894219-0-Animation---17123231.gif
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55cf978172b0066d80a60184111e6bca30ad7e66ecc1ac8041235422ade87db7

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
cf-cache-status: HIT
age: 73805
cf-polished: origFmt=gif, origSize=45557
x-guploader-uploadid: AD-8ljvFjkqGlyP3H-R3CXRcKkCzvBBF0mnlWpF_5hQI_jAepvn8ncRSWbSWpzyNC2VUSaDGS7I
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="64894219-0-Animation---17123231.webp"
x-goog-meta-expires: Tue, 27 May 2025 05:23:35 GMT
content-length: 5686
cf-bgj: imgq:85,h2pri
last-modified: Fri, 05 Apr 2024 13:23:35 GMT
server: cloudflare
etag: "76bd4aea10857830c11727fc6398363a"
vary: Accept
x-goog-generation: 1712323415544805
content-type: image/webp
x-goog-hash: crc32c=D3Iffw==, md5=dr1K6hCFeDDBFyf8Y5g2Og==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 45557
accept-ranges: bytes
cf-ray: 8c021e2019d4372c-FRA
expires: Wed, 06 Sep 2034 21:44:03 GMT

GET
H2 200 63940531-0-BG---Mobile.png
v.fastcdn.co/u/344766a4/ 209 KB
210 KB 358ms
354ms Image
image/png 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/63940531-0-BG---Mobile.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 716026297e5a75024752b195afe5f3f8e90dc7735204dfa7dbd5cb3e80c40f36

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:04 GMT
cf-cache-status: MISS
x-guploader-uploadid: AD-8ljvu5V2xhlM2DW29GUW83P6S8OEfa_G-wlPca2gpXbndCPsoX1lDBiN9xFweSKrX30fk83M
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 01 Jun 2024 13:35:40 GMT
content-length: 214132
last-modified: Tue, 11 Apr 2023 21:35:40 GMT
server: cloudflare
etag: "dc7d29019b57ae08cd21d98eef2f2103"
vary: Accept-Encoding
x-goog-generation: 1681248940698223
content-type: image/png
x-goog-hash: crc32c=XSB7Eg==, md5=3H0pAZtXrgjNIdmO7y8hAw==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 214132
accept-ranges: bytes
cf-ray: 8c021e2019d6372c-FRA
expires: Wed, 06 Sep 2034 21:44:04 GMT

GET
H2 200 64106252-0-Wanderson-Simas---Co.png
v.fastcdn.co/u/344766a4/ 68 KB
69 KB 335ms
331ms Image
image/png 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/64106252-0-Wanderson-Simas---Co.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03b575fd00be77d0cd9dabe59c851144b8244818b7bbcbde72ad70150625ffac

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:04 GMT
cf-cache-status: MISS
x-guploader-uploadid: AD-8ljv7Z9hAiyT2So4ulJd8geSp0QGOTKGRiNoJJdNRuJhAKD-JOjQv_46NCvmOJ_p2nKP5ZSIv_znWWQ
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Tue, 25 Jun 2024 12:21:48 GMT
content-length: 69974
last-modified: Fri, 05 May 2023 20:21:48 GMT
server: cloudflare
etag: "508a8df1d5f4120f8c714d76c3883f6d"
vary: Accept-Encoding
x-goog-generation: 1683318108541257
content-type: image/png
x-goog-hash: crc32c=J16A+A==, md5=UIqN8dX0Eg+McU12w4g/bQ==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 69974
accept-ranges: bytes
cf-ray: 8c021e2019d7372c-FRA
expires: Wed, 06 Sep 2034 21:44:04 GMT

GET
H2 200 63940526-0-Rectangle-4.png
v.fastcdn.co/u/344766a4/ 85 KB
86 KB 64ms
61ms Image
image/webp 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/63940526-0-Rectangle-4.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed0e32e2d68288682e401451476f2bdeb8cca3722ab801a5582facb2323f7916

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
cf-cache-status: HIT
age: 247492
cf-polished: origFmt=png, origSize=133088
x-guploader-uploadid: AD-8ljse19s4Aw6EqMYKq8ByV0tLgoVtKQCbWi0WKWGYdhNp7mOn7t799suQ4oNTXY69uShn7XM
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="63940526-0-Rectangle-4.webp"
x-goog-meta-expires: Sat, 01 Jun 2024 13:34:37 GMT
content-length: 87360
cf-bgj: imgq:85,h2pri
last-modified: Tue, 11 Apr 2023 21:34:37 GMT
server: cloudflare
etag: "1c036901d13fcd26323dfbdde6425cf4"
vary: Accept
x-goog-generation: 1681248877419329
content-type: image/webp
x-goog-hash: crc32c=vN1P1Q==, md5=HANpAdE/zSYyPfvd5kJc9A==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 133088
accept-ranges: bytes
cf-ray: 8c021e2019d9372c-FRA
expires: Wed, 06 Sep 2034 21:44:03 GMT

GET
H2 200 63939839-0-Rectangle-4.png
v.fastcdn.co/u/344766a4/ 195 KB
195 KB 104ms
101ms Image
image/webp 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/63939839-0-Rectangle-4.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d550b3e5039e4eb05f2018a601300548659993889a13db899de0356695923c2e

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
cf-cache-status: HIT
age: 196681
cf-polished: origFmt=png, origSize=283767
x-guploader-uploadid: AD-8ljtLV4hSUEzGl76sKoz8UBqNQYWfenxIjcR1LcbXJ42Gq5qxDjVix2nFR2mun4OsD1HJ-KeaCWzxJQ
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="63939839-0-Rectangle-4.webp"
x-goog-meta-expires: Sat, 01 Jun 2024 11:52:46 GMT
content-length: 199252
cf-bgj: imgq:85,h2pri
last-modified: Tue, 11 Apr 2023 19:52:46 GMT
server: cloudflare
etag: "2515b3063707bc61fed691df4399764d"
vary: Accept
x-goog-generation: 1681242766309719
content-type: image/webp
x-goog-hash: crc32c=rl9xdg==, md5=JRWzBjcHvGH+1pHfQ5l2TQ==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 283767
accept-ranges: bytes
cf-ray: 8c021e2019dc372c-FRA
expires: Wed, 06 Sep 2034 21:44:03 GMT

GET
H2 200 LazyImage.4848cd3a116513e07613.js Show response
g.fastcdn.co/js/ 2 KB
1 KB 55ms
52ms Script
application/javascript 2606:4700:4400::ac40:9226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/LazyImage.4848cd3a116513e07613.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15dc2df620a373ac551ceb8364ba4b2085b95ffc59fac2bbc304af57bf20e55

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 545964
x-guploader-uploadid: AD-8ljv7foZ3u7mXHZeJ0SxGLjS3C8DZKjWdFSlOX9gvF7fmecmuSD0_XjoguEsdF2qWy7Zuh4ZKuJsurg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 1162
last-modified: Mon, 02 Sep 2024 11:33:41 GMT
server: cloudflare
etag: "67ce7db2b9d01eb08e0ee3f7eddd1bbf"
vary: Accept-Encoding
x-goog-generation: 1725276821469171
content-type: application/javascript
x-goog-hash: crc32c=YCOE0Q==, md5=Z859srnQHrCODuP37d0bvw==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1162
accept-ranges: bytes
cf-ray: 8c021e201fcad2c2-FRA
expires: Mon, 08 Sep 2025 21:44:03 GMT

GET
H2 200 Links.3d27ffb2e4b40ac1533a.js Show response
g.fastcdn.co/js/ 379 B
507 B 56ms
52ms Script
application/javascript 2606:4700:4400::ac40:9226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/Links.3d27ffb2e4b40ac1533a.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e065b142374be24bcdfff600deccc28f6af18f5401cc224342fbe8fca3de357

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 545959
x-guploader-uploadid: AD-8ljuoc74m_Qkrm0YInSVIY1jX-vV9-PHOTOEy-GmN4tWTDWuV4D54SaXt5FLdinV4pmruGA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 285
last-modified: Mon, 02 Sep 2024 11:33:41 GMT
server: cloudflare
etag: "813cfa21f919254e225528873cd4250c"
vary: Accept-Encoding
x-goog-generation: 1725276821877014
content-type: application/javascript
x-goog-hash: crc32c=WSORaQ==, md5=gTz6IfkZJU4iVSiHPNQlDA==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 285
accept-ranges: bytes
cf-ray: 8c021e201fc4d2c2-FRA
expires: Mon, 08 Sep 2025 21:44:03 GMT

GET
H2 200 Form.6a1b4829eefb1f15f146.js Show response
g.fastcdn.co/js/ 94 KB
23 KB 59ms
55ms Script
application/javascript 2606:4700:4400::ac40:9226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.fastcdn.co/js/Form.6a1b4829eefb1f15f146.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20839cfb26f6cf325666113e0bb3847c01386e90416152b64df6a0b40be2bcfa

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 545964
x-guploader-uploadid: AD-8ljs7rKsXXmwJdZaxkaaNKjERCUEesWslLljxMYDBIyPKXWzWUVsvB6BJrafG5hjiVdv-jA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 23327
last-modified: Mon, 02 Sep 2024 11:33:41 GMT
server: cloudflare
etag: "5bec53266caf35fc46468d4e9a1a34e1"
vary: Accept-Encoding
x-goog-generation: 1725276821330967
content-type: application/javascript
x-goog-hash: crc32c=eKZyBQ==, md5=W+xTJmyvNfxGRo1Omho04Q==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 23327
accept-ranges: bytes
cf-ray: 8c021e201fc6d2c2-FRA
expires: Mon, 08 Sep 2025 21:44:03 GMT

GET
H2 200 lib.js Show response
heatmap-events-collector.instapage.com/static/ 24 KB
9 KB 154ms
60ms Script
application/javascript 2606:4700:4400::ac40:96fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heatmap-events-collector.instapage.com/static/lib.js

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:96fb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe6faaa9000001abfaa88dcdb7e1e06e4c656d596928b59793271eb01852558

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: HIT
age: 137
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 05 Sep 2024 10:00:27 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, must-revalidate, public
access-control-allow-credentials: true
cf-ray: 8c021e20ac8c35eb-FRA
expires: Sun, 08 Sep 2024 21:46:46 GMT

GET
H2 200 NGo9V2w Show response
lp.xpi.com.br/BGunTazBpz6SlmivDQ/mOz5zbzJbp0N9Nc9/GjcXUEtfBg/QnoB/ 206 KB
74 KB 141ms
137ms Script
application/javascript 2a02:26f0:e300::5f64:9218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.xpi.com.br/BGunTazBpz6SlmivDQ/mOz5zbzJbp0N9Nc9/GjcXUEtfBg/QnoB/NGo9V2w
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:9218 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fd46f024f5c6207e9a8e46fc4d41a7c0255f06719a831f41bf65ffc492ee829b

Request headers

Referer: https://lp.xpi.com.br/minicontratos-opere
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
content-encoding: br
last-modified: Mon, 29 Apr 2024 18:42:30 GMT
mpulse_cdn_cache: HIT
etag: "91f2cac15a952eb742c2ae5e53127a3e51a00ba65ce3047b9d080c220f0b9fad"
stored-attribute-sha-checksum: fd46f024f5c6207e9a8e46fc4d41a7c0255f06719a831f41bf65ffc492ee829b
content-type: application/javascript
cache-control: max-age=21600, max-age=21600
mpulse_origin_time: 0
content-length: 75317

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 83ms
40ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 08 Sep 2024 21:44:03 GMT
document-policy: force-load-at-top
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58953
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4282, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: fi+mJr9yAjQt3kT6sHO6cIQNRDjkfqVdaKl2MJLEVG73wIen6kTi2Y6QCKXvNoGVD2wcl21rhABMgJ4i9KZl6Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 121ms
38ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220149-FRA

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486

Request headers

Referer
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

Content-Type: image/png

GET
H2 200 63938573-0-BG---Header.png
v.fastcdn.co/u/344766a4/ 117 KB
117 KB 526ms
525ms Image
image/png 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/63938573-0-BG---Header.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6598be857b7d6712cf585ee8fa5d82abdb3624e7763d84895628709132afc187

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:04 GMT
cf-cache-status: MISS
x-guploader-uploadid: AD-8ljsZUGQZRBJe7dohHSA7Ti3Bx3M6MpHKp-3H0BJ6TpBTtidnFVbFDqUNYms-j9Xo0mKPh0k
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 01 Jun 2024 09:38:59 GMT
content-length: 119529
last-modified: Tue, 11 Apr 2023 17:38:59 GMT
server: cloudflare
etag: "cab166973dcb5707905fc75199b4ca20"
vary: Accept-Encoding
x-goog-generation: 1681234739194383
content-type: image/png
x-goog-hash: crc32c=0Ha3ag==, md5=yrFmlz3LVweQX8dRmbTKIA==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 119529
accept-ranges: bytes
cf-ray: 8c021e2029dd372c-FRA
expires: Wed, 06 Sep 2034 21:44:04 GMT

GET
H2 200 63996916-0-hero.png
v.fastcdn.co/u/344766a4/ 212 KB
212 KB 716ms
715ms Image
image/png 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/63996916-0-hero.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5b0b1afcf5ac2589cc4197cd315ad81f70545868cffdb37e56c71518e2ad1df

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:04 GMT
cf-cache-status: MISS
x-guploader-uploadid: AD-8lju0CyKag32LpLT-55IrjP7D85t1LCroKKGm7y8q0r_qwpa3eQC9oeJ4a6aUmzK8v8o9IjQ
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sun, 09 Jun 2024 08:57:49 GMT
content-length: 216971
last-modified: Wed, 19 Apr 2023 16:57:49 GMT
server: cloudflare
etag: "15b0926ef65590226f73d6dccff0bceb"
vary: Accept-Encoding
x-goog-generation: 1681923469449843
content-type: image/png
x-goog-hash: crc32c=n88IMA==, md5=FbCSbvZVkCJvc9bcz/C86w==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 216971
accept-ranges: bytes
cf-ray: 8c021e2029df372c-FRA
expires: Wed, 06 Sep 2034 21:44:04 GMT

GET
H2 200 65054967-0-check-verde.png
v.fastcdn.co/u/344766a4/ 3 KB
3 KB 387ms
386ms Image
image/png 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/65054967-0-check-verde.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 039f76674b8d6d6d2c992da325570b36ab52ba990b2af1338a6dcc8a98ffc403

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:04 GMT
cf-cache-status: MISS
x-guploader-uploadid: AD-8ljth0xvPdpDyyAphZszLVNrMw2QT-RvTGRjh6ZSZB0Nj4vS0BsOSDEdcJ2LEsCCk2zFvDsg6i0Dx2w
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 30 Aug 2025 04:03:47 GMT
content-length: 2610
last-modified: Tue, 09 Jul 2024 12:03:47 GMT
server: cloudflare
etag: "62dfb1bd5d72a6866e985e52dc4ad330"
vary: Accept-Encoding
x-goog-generation: 1720526627265905
content-type: image/png
x-goog-hash: crc32c=r/5IHQ==, md5=Yt+xvV1ypoZumF5S3ErTMA==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 2610
accept-ranges: bytes
cf-ray: 8c021e2029e1372c-FRA
expires: Wed, 06 Sep 2034 21:44:04 GMT

GET
H2 200 65054968-0-Plataforma-GRATIS.png
v.fastcdn.co/u/344766a4/ 41 KB
41 KB 520ms
520ms Image
image/png 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/65054968-0-Plataforma-GRATIS.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6de079b319e31eb3e94762d2c05223c55f7a82c440ab70edbee4f03a58d0972

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:04 GMT
cf-cache-status: MISS
x-guploader-uploadid: AD-8ljvbUOJR7c1gh9yppuwFbz5jIHQcZBCg3KR0YIm831NMH4xzjqW0L_AiDFU-3dT6_oIxD73DOX7OOw
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 30 Aug 2025 04:03:48 GMT
content-length: 41686
last-modified: Tue, 09 Jul 2024 12:03:49 GMT
server: cloudflare
etag: "80261a324e1db9531fe9d7db7eecd6b9"
vary: Accept-Encoding
x-goog-generation: 1720526629010788
content-type: image/png
x-goog-hash: crc32c=bUZEwA==, md5=gCYaMk4duVMf6dfbfuzWuQ==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 41686
accept-ranges: bytes
cf-ray: 8c021e2029e2372c-FRA
expires: Wed, 06 Sep 2034 21:44:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 143ms
51ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.xpi.com.br
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sat, 07 Sep 2024 17:02:14 GMT
x-content-type-options: nosniff
age: 103309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13388
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Sep 2025 17:02:14 GMT

GET
H2 200 54230351-0-bg-footer.png
v.fastcdn.co/u/344766a4/ 50 B
377 B 137ms
137ms Image
image/webp 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/54230351-0-bg-footer.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45a81b25e39e421b082118205814b8ae0e32f6104007e3fe90c114d9bcdd6fdb

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
cf-cache-status: HIT
age: 5148934
cf-polished: origFmt=png, origSize=4030
x-guploader-uploadid: ACJd0Nr0mlopSiPyllT1kIRy8SuSAcDlcys5e5kSRqniIPGliscbUV06pdGIhDBMmAphVe8BUuo
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="54230351-0-bg-footer.webp"
x-goog-meta-expires: Mon, 03 Jan 2022 14:57:26 GMT
content-length: 50
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Nov 2020 22:57:26 GMT
server: cloudflare
etag: "441837671b311745ad26b2a4025ce4db"
vary: Accept
x-goog-generation: 1605221846386784
content-type: image/webp
x-goog-hash: crc32c=WvqTaw==, md5=RBg3ZxsxF0WtJrKkAlzk2w==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 4030
accept-ranges: bytes
cf-ray: 8c021e205a29372c-FRA
expires: Wed, 06 Sep 2034 21:44:03 GMT

GET
H2 200 61607059-0-56323267-0-footer-1.png
v.fastcdn.co/u/344766a4/ 1 KB
2 KB 103ms
101ms Image
image/webp 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/61607059-0-56323267-0-footer-1.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23313c64acdc39327008f8fe88c53d004220388f360d30fe7c19f07bc805239d

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
cf-cache-status: HIT
age: 2269493
cf-polished: origFmt=png, origSize=1627
x-guploader-uploadid: AHxI1nOJKXiTlXeuEH2xT9cSD3ToXHwTix7Jq1DPvO05MZbVT1hWbtWJOW2QBnfW3C0VFMwmA2Vv0MWznA
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="61607059-0-56323267-0-footer-1.webp"
x-goog-meta-expires: Sun, 25 Jun 2023 06:04:11 GMT
content-length: 1348
cf-bgj: imgq:85,h2pri
last-modified: Wed, 04 May 2022 14:04:11 GMT
server: cloudflare
etag: "033ec4af3bf3ad2afef94bd5d114c55d"
vary: Accept
x-goog-generation: 1651673051366999
content-type: image/webp
x-goog-hash: crc32c=yg0rtg==, md5=Az7ErzvzrSr++UvV0RTFXQ==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 1627
accept-ranges: bytes
cf-ray: 8c021e205a2a372c-FRA
expires: Wed, 06 Sep 2034 21:44:03 GMT

GET
H2 200 61607064-0-56323272-0-footer-4.png
v.fastcdn.co/u/344766a4/ 2 KB
2 KB 105ms
103ms Image
image/webp 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/61607064-0-56323272-0-footer-4.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df2744b702055675d238d7f172395d04b74d1bbf4ad3617bcdb1fb3650a0ab15

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
cf-cache-status: HIT
age: 217104
cf-polished: origFmt=png, origSize=1798
x-guploader-uploadid: AD-8ljsSiOQWP7JxhatcbZr37mhTzZR2dOSU2nu-MsFi9fvs6o755pjmwsAqFWd9ifiWKEM7Juw
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="61607064-0-56323272-0-footer-4.webp"
x-goog-meta-expires: Sun, 25 Jun 2023 06:04:11 GMT
content-length: 1544
cf-bgj: imgq:85,h2pri
last-modified: Wed, 04 May 2022 14:04:11 GMT
server: cloudflare
etag: "3c5f8ecf9812b3bf76ec8b01953c55b9"
vary: Accept
x-goog-generation: 1651673051373409
content-type: image/webp
x-goog-hash: crc32c=A/4RjA==, md5=PF+Oz5gSs7927IsBlTxVuQ==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 1798
accept-ranges: bytes
cf-ray: 8c021e205a2b372c-FRA
expires: Wed, 06 Sep 2034 21:44:03 GMT

GET
H2 200 61607066-0-56323277-0-footer-7.png
v.fastcdn.co/u/344766a4/ 1 KB
1 KB 102ms
100ms Image
image/webp 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/61607066-0-56323277-0-footer-7.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e22be314614f01409c8b320e825c02494115854a16dd3e423002553c12fbe4d

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
cf-cache-status: HIT
age: 3987664
cf-polished: origFmt=png, origSize=1256
x-guploader-uploadid: AHxI1nPMrOB6g6ZUaW2ykDxbUy_y9WvabVdYjED9QRa04GI1VIYPAL4J8Gnb2zxBeonpQbiu5dE
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="61607066-0-56323277-0-footer-7.webp"
x-goog-meta-expires: Sun, 25 Jun 2023 06:04:11 GMT
content-length: 1024
cf-bgj: imgq:85,h2pri
last-modified: Wed, 04 May 2022 14:04:11 GMT
server: cloudflare
etag: "6ab581ab93998f4fb775c625732817d5"
vary: Accept
x-goog-generation: 1651673051366963
content-type: image/webp
x-goog-hash: crc32c=EUdvbQ==, md5=arWBq5OZj0+3dcYlcygX1Q==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 1256
accept-ranges: bytes
cf-ray: 8c021e205a2d372c-FRA
expires: Wed, 06 Sep 2034 21:44:03 GMT

GET
H2 200 61607067-0-56323282-0-footer-6.png
v.fastcdn.co/u/344766a4/ 2 KB
2 KB 104ms
102ms Image
image/webp 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/61607067-0-56323282-0-footer-6.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b72095339aadf8ac51e39aeb5188ee7c76ff5fff37df1d4f01c330bd18a16f9

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
cf-cache-status: HIT
age: 269504
cf-polished: origFmt=png, origSize=2033
x-guploader-uploadid: AD-8ljudcEASHeIi2DcSyV_Yb0yht0gyq1B4wa6pwa-8ink_fbDWLH9ODCEq2wtcRQEWZay-FVM
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="61607067-0-56323282-0-footer-6.webp"
x-goog-meta-expires: Sun, 25 Jun 2023 06:04:11 GMT
content-length: 1752
cf-bgj: imgq:85,h2pri
last-modified: Wed, 04 May 2022 14:04:11 GMT
server: cloudflare
etag: "1610f02de49ce8c2dd89d3a47ad6cf83"
vary: Accept
x-goog-generation: 1651673051461487
content-type: image/webp
x-goog-hash: crc32c=m4h8wg==, md5=FhDwLeSc6MLdidOketbPgw==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 2033
accept-ranges: bytes
cf-ray: 8c021e205a2e372c-FRA
expires: Wed, 06 Sep 2034 21:44:03 GMT

GET
H2 200 61607076-0-56323292-0-footer-2.png
v.fastcdn.co/u/344766a4/ 1 KB
2 KB 100ms
98ms Image
image/webp 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/61607076-0-56323292-0-footer-2.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 836f33a247878b76cba7ee408437eb46006b5a1b6b0a4879287913031e6c07ec

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
cf-cache-status: HIT
age: 5018880
cf-polished: origFmt=png, origSize=1636
x-guploader-uploadid: ACJd0NrMs2OzTrw3oEBd3yR6eTTDSXNa77f3JE0D-eEt18vtPZx5bVt-rLNxWrNymh1ZIFIicGY
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="61607076-0-56323292-0-footer-2.webp"
x-goog-meta-expires: Sun, 25 Jun 2023 06:04:11 GMT
content-length: 1378
cf-bgj: imgq:85,h2pri
last-modified: Wed, 04 May 2022 14:04:11 GMT
server: cloudflare
etag: "3c6eb7a7d9c40d051ab1a7481382cc00"
vary: Accept
x-goog-generation: 1651673051421800
content-type: image/webp
x-goog-hash: crc32c=bMh23g==, md5=PG63p9nEDQUasadIE4LMAA==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 1636
accept-ranges: bytes
cf-ray: 8c021e205a2f372c-FRA
expires: Wed, 06 Sep 2034 21:44:03 GMT

GET
H2 200 61607081-0-56323297-0-footer-5.png
v.fastcdn.co/u/344766a4/ 780 B
1 KB 101ms
99ms Image
image/webp 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/344766a4/61607081-0-56323297-0-footer-5.png
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af4e90300b10a0989dd4b0a0ba9b2e6d9a0fa35d04476f25c92f44a410fffffe

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:03 GMT
cf-cache-status: HIT
age: 4970666
cf-polished: origFmt=png, origSize=950
x-guploader-uploadid: ACJd0Nq_9gxgyCESPb7Df4knvFe4CuTadoYUD__VSrECcrsLtNcDRm5u8_fOCaxXBxZXMMc0O7E
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="61607081-0-56323297-0-footer-5.webp"
x-goog-meta-expires: Sun, 25 Jun 2023 06:04:11 GMT
content-length: 780
cf-bgj: imgq:85,h2pri
last-modified: Wed, 04 May 2022 14:04:11 GMT
server: cloudflare
etag: "a4e9efe9f0afd3359a24cbb2c36666dd"
vary: Accept
x-goog-generation: 1651673051547054
content-type: image/webp
x-goog-hash: crc32c=Gvq0NQ==, md5=pOnv6fCv0zWaJMuyw2Zm3Q==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 950
accept-ranges: bytes
cf-ray: 8c021e205a30372c-FRA
expires: Wed, 06 Sep 2034 21:44:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 173ms
81ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.xpi.com.br
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sat, 07 Sep 2024 17:11:23 GMT
x-content-type-options: nosniff
age: 102760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13408
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Sep 2025 17:11:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 185ms
93ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a70c2bc728eb261ac55c2ff878249947bcd3a9d8827d94e63fbdd8fe67156986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.xpi.com.br
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sat, 07 Sep 2024 18:06:00 GMT
x-content-type-options: nosniff
age: 99483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13528
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Sep 2025 18:06:00 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v32/ 15 KB
15 KB 131ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cced09b0fd8718262ff270eb5abd55b60b5ba5459692321c6be96c460c1c14e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lp.xpi.com.br
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sat, 07 Sep 2024 07:04:03 GMT
x-content-type-options: nosniff
age: 139200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15036
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Sep 2025 07:04:03 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
623 B 229ms
165ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=05f15999-e4ae-4fa9-8cdd-8477293ec0d7&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d1d40b32-9d30-468b-96be-74581f76bd7d&tw_document_href=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere&tw_iframe_status=0&txn_id=ofsmz&type=javascript&version=2.3.30

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-response-time: 108
date: Sun, 08 Sep 2024 21:44:04 GMT
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif;charset=utf-8
x-transaction-id: 9ce1acce414deaa6
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 4258c8e60fe4e5bc4be58c92a2e28ef06f4808e851113888ff72e27cde30538d
cf-ray: 8c021e214dfc453a-TXL
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
723 B 236ms
155ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=05f15999-e4ae-4fa9-8cdd-8477293ec0d7&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d1d40b32-9d30-468b-96be-74581f76bd7d&tw_document_href=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere&tw_iframe_status=0&txn_id=ofsmz&type=javascript&version=2.3.30

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-response-time: 115
date: Sun, 08 Sep 2024 21:44:03 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: b9a8022716256a6f
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 66cf944e0ec46e62edfd32a3c4eb39b2998e159a0308633e53f9b1ba3471144e
content-length: 43

GET
H3 200 1242954859141196 Show response
connect.facebook.net/signals/config/ 97 KB
20 KB 171ms
171ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1242954859141196?v=2.9.167&r=stable&domain=lp.xpi.com.br&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

1ba8d186eaf517e8c1167da81dc1c071b1512d8a8a55336fa8bde4cb7807dbbd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 08 Sep 2024 21:44:04 GMT
document-policy: force-load-at-top
x-fb-server-load: 13
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=74, mss=1232, tbw=66984, tp=63, tpl=0, uplat=131, ullat=0
pragma: public
x-fb-debug: tPX0eVuzP9n0FNVh5VJWzZhCa2235LmBhfO3Rao7VGKfKyuVYNA+KdOkOovX1b96efDhUvGmYlW5E4EFMCUHEg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
220 B 47ms
47ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1550380634&t=pageview&_s=1&dl=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere&dr=https%3A%2F%2Fwww.google.com%2F&ul=de-de&de=UTF-8&dt=XP%20Investimentos%20-%20Uptrade&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=421094609&gjid=1279277586&cid=1390201815.1725831844&tid=UA-5145909-16&_gid=600398524.1725831844&_r=1&_slc=1&cd95=A&z=1552066567

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

72e3f23b5f5b2b0b0b4fed8bca794625de2c78d3e40ab5c037785156c65a68ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Sep 2024 21:44:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.xpi.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 201 NGo9V2w Show response
lp.xpi.com.br/BGunTazBpz6SlmivDQ/mOz5zbzJbp0N9Nc9/GjcXUEtfBg/QnoB/ 18 B
679 B 553ms
552ms XHR
application/json 2a02:26f0:e300::5f64:9218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.xpi.com.br/BGunTazBpz6SlmivDQ/mOz5zbzJbp0N9Nc9/GjcXUEtfBg/QnoB/NGo9V2w
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/BGunTazBpz6SlmivDQ/mOz5zbzJbp0N9Nc9/GjcXUEtfBg/QnoB/NGo9V2w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:9218 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer: https://lp.xpi.com.br/minicontratos-opere
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 08 Sep 2024 21:44:04 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://lp.xpi.com.br
access-control-allow-credentials: true
x_req_id: 95d29e59-a8f6-4b2f-8f64-67e6c0df5e91
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
94 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6EFVX5924N&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a91cf6baeae173f2e775870281900894abb6eaabe9b412688acf5bf19743dffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 08 Sep 2024 21:44:04 GMT

GET
H2

200

main.js Show response
lp.xpi.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/ Frame 3681
Redirect Chain

https://lp.xpi.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://lp.xpi.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js?

8 KB
4 KB

118ms
117ms

Script
application/javascript

2a02:26f0:e300::5f64:9218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.xpi.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js?

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Server

2a02:26f0:e300::5f64:9218 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

cloudflare /

Resource Hash

eacaab04cd490c7342c6ec0c996e345d62ff3be79e638084420a7592b5051cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 08 Sep 2024 21:44:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8c021e234ef183b4-MXP
content-length: 3679

Redirect headers

strict-transport-security: max-age=15552000
date: Sun, 08 Sep 2024 21:44:04 GMT
server: cloudflare
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a5b175b00260/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8c021e220d2183b4-MXP
content-length: 0

GET
H3

200

/
www.googleadservices.com/pagead/set_partitioned_cookie/
Redirect Chain

https://adservice.google.com/pagead/regclk?auid=562670438.1725831844&ref=www.google.com&url=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere&tft=1725831844105&tfd=1441&frm=0&gtm=45be4940v913701264...
https://www.googleadservices.com/pagead/set_partitioned_cookie/?auid=562670438.1725831844&ref=www.google.com&url=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere&tft=1725831844105&tfd=1441&frm=0&g...

0
0

112ms
50ms

Ping
text/html

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googleadservices.com/pagead/set_partitioned_cookie/?auid=562670438.1725831844&ref=www.google.com&url=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere&tft=1725831844105&tfd=1441&frm=0&gtm=45be4940v9137012643za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&npa=1&tag_exp=0
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H3
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

Redirect headers

date: Sun, 08 Sep 2024 21:44:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/set_partitioned_cookie/?auid=562670438.1725831844&ref=www.google.com&url=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere&tft=1725831844105&tfd=1441&frm=0&gtm=45be4940v9137012643za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&npa=1&tag_exp=0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 296 KB
100 KB 74ms
74ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HM1230DXLC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

191ee2eb3bffb0f8eb8569e44375cd61e8a54247e3015c5cd7d3198b0f0b59bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101868
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 08 Sep 2024 21:44:04 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 215 KB
77 KB 53ms
53ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-9143205&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e316c80c690869a313a3b3fa8ae4ed76cc522407022c4d2ee84f0f584f4e0203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78951
x-xss-protection: 0
last-modified: Sun, 08 Sep 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Sep 2024 21:44:04 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 330 KB
109 KB 97ms
97ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8DZM87&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

42f3cf14726b851c09368d72835860721786b2de7633048f8df1a448c815a2a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111801
x-xss-protection: 0
last-modified: Sun, 08 Sep 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Sep 2024 21:44:04 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 281 KB
98 KB 83ms
82ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5K7SCJ3&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

df84aa935d24cc88188a22657c7c82cbfe94d30a1bc796946e1650d983238e97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99822
x-xss-protection: 0
last-modified: Sun, 08 Sep 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Sep 2024 21:44:04 GMT

GET
H2 200 embed.js Show response
nebula-cdn.kampyle.com/wu/634815/onsite/ 1 KB
968 B 134ms
40ms Script
application/javascript 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/wu/634815/onsite/embed.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZZVKVD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

98f56cd6c919bed137147071003a7f3e15b7e0cdc02a81b5f9922de22e7ed08a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-amz-version-id: moAr_tlWGTzcDgc3MhPJreyLtmzNBjQX
content-encoding: gzip
via: 1.1 varnish
date: Sun, 08 Sep 2024 21:44:04 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: X6SAF6NNECNWDMZ6
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 518
x-amz-id-2: Tkp1MIr4yCfQOA0uhTYXSxj84vkMRMv2teIJ22eOtRlPn4hPS70Gn1AfznrJlj65w+UiGVY0B/A=
x-served-by: cache-fra-etou8220055-FRA
last-modified: Fri, 06 Sep 2024 19:32:36 GMT
server: AmazonS3
x-timer: S1725831844.335564,VS0,VE1
etag: "348f7c04edbacdd89397ac41076b1ba3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET 4ldwp954ta
www.clarity.ms/tag/ 0
0

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 292ms
170ms Script
application/javascript 95.100.146.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3ETJDEPKKNB3CA80KI0&lib=ttq
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.25 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b828a03c7f7e0b7f1dcd09786a7262fdc14426a35ec00be711007de4560982af

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-akamai-request-id: 558061aa
date: Sun, 08 Sep 2024 21:44:04 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2409082144046B060F4085E53717B64F-1B21BFD9ECBCDABF-00
x-cache: TCP_MISS from a95-100-146-22.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=3, origin; dur=113
content-length: 1665
pragma: no-cache
server: nginx
x-tt-logid: 202409082144046B060F4085E53717B64F
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 113,95.100.146.22
x-tt-trace-host: 01639f7585c8da67fb75f51bc357546b67737cf8e53112d760b4a182e88c79d3ac5b3ad53a8e238b2b921390beae30dc482f018f579702cafef72f7c244f28a2ecb69790b1beb622f72fab63696540d3d0f916e8a5f29e2003adfac0a7525fb874
expires: Sun, 08 Sep 2024 21:44:04 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/ 103 KB
28 KB 148ms
48ms Script
text/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/analytics.min.js
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc8180fca7cedc8ded0665a0e0391db4333d62db5fdf5b432742517dd588c848

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-amz-version-id: 41_KwSYCQkI8wmWuh9NoBveMM1Q62QHB
content-encoding: br
via: 1.1 503c2bd0b7e26f747c58a5188346ef54.cloudfront.net (CloudFront)
date: Sun, 08 Sep 2024 21:44:04 GMT
x-amz-cf-pop: FRA60-P10
age: 60
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 30 Jul 2024 20:11:12 GMT
server: AmazonS3
etag: W/"9b7f0723912384920853bc1da3eee662"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: qFLw0JQUIDqjdSlyax4NwIgSWLmCG6TcbX6P5r2Jp9u-yavL0z2s5Q==

GET
H3 200 197031193428591 Show response
connect.facebook.net/signals/config/ 31 KB
5 KB 100ms
99ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/197031193428591?v=2.9.167&r=stable&domain=lp.xpi.com.br&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C130%2C159%2C191%2C193%2C119%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C192%2C123%2C124%2C142%2C169%2C155%2C115%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

fd6c5572307f4c8eee419ad21a71e4f712b867f48beeaa492076ac350df77b66

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 08 Sep 2024 21:44:04 GMT
document-policy: force-load-at-top
x-fb-server-load: 17
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=91, mss=1232, tbw=88072, tp=83, tpl=0, uplat=60, ullat=0
pragma: public
x-fb-debug: fEHGJOWmuhsZnW1EYQqqBWOFXCbQwTGOmfyGPMNizsxztPdrI7ffCZ8uAXrv9VjOpzVWfsf37ygJo7+o5EE0tw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 139ms
47ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6EFVX5924N&gtm=45je4940v9181281427za200&_p=1725831843661&_gaz=1&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=1390201815.1725831844&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere&dr=https%3A%2F%2Fwww.google.com%2F&dt=XP%20Investimentos%20-%20Uptrade&sid=1725831844&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_95=A&tfd=1611
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6EFVX5924N&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Sun, 08 Sep 2024 21:44:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.xpi.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 152ms
49ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6EFVX5924N&cid=1390201815.1725831844&gtm=45je4940v9181281427za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6EFVX5924N&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Sun, 08 Sep 2024 21:44:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.xpi.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 5925 0
0 141ms
51ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-6EFVX5924N&gacid=1390201815.1725831844&gtm=45je4940v9181281427za200&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=900997160

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6EFVX5924N&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Sep 2024 21:44:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 100ms
51ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6EFVX5924N&cid=1390201815.1725831844&gtm=45je4940v9181281427za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=313007203

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Sun, 08 Sep 2024 21:44:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 125ms
40ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1242954859141196&ev=PageView&dl=https%3A%2F%2Flp.xpi.com.br&rl=https%3A%2F%2Fwww.google.com&if=false&ts=1725831844299&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4124&fbp=fb.2.1725831844240.796663560444274804&cs_est=true&pm=1&hrl=7787a1&ler=other&cdl=API_unavailable&it=1725831843980&coo=false&cs_cc=1&cs_cc=1&cas=8149077778506069%2C26989770403943423%2C8435359449828107%2C8171944286185418%2C7818847454889704%2C7346420332130088%2C8022372684449050%2C25229555303356404%2C7464292540313842%2C7757173284349029%2C25666356486282944%2C5298879466860149%2C5051931368266116%2C8668263146532501%2C7830399253645391%2C4149245718457471%2C4348440028556093%2C5822047104532874%2C4334930196570526%2C3382679708442430%2C3768181923205910%2C3053942717959222&cas=8149077778506069%2C26989770403943423%2C8435359449828107%2C8171944286185418%2C7818847454889704%2C7346420332130088%2C8022372684449050%2C25229555303356404%2C7464292540313842%2C7757173284349029%2C25666356486282944%2C5298879466860149%2C5051931368266116%2C8668263146532501%2C7830399253645391%2C4149245718457471%2C4348440028556093%2C5822047104532874%2C4334930196570526%2C3382679708442430%2C3768181923205910%2C3053942717959222&chmd=&chpv=&chfv=undefined&rqm=GET

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=2799, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 08 Sep 2024 21:44:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
287 B 159ms
75ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1242954859141196&ev=PageView&dl=https%3A%2F%2Flp.xpi.com.br&rl=https%3A%2F%2Fwww.google.com&if=false&ts=1725831844299&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4124&fbp=fb.2.1725831844240.796663560444274804&cs_est=true&pm=1&hrl=7787a1&ler=other&cdl=API_unavailable&it=1725831843980&coo=false&cs_cc=1&cs_cc=1&cas=8149077778506069%2C26989770403943423%2C8435359449828107%2C8171944286185418%2C7818847454889704%2C7346420332130088%2C8022372684449050%2C25229555303356404%2C7464292540313842%2C7757173284349029%2C25666356486282944%2C5298879466860149%2C5051931368266116%2C8668263146532501%2C7830399253645391%2C4149245718457471%2C4348440028556093%2C5822047104532874%2C4334930196570526%2C3382679708442430%2C3768181923205910%2C3053942717959222&cas=8149077778506069%2C26989770403943423%2C8435359449828107%2C8171944286185418%2C7818847454889704%2C7346420332130088%2C8022372684449050%2C25229555303356404%2C7464292540313842%2C7757173284349029%2C25666356486282944%2C5298879466860149%2C5051931368266116%2C8668263146532501%2C7830399253645391%2C4149245718457471%2C4348440028556093%2C5822047104532874%2C4334930196570526%2C3382679708442430%2C3768181923205910%2C3053942717959222&chmd=&chpv=&chfv=undefined&rqm=FGET

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 08 Sep 2024 21:44:04 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=6325, tp=-1, tpl=-1, uplat=35, ullat=0
pragma: no-cache
x-fb-debug: jx5SeiM6KiSzXmKNGikELEdAE4ElvVT5ozjTHY2Lt5Gkm8qsQL+UKThG4dcF9jpF4ZfHymSn73vFfjUlRpD4Qw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 75ms
40ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=197031193428591&ev=PageView_LP&dl=https%3A%2F%2Flp.xpi.com.br&rl=https%3A%2F%2Fwww.google.com&if=false&ts=1725831844349&sw=1600&sh=1200&v=2.9.167&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.2.1725831844240.796663560444274804&pm=1&hrl=0331d8&ler=other&cdl=API_unavailable&it=1725831843980&coo=false&tm=2&cs_cc=1&chmd=&chpv=&chfv=undefined&rqm=GET

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=2799, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 08 Sep 2024 21:44:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 101ms
74ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=197031193428591&ev=PageView_LP&dl=https%3A%2F%2Flp.xpi.com.br&rl=https%3A%2F%2Fwww.google.com&if=false&ts=1725831844349&sw=1600&sh=1200&v=2.9.167&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12316&fbp=fb.2.1725831844240.796663560444274804&pm=1&hrl=0331d8&ler=other&cdl=API_unavailable&it=1725831843980&coo=false&tm=2&cs_cc=1&chmd=&chpv=&chfv=undefined&rqm=FGET

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 08 Sep 2024 21:44:04 GMT
document-policy: force-load-at-top
x-fb-server-load: 16
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=3149, tp=-1, tpl=-1, uplat=34, ullat=0
pragma: no-cache
x-fb-debug: ZvVp3GP07LcIpDct9D/vTCT7yPLbZOwTJRXo7qY53Aoj5mawSzdPw7N6jz4LRB0iqUhpajCyJu5qcQ6mVVX9qQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/ 846 B
1 KB 119ms
40ms Fetch
application/json 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbeb64b9bdff73fd1db0384eeb0e5c84975c1056ab88327d8afd41afec009a2a

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-amz-version-id: 8hhQxTKHoOnu6ibcEIEN_FLilRkanaYW
date: Sun, 08 Sep 2024 20:11:06 GMT
via: 1.1 7ccd3c44ed70cdb4cd40f0ff29b1254c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 5585
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 846
last-modified: Thu, 25 Jul 2024 17:58:45 GMT
server: AmazonS3
etag: "69589fc88a276a2dc6f7c9dca764ec58"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: tL194WBElIRlM2-x3ynPEAxYYajtWYMsjt_QxszXTuYEJlC0dpWCeg==

GET
H2 200 activityi;src=9143205;type=xp_pages;cat=xp-se0;ord=1390201815.1725831844--20240908;npa=1;auiddc=562670438.1725831844;u1=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere;u3=1390201815.1725831844;ps...
9143205.fls.doubleclick.net/ Frame 234D 0
0 170ms
52ms Document
text/html 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9143205.fls.doubleclick.net/activityi;src=9143205;type=xp_pages;cat=xp-se0;ord=1390201815.1725831844--20240908;npa=1;auiddc=562670438.1725831844;u1=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere;u3=1390201815.1725831844;ps=1;pcor=465344063;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190498507z878378273za201zb78378273;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101529666;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-9143205&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 593
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Sep 2024 21:44:04 GMT
expires: Sun, 08 Sep 2024 21:44:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=9143205;type=xp_pages;cat=xp-se0;ord=1390201815.1725831844--20240908;npa=1;auiddc=562670438.1725831844;u1=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere;u3=139...
ad.doubleclick.net/ 0
23 B 129ms
74ms Image
image/png 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=9143205;type=xp_pages;cat=xp-se0;ord=1390201815.1725831844--20240908;npa=1;auiddc=562670438.1725831844;u1=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere;u3=1390201815.1725831844;ps=1;pcor=465344063;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4940v9190498507z878378273za201zb78378273;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101529666;epver=2;~oref=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere?

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Sun, 08 Sep 2024 21:44:04 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"6803383644545906610"}],"aggregatable_trigger_data":[{"filters":{"14":["8846144"]},"key_piece":"0x48ece4219fb8a2e6","source_keys":["12","13","14","15","16","17","18","19","20","21","20463492","20463493","20463494","20463495","638485764","638485765","638485766","638485767","638531168","638531169","638531170","638531171","900062980","900062981","900062982","900062983","900125076","900125077","900125078","900125079","900160912","900160913","900160914","900160915"]},{"key_piece":"0xc832b9054d07a2e3","not_filters":{"14":["8846144"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","20463492","20463493","20463494","20463495","638485764","638485765","638485766","638485767","638531168","638531169","638531170","638531171","900062980","900062981","900062982","900062983","900125076","900125077","900125078","900125079","900160912","900160913","900160914","900160915"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"20463492":65,"20463493":65,"20463494":65,"20463495":6356,"21":6356,"638485764":655,"638485765":655,"638485766":655,"638485767":63569,"638531168":218,"638531169":218,"638531170":218,"638531171":21189,"900062980":65,"900062981":65,"900062982":65,"900062983":6356,"900125076":65,"900125077":65,"900125078":65,"900125079":6356,"900160912":65,"900160913":65,"900160914":65,"900160915":6356},"debug_key":"12249499886923505143","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"6803383644545906610","filters":{"14":["8846144"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"6803383644545906610","filters":{"14":["8846144"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"6803383644545906610","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"6803383644545906610","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["9143205"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 8c021e1d8e5e83b4 Show response
lp.xpi.com.br/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 3681 0
1 KB 208ms
204ms XHR
text/plain 2a02:26f0:e300::5f64:9218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.xpi.com.br/cdn-cgi/challenge-platform/h/b/jsd/r/8c021e1d8e5e83b4

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300::5f64:9218 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: application/json

Response headers

strict-transport-security: max-age=15552000
date: Sun, 08 Sep 2024 21:44:04 GMT
server: cloudflare
cf-ray: 8c021e24a8d983b4-MXP
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 50ms
49ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-HM1230DXLC&gtm=45je4940v881926448z878378273za200zb78378273&_p=1725831843661&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1390201815.1725831844&ul=de-de&sr=1600x1200&lps=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=xp%20-%20web%20-%20nl%20-%20lp%20-%20uptrade&sid=1725831844&sct=1&seg=0&dl=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere&dr=https%3A%2F%2Fwww.google.com%2F&en=page_view&_fv=2&_ss=2&up.capPot=NaN&tfd=1840
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HM1230DXLC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Sun, 08 Sep 2024 21:44:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.xpi.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 51ms
50ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HM1230DXLC&cid=1390201815.1725831844&gtm=45je4940v881926448z878378273za200zb78378273&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HM1230DXLC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Sun, 08 Sep 2024 21:44:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lp.xpi.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 52ms
52ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HM1230DXLC&cid=1390201815.1725831844&gtm=45je4940v881926448z878378273za200zb78378273&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1041349057

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
date: Sun, 08 Sep 2024 21:44:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 188ms
62ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 08 Sep 2024 21:44:04 GMT
last-modified: Fri, 06 Sep 2024 21:17:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 02C9F5AB70B0452DA6CB7F17DD7454B6 Ref B: FRA31EDGE0108 Ref C: 2024-09-08T21:44:04Z
etag: "016326a20db1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14305

GET
H2 200 main.MTZlYmMyNjliMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 334 KB
93 KB 60ms
60ms Script
application/javascript 95.100.146.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3ETJDEPKKNB3CA80KI0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.25 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 97cb5582858b04ad514c84f116de94e931849838034ef1f324beda5f60514c06

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-akamai-request-id: 5580664d
date: Sun, 08 Sep 2024 21:44:04 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202408300225380C34DC66D9919689B8EB
x-tt-trace-id: 00-2408300225380C34DC66D9919689B8EB-02CCF90D8D6DF4EF-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a95-100-146-22.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0153880e87594613dc1006e5a39c3b3520178f40b54ccbfe7ecd4af5a0cb0ed527020faa97ce792b4313bf789bafca8833f1d0c22e73308bf05d3a2c9e19a3ced8c809b71f9143a0e3031dab60bfed69b5f155ecdbbedb30d7a72b3407b5854fc8
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 94557

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
173 B 639ms
211ms Fetch
application/json 35.155.246.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/ZBIuXJXex9X5U0zWo8RS7No7UWn2C4La/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.155.246.37 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-246-37.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: text/plain

Response headers

access-control-allow-origin: https://lp.xpi.com.br
date: Sun, 08 Sep 2024 21:44:05 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 201 NGo9V2w Show response
lp.xpi.com.br/BGunTazBpz6SlmivDQ/mOz5zbzJbp0N9Nc9/GjcXUEtfBg/QnoB/ 18 B
675 B 253ms
251ms XHR
application/json 2a02:26f0:e300::5f64:9218
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.xpi.com.br/BGunTazBpz6SlmivDQ/mOz5zbzJbp0N9Nc9/GjcXUEtfBg/QnoB/NGo9V2w
Requested by: Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/BGunTazBpz6SlmivDQ/mOz5zbzJbp0N9Nc9/GjcXUEtfBg/QnoB/NGo9V2w
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e300::5f64:9218 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer: https://lp.xpi.com.br/minicontratos-opere
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 08 Sep 2024 21:44:04 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://lp.xpi.com.br
access-control-allow-credentials: true
x_req_id: 80a6f0f8-6a81-460f-9b19-9c644ed32a13
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 53ms
52ms Script
application/javascript 95.100.146.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.25 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-akamai-request-id: 55806b0b
date: Sun, 08 Sep 2024 21:44:04 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024083002253508B1A01C74491683B327
x-tt-trace-id: 00-24083002253508B1A01C74491683B327-1CB88659DC600DCA-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a95-100-146-22.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018b7c277fdfcf9c8af543e557fd0a7c7b40575fe1146914ce7007a8ac7c1608fa873310fdb8e7fd0beb25a3af65d84293b64f6548779926dd498ff418760316596bda2043143e74c091a45a1c04730321eae00fb16cf7b9e99d59255025f78006
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 39318

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
720 B 194ms
192ms Ping
text/plain 95.100.146.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.25 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 55806b4a
date: Sun, 08 Sep 2024 21:44:04 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240908214404001C852D73FC630A28B3-6A74272BE6B2F510-00
x-cache: TCP_MISS from a95-100-146-22.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
server-timing: inner; dur=32, cdn-cache; desc=MISS, edge; dur=8, origin; dur=134
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240908214404001C852D73FC630A28B3
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 134,95.100.146.22
x-tt-trace-host: 01639f7585c8da67fb75f51bc357546b67737cf8e53112d760b4a182e88c79d3ac5352667cdaefb3f940889005869cfd72ac3b49f94c4f3fb1437ece027b708df08b244a26767ae8d71baafceb28a61321981a25f061c529353290ad49df007619
access-control-allow-headers: Authorization,*
expires: Sun, 08 Sep 2024 21:44:04 GMT

GET
H2 200 145000350.js Show response
bat.bing.com/p/action/ 2 KB
973 B 63ms
63ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/145000350.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

07fc95df170c97ee2ec110c3a76595a9bdb6da112a05cd9e6c00868cfc29134b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sun, 08 Sep 2024 21:44:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C7FDDA8386CE4C6BAA80100CFDCF638D Ref B: FRA31EDGE0108 Ref C: 2024-09-08T21:44:04Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 145000350 Show response
bat.bing.com/p/insights/t/ 713 B
889 B 141ms
140ms Script
application/x-javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/145000350

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/145000350.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

42ff4feb8a5d943e5fa241926ae48f1f9a5dffd7d73e1f63cb3e616b68933483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 08 Sep 2024 21:44:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB09D5641F8E488CBDC698F1C499F823 Ref B: FRA31EDGE0108 Ref C: 2024-09-08T21:44:04Z
vary: Accept-Encoding
x-azure-ref: 20240908T214404Z-15855465dc7hsj2daapz9qer080000000q300000000063g4
content-type: application/x-javascript
x-cache: CONFIG_NOCACHE
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 610
expires: -1

GET
H2 204 0
bat.bing.com/action/ 0
287 B 63ms
63ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=145000350&Ver=2&mid=431808a5-e285-4174-9e50-801728d46feb&sid=780439306e2b11efbe200305a5d984f8&vid=78044e406e2b11ef90aec964eebb4d10&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=XP%20Investimentos%20-%20Uptrade&kw=corretora%20de%20valor,%20xp%20investimento,%20plataforma%20gr%C3%A1tis,%20xp%20renda%20variavel,%20corretagem%20zero,%20alavancagem,%20day%20trade,%20minidolar,%20mini%20indice,%20mercado%20futuro&p=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere&r=https%3A%2F%2Fwww.google.com%2F&lt=1422&evt=pageLoad&sv=1&cdb=ARoR&rn=675936

Requested by

Host: lp.xpi.com.br
URL: https://lp.xpi.com.br/minicontratos-opere

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 08 Sep 2024 21:44:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 883D5ADAB57749FA851F59F8602FEA68 Ref B: FRA31EDGE0108 Ref C: 2024-09-08T21:44:04Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
722 B 181ms
180ms Ping
text/plain 95.100.146.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.25 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5580701f
date: Sun, 08 Sep 2024 21:44:05 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2409082144059B43AFBE355A6F79561E-18331E396319265E-00
x-cache: TCP_MISS from a95-100-146-22.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
server-timing: inner; dur=18, cdn-cache; desc=MISS, edge; dur=10, origin; dur=121
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202409082144059B43AFBE355A6F79561E
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 121,95.100.146.22
x-tt-trace-host: 01639f7585c8da67fb75f51bc357546b67737cf8e53112d760b4a182e88c79d3ac13a888a24f606db655c8063ec254b19c675bcb075627e0f0b42b1b56f36d4c0ca33b4bf7d5748d3baa8dd444824056caf18fd2bf5cfd09dedef6b19a60909d7d
access-control-allow-headers: Authorization,*
expires: Sun, 08 Sep 2024 21:44:05 GMT

GET
H2 200 0.7.45 Show response
bat.bing.com/p/insights/s/ 35 KB
15 KB 67ms
67ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.45

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/145000350

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e5cb0a182984db908f6ac268f9f0c489ff1643cce4fb636d0e6510fcc89c3d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sun, 08 Sep 2024 21:44:04 GMT
x-cache: CONFIG_NOCACHE
x-fd-int-roxy-purgeid: 51562430
content-length: 15147
last-modified: Wed, 04 Sep 2024 20:13:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1D99671DA5894E0AA803B5042A7D468F Ref B: FRA31EDGE0108 Ref C: 2024-09-08T21:44:04Z
etag: W/"0x8DCCD1E0B3182E3"
vary: Accept-Encoding
x-azure-ref: 20240908T214404Z-15855465dc7hgtqhv2t3ywx9qn0000000q50000000001k21
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: db226144-501e-005b-11ad-ff17e0000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28

POST
H2 204 x Show response
bat.bing.com/p/insights/c/ 0
210 B 133ms
132ms XHR
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/x

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.45

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/x-webinsights-gzip
Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 08 Sep 2024 21:44:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3CAB9ED7F3124CD9BD4522EECF60F91C Ref B: FRA31EDGE0108 Ref C: 2024-09-08T21:44:05Z
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://lp.xpi.com.br
access-control-allow-credentials: true
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 generic1725651154809.js Show response
nebula-cdn.kampyle.com/us/wu/634815/onsite/ 1 MB
109 KB 43ms
43ms Script
application/javascript 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1725651154809.js

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/wu/634815/onsite/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f2e976b7a40dc8d0ab32d697dc82df81cf3b9914580038d7d85690cbc7b80856

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-amz-version-id: AFKnMCURQOj3lWg5W5_OhUuTQPDVakAw
content-encoding: gzip
via: 1.1 varnish
date: Sun, 08 Sep 2024 21:44:05 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 303PDSWDB9HQVVQ6
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 111377
x-amz-id-2: ZRAgqPdrhtdM/VJnmwuckMONdYBnr+StbmtilXeinBuTRJb+VwXiOlhBFmxGss21WsQrGECrtFQ=
x-served-by: cache-fra-etou8220055-FRA
last-modified: Fri, 06 Sep 2024 19:32:36 GMT
server: AmazonS3
x-timer: S1725831845.183417,VS0,VE3
etag: "f429c86291edfd1188bc1514be6fb8db"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H3 200 two
ec.instapagemetrics.com/t/ Frame 0
0 226ms
171ms Preflight 172.67.185.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.instapagemetrics.com/t/two

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.185.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://lp.xpi.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://lp.xpi.com.br
access-control-max-age: 5
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8c021e28cee04d93-FRA
content-length: 0
date: Sun, 08 Sep 2024 21:44:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oEAlzIebokz%2Fxm2h8SM3rtJyABvJaFOv85U4LNlwZ6itieI6szt2DwhjkjT2DPKB%2FNjvCai5LJU9iL7nsgWbiXebDJ5NwRQEtrGmc0Xf31WVEfUIct9wotdeSj5wm62MtSB%2F1jfvjDnEoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: sameorigin

POST
H3 200 two Show response
ec.instapagemetrics.com/t/ 2 B
615 B 204ms
159ms XHR
text/plain 172.67.185.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.instapagemetrics.com/t/two

Requested by

Host: cdn.instapagemetrics.com
URL: https://cdn.instapagemetrics.com/t/js/3/it.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.185.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: application/json; charset=UTF-8

Response headers

date: Sun, 08 Sep 2024 21:44:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
alt-svc: h3=":443"; ma=86400
content-length: 2
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BfR2dEEG450DYUNvSoRXh2mLXvw7F8kcrHEcjvmBD8%2FsO5KVYATLC77EpaSfMAHdh%2FvLCMqxFYRwN%2Fw%2F17DXmMoMeqP%2FZ6hAKgth13lhDGZfFIJzL%2FbFejCpYcy6s2mCDIztFgACjQT4Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://lp.xpi.com.br
access-control-allow-credentials: true
cf-ray: 8c021e2a2b5bd38c-FRA

GET
H2 200 61058080-0-favicon-xp.png
v.fastcdn.co/u/344766a4/ 338 B
828 B 57ms
56ms Other
image/webp 2606:4700:4400::6812:29da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v.fastcdn.co/u/344766a4/61058080-0-favicon-xp.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed1e9f37613dc0248c7e00bb0f1ba1d545a031c69d90ae59a83e8bcb0249ee20

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

date: Sun, 08 Sep 2024 21:44:05 GMT
cf-cache-status: HIT
age: 2191389
cf-polished: origFmt=png, origSize=721
x-guploader-uploadid: AHxI1nPp1fclBXNNsUxmZx0wIgYKhu5uKhyF_oDT6rWWh3BoX1KiCRvQp8GUrBQ19bR37eECoZqdl2YoMA
x-goog-meta-content-length: 0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="61058080-0-favicon-xp.webp"
x-goog-meta-expires: Sun, 16 Apr 2023 05:39:03 GMT
content-length: 338
cf-bgj: imgq:85,h2pri
last-modified: Wed, 23 Feb 2022 13:39:03 GMT
server: cloudflare
etag: "fe470574e9822cb9bea6ea701930df55"
vary: Accept
x-goog-generation: 1645623543815018
content-type: image/webp
x-goog-hash: crc32c=UTcxgg==, md5=/kcFdOmCLLm+pupwGTDfVQ==
cache-control: public, max-age=315360000
x-goog-stored-content-length: 721
accept-ranges: bytes
cf-ray: 8c021e287c44372c-FRA
expires: Wed, 06 Sep 2034 21:44:05 GMT

GET
H2 200 formData1717495810122_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/38337/ 13 KB
3 KB 120ms
41ms XHR
application/json 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/38337/formData1717495810122_pt-br.json

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1725651154809.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

244fc6cb1cfcb9ab7082ec7ae4e7e236228500fe3bcf2d375c6d0c031d6a54d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-amz-version-id: DaWvfgtPL6NpxJGGt7MMQBc6VfA3rfiH
content-encoding: gzip
via: 1.1 varnish
date: Sun, 08 Sep 2024 21:44:05 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: Z3YXJBRV5WPS9S2Z
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2969
x-amz-id-2: e/AsluIdcAzq9a6FTIV2UlHz+YEsBRdk08igO05ySfsWpoCjq0fRAtvUF4hhif00DaUk4dpJIp8=
x-served-by: cache-fra-etou8220061-FRA
last-modified: Tue, 04 Jun 2024 10:10:11 GMT
server: AmazonS3
x-timer: S1725831845.432738,VS0,VE1
etag: "97cc98656db7cdf703da8015e7045c1b"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 formData1717495811890_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/47349/ 15 KB
3 KB 121ms
42ms XHR
application/json 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/47349/formData1717495811890_pt-br.json

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1725651154809.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eef0e09dc4a9421d6e306aaf95c2dc6bfb770d2a7597099dde8fe98d0cbf0ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-amz-version-id: Pzu1mERIKHrNqWJR.4S7Q91rpWcwR.De
content-encoding: gzip
via: 1.1 varnish
date: Sun, 08 Sep 2024 21:44:05 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: Z3YN0RB4D13ACQPK
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3259
x-amz-id-2: xPscNccCw0TigBwR15XMgxHe7CngX16zmABsBxq9L4+KRhBWp5gqhzeQ6ZuU/zZxZ5jOqQeZdV8=
x-served-by: cache-fra-etou8220061-FRA
last-modified: Tue, 04 Jun 2024 10:10:13 GMT
server: AmazonS3
x-timer: S1725831845.433040,VS0,VE1
etag: "86c24223baf9888682541b139f254f15"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 formData1717495839441_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/47667/ 16 KB
4 KB 124ms
47ms XHR
application/json 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/47667/formData1717495839441_pt-br.json

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1725651154809.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a41378d3dbb0cf77581caf0e30f3b22cb583ab6e9810942adda811243e984999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-amz-version-id: _w96BocjnwsVx3XBdFae9tqz_t1cu8zX
content-encoding: gzip
via: 1.1 varnish
date: Sun, 08 Sep 2024 21:44:05 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: Z3YTBE49K8NRW9GN
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3363
x-amz-id-2: KJueI6iT8eAT0+Zl242Yo0QInjl2eKU3dFSRVyjwOBnaZAi5erBG6wCd2zLDzfU1A/Zn0WIyzUw=
x-served-by: cache-fra-etou8220061-FRA
last-modified: Tue, 04 Jun 2024 10:10:40 GMT
server: AmazonS3
x-timer: S1725831845.433130,VS0,VE1
etag: "83dce71d4cd302ab59d586ef9b84c2ce"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 formData1717495894105_en.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/48691/ 22 KB
4 KB 121ms
44ms XHR
application/json 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/48691/formData1717495894105_en.json

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1725651154809.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6504dff4d02faf85d4df8b05d5638e5dffb4189dfdb91e7f2dcef8ce5d45eeaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-amz-version-id: 7Y3VRT9mgCCrI_Myl49LfhEQU.ZNPD7K
content-encoding: gzip
via: 1.1 varnish
date: Sun, 08 Sep 2024 21:44:05 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: Z3YK9A4MJ83V400A
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3452
x-amz-id-2: tClUiS6L6IuwiOJYmOrO6cXT4VDEJ1bCZW7eIYeKSuRz1f/EKY2rIvLgxhzjuXeZcQK+v6Y9XZw=
x-served-by: cache-fra-etou8220061-FRA
last-modified: Tue, 04 Jun 2024 10:11:35 GMT
server: AmazonS3
x-timer: S1725831845.433026,VS0,VE1
etag: "aec82f87f47205f3129666495b2626f4"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 formData1717495798451_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/50041/ 15 KB
3 KB 122ms
46ms XHR
application/json 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/50041/formData1717495798451_pt-br.json

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1725651154809.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b0cd5d1f210d1f51bf2b93041e0e4956af4710f926ad4f04b75d34ac65891fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-amz-version-id: 8rnmpFdlUzcE6nRDHGLaoFDzKWvNIMWZ
content-encoding: gzip
via: 1.1 varnish
date: Sun, 08 Sep 2024 21:44:05 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: Z3YNH70EAFSVQDHG
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3237
x-amz-id-2: vdITWJQr5SxVO+YtVOaWx8F8rkBrxLTm5UNLdKaiXKQ/HI/Q4zQCPF/8MoffyW7YtWLKtJdObdpPKvSaUpMI2V42ilSZCoTJ
x-served-by: cache-fra-etou8220061-FRA
last-modified: Tue, 04 Jun 2024 10:09:59 GMT
server: AmazonS3
x-timer: S1725831845.432999,VS0,VE1
etag: "d590f40122669fcee01cbead711cf860"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 form1717495852351.html
nebula-cdn.kampyle.com/us/wu/634815/forms/50195/ Frame A622 0
0 557ms
481ms Document
text/html 151.101.193.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/50195/form1717495852351.html?formId=50195&type=live&isMobile=true&referrer=https%3A%2F%2Flp.xpi.com.br%2Fminicontratos-opere&region=digital-cloud-us-main&displayType=lightbox&isSeparateFormTemplateFromData=true&domainsListRelativePath=..%7C..%7C..%7C..%7C..%7Cus%2Fwu%2F634815%2Fonsite

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1725651154809.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.175 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://lp.xpi.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=2592000
content-encoding: gzip
content-length: 4291
content-type: text/html
date: Sun, 08 Sep 2024 21:44:05 GMT
etag: "f75f66520278b4b7850d0b1ade1bf1ac"
last-modified: Tue, 04 Jun 2024 10:10:53 GMT
server: AmazonS3
strict-transport-security: max-age=31557600
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: ifGJ3N/gFS8xGrHTiuzMDrf2UB8dwhrme1yT+qHDbMSbQBmLjxneaAEUAgJjOz8sHH4W4U9eWIQ871vaG8aUfGpWVP9LoiwFdFDIIeFmcjI=
x-amz-request-id: MJ77FC57FNQHNDR1
x-amz-server-side-encryption: AES256
x-amz-version-id: A6BgQw8GmfhlndgAUORd8tKiQH7ctagT
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-etou8220120-FRA
x-timer: S1725831845.448397,VS0,VE442

GET
H2 200 formData1717495852636_pt-br.json Show response
nebula-cdn.kampyle.com/us/wu/634815/forms/50195/ 14 KB
4 KB 103ms
39ms XHR
application/json 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/634815/forms/50195/formData1717495852636_pt-br.json

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1725651154809.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.175 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5737f5aa0d6fe9f76fb750fc3a82f4796d8920bfce5a0e165864bf756b99bb68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-amz-version-id: v5quuuVuoz9PCT5HDQib_IiRhTFVAOp0
content-encoding: gzip
via: 1.1 varnish
date: Sun, 08 Sep 2024 21:44:05 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: Z3YJRDPBBK8WNDQM
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 3370
x-amz-id-2: /rCVAvsDl9nCA6eUF3ViULsr4q825YiJ9zdyfMl6MidclaDQxskivPr32vDCt5lGIPC5e/kQV5Y=
x-served-by: cache-fra-etou8220061-FRA
last-modified: Tue, 04 Jun 2024 10:10:54 GMT
server: AmazonS3
x-timer: S1725831845.433014,VS0,VE0
etag: "6835fe54c902a9f897ab8f1881326d4a"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 24

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
318 B 220ms
131ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKEFuZHJvaWQgMTM7IE1vYmlsZTsgcnY6MTEyLjApIEdlY2tvLzExMi4wIEZpcmVmb3gvMTEyLjAiLCJzZXNzaW9uX3BsYXRmb3JtIjogIkxpbnV4IHg4Nl82NCIsInJlZmVycmluZ191cmwiOiAiaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8iLCJyZWZlcnJpbmdfZG9tYWluIjogInd3dy5nb29nbGUuY29tIiwicGFnZV90aXRsZSI6ICJYUCBJbnZlc3RpbWVudG9zIC0gVXB0cmFkZSIsInBhZ2VfdXJsIjogImh0dHBzOi8vbHAueHBpLmNvbS5ici9taW5pY29udHJhdG9zLW9wZXJlIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE3MjU4MzE4NDUzMzEiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAyLCJ1c2VyX2lkIjogIjE5MWQzOTgxNWM5MzdhLTAyNjhlNjUwNDg1MjQyLTU1MjM2ZjJiLTFkNGMwMC0xOTFkMzk4MTVjYWY5OSIsImVudmlyb21lbnQiOiAiZGlnaXRhbC1jbG91ZC11cy1tYWluIiwiYWNjb3VudElkIjogNjM0ODEzLCJ1cmwiOiAiaHR0cHM6Ly9scC54cGkuY29tLmJyL21pbmljb250cmF0b3Mtb3BlcmUiLCJ3ZWJzaXRlSWQiOiA2MzQ4MTUsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjUxMmMtMGI0OC05YmQ0LWMwYzEtNTdlNy0wYTdlLTU1ZmEtZjEzNiIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNzI1ODMxODQ1MzI5Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDI5ODEsImthbXB5bGVfdmVyc2lvbiI6ICIyLjU2LjEiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjU2LjEiLCJoaXN0b3J5X2xlbmd0aCI6IDEsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE3MjU4MzE4NDUzMzEsInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

x-me: prod-instance-gatewayservice-green-0fck
date: Sun, 08 Sep 2024 21:44:05 GMT
via: 1.1 google
alt-svc: clear
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

POST
H2 200 track Show response
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 59 B
188 B 130ms
128ms XHR
text/plain 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by: Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1725651154809.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-type: application/x-www-form-urlencoded

Response headers

x-me: prod-instance-gatewayservice-green-3wqq
date: Sun, 08 Sep 2024 21:44:05 GMT
via: 1.1 google
alt-svc: clear
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://lp.xpi.com.br
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 59
x-application-context: application:9090

POST
H2 200 track Show response
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 59 B
144 B 131ms
129ms XHR
text/plain 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by: Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1725651154809.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-type: application/x-www-form-urlencoded

Response headers

x-me: prod-instance-gatewayservice-blue-p7rp
date: Sun, 08 Sep 2024 21:44:05 GMT
via: 1.1 google
alt-svc: clear
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://lp.xpi.com.br
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 59
x-application-context: application:9090

POST
H2 200 track Show response
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 59 B
144 B 148ms
145ms XHR
text/plain 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by: Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1725651154809.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-type: application/x-www-form-urlencoded

Response headers

x-me: prod-instance-gatewayservice-green-cjg0
date: Sun, 08 Sep 2024 21:44:05 GMT
via: 1.1 google
alt-svc: clear
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://lp.xpi.com.br
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 59
x-application-context: application:9090

POST
H2 200 track Show response
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 59 B
144 B 149ms
147ms XHR
text/plain 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by: Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1725651154809.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-type: application/x-www-form-urlencoded

Response headers

x-me: prod-instance-gatewayservice-green-7qg0
date: Sun, 08 Sep 2024 21:44:05 GMT
via: 1.1 google
alt-svc: clear
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://lp.xpi.com.br
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 59
x-application-context: application:9090

POST
H2 200 track Show response
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 59 B
144 B 148ms
147ms XHR
text/plain 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by: Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1725651154809.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-type: application/x-www-form-urlencoded

Response headers

x-me: prod-instance-gatewayservice-green-hn4k
date: Sun, 08 Sep 2024 21:44:05 GMT
via: 1.1 google
alt-svc: clear
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://lp.xpi.com.br
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 59
x-application-context: application:9090

POST
H2 200 track Show response
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 59 B
144 B 150ms
149ms XHR
text/plain 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by: Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/634815/onsite/generic1725651154809.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer: https://lp.xpi.com.br/
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-type: application/x-www-form-urlencoded

Response headers

x-me: prod-instance-gatewayservice-green-7gvc
date: Sun, 08 Sep 2024 21:44:05 GMT
via: 1.1 google
alt-svc: clear
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://lp.xpi.com.br
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 59
x-application-context: application:9090

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.clarity.ms
URL: https://www.clarity.ms/tag/4ldwp954ta

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xpi.com.br/	1970-01-20 23:23:59	Name: ak_bmsc Value: D28E3D84B51A8C79DF621119F0AABE08~000000000000000000000000000000~YAAQFJJkX1piZJyRAQAAJA+Y0xmsuHHjlCUA+tu1forR72wRPUTlxWL2GpJIDnwUq3c/AZC6nf5WCgzDdXKkNT5giZlsFDgvt8oiSSqmk654rUoqPBbhIGZBnyYdxYKDhVxWyzap0rVzQCYcEKiPzfZiVGar0CQQCEwxmx3RNGKP06ROIPHyExr0wtGMYG9yTLlH0hscqsiaQbi5p55PXaWgMGCt7xr1CUBFkpVjDaD2TvU2spj7yQc9WG6/xmZYp9NlquVPG08ssT16/u/vkes6tbcLJqjes2VFiob9Fw5pGsfI3Euuiq8HgdJ3w+4YrGhZJxZuOOr9AmDDW9aO5zs70+/mlxNe5Sx0oF90cJAB1ELFR4PCn5+p3/C78NmcyImaIzg2TmhC7Fc0pRGAjQ==
.xpi.com.br/	1970-01-20 23:24:06	Name: bm_sz Value: 2D70B511EAB262F3EBC562F3A98AACB3~YAAQFJJkX1tiZJyRAQAAJA+Y0xlN3DYHhWX/Lm5AckrPRPvdQ0NN7eHzL3umN2RU9wOpV8S840H6lIfCxmO2mOXke4omzD+6e14zjy+/RoRKMI1vRbQZ2CDM4cvesQ6vDwYFDqwvY3lJ3Z058DruJVAUtXSjNS+WYDjUiiGAD6H2nbIo7ZGjvaIh9KcnPWt3Lkbk8rGqgyb1PQdACDHtQF4vpgZUORVnkBUWcn02FgboMihw/TyCfhv20zkgr3chBkxaTrf84eGQBJEvv/IxJfkEqmp3vBUXzX9S/jQtbAaMhXnzOxgr5sXo1Bk7wVlJ3gGtIkNIwRmOEMq5IDZp/2pG7mIIpiH/J/w+guFIMHeSkq1WMAKP+sFf9YcwoJdae4umAo8f5JBTghHgzj4faPCGJcM=~4339509~3486777
.instapage.com/	1970-01-20 23:23:53	Name: __cf_bm Value: PVQNPg0ugynu6asTu3cxWzAfAeOp0ilRpb92FgooDGY-1725831843-1.0.1.1-E4_6LvVfbiz9I3HfXWTQzwabsPwegGfAOGnb2zZfkb0HKaj07cvwCNd5qRZgc0f3R8RKIDmrn2NYXhF4kjE25Q
.xpi.com.br/	1970-01-20 23:25:18	Name: _gid Value: GA1.3.600398524.1725831844
.xpi.com.br/	1970-01-20 23:23:51	Name: _gat_IPTracker Value: 1
.xpi.com.br/	1970-01-21 01:33:27	Name: _gcl_au Value: 1.1.562670438.1725831844
.t.co/	1970-01-21 08:59:51	Name: muc_ads Value: 1f70b491-4508-48f9-b1f2-f0f5fe4c7dcf
.t.co/	1970-01-20 23:23:53	Name: __cf_bm Value: VwwVP2uvfOINE08YyP6PhhtVXRxNnVwWwJ2r6NKmy9M-1725831844-1.0.1.1-XUGKyhXSkOc05wJf.0oru2TCNoVIjKO6Fp2cWbONtkKLPJmP2NZbBWV4MFZS0czJ4hfa47hEz9uAWadultl7CQ
.twitter.com/	1970-01-21 08:59:51	Name: guest_id_marketing Value: v1%3A172583184412863113
.twitter.com/	1970-01-21 08:59:51	Name: guest_id_ads Value: v1%3A172583184412863113
.twitter.com/	1970-01-21 08:59:51	Name: personalization_id Value: "v1_ci4JN0drvVL/y4gV6Rz9fQ=="
.twitter.com/	1970-01-21 08:59:51	Name: guest_id Value: v1%3A172583184412863113
lp.xpi.com.br/	1969-12-31 23:59:59	Name: clientId Value: 1390201815.1725831844
.xpi.com.br/	1970-01-21 01:33:27	Name: _fbp Value: fb.2.1725831844240.796663560444274804
.xpi.com.br/	1970-01-21 08:59:51	Name: _ga_6EFVX5924N Value: GS1.3.1725831844.1.0.1725831844.60.0.0
.xpi.com.br/	1970-01-21 08:59:51	Name: _ga_HM1230DXLC Value: GS1.1.1725831844.1.0.1725831844.60.0.0
.xpi.com.br/	1970-01-21 08:59:51	Name: _ga Value: GA1.1.1390201815.1725831844
.tiktok.com/	1970-01-21 08:45:27	Name: _ttp Value: 2lo1vMqEaAgE9mcUaAeES0skCN3
.doubleclick.net/	1970-01-21 00:07:03	Name: ar_debug Value: 1
.xpi.com.br/	1970-01-21 08:09:27	Name: isReset Value: true
.xpi.com.br/	1970-01-21 08:09:27	Name: ajs_anonymous_id Value: ec69ed36-9cca-45ee-b4fb-b695b6b1b9ba
.xpi.com.br/	1970-01-21 08:09:27	Name: segment_anon_id Value: ec69ed36-9cca-45ee-b4fb-b695b6b1b9ba
.xpi.com.br/	1970-01-20 23:23:59	Name: bm_sv Value: 04272FBE5CB2AA8C7C895753FE675D56~YAAQFJJkX2liZJyRAQAANBOY0xkNaF35iARTICAA6JCzPQedNbB9A1i1XMvdNz2zmb8cqBGAlvEnCT2W+OyCJuIw3XDhJOBiAUgZ3BZnAmMgn8a3Knn8DBQfDWrUvmLuLQCt8zwppDFUu6d51rW87JU/37iIijZ2ftzdvc3ynbcHuaewIoa62QLIkX7ti7BhAiHbHAX7wO1XbqDFXnJTx0vdh5XapQ1rtAFqGgGAVyoaZ8M0F+0PnQOd6t4dNCVn~1
.xpi.com.br/	1970-01-21 08:45:27	Name: _tt_enable_cookie Value: 1
.xpi.com.br/	1970-01-21 08:45:27	Name: _ttp Value: idC4Pz1kIn-TtrvEAJL-acxo8WE
.bing.com/	1970-01-21 08:45:27	Name: MUID Value: 28A7192688196A8136890DD289B56B1D
.xpi.com.br/	1970-01-21 08:09:27	Name: _abck Value: 45C041C321794F7964C22330820B6F94~0~YAAQFJJkX25iZJyRAQAA2xOY0wwBo3UOvEFurcVBEpYPetT9OZqhlqCQDbydMnNQH1g0ZopEDMWsc3f5K3JXOIcPL1ashzXoTELv9pb5FXUV2/QUVjAhuMP6e67Z1yjEMtn2223dLtAIwqjkbGmrrvpLj3O3c0KRCku4s2cq/k7xUeJf8eaapBQ0sGMK8RAikDTSyLQkYJ71bacKfZyH+VsCcijha0eoWRAgDu9g8d7a133OX13sEa5QdMDytTgrPEdI+sWDtGl8so0CszeQ/TSI8okhoWHIePweMbZSyarBjda3qYhaeZiIk1UGk/4hmLrpoeZM0AMLPS+9PwHOrCtY7LjlQ8+rH59s2bqk2cSAUvAxaGwGykgawSxQIUmpr7WuG/JPvqmqYAS2T2SZcIAyS+p1cUzNPSVcwCCwt3pMmngxUg==~-1~\|\|0\|\|~-1
.doubleclick.net/	1970-01-21 08:45:27	Name: IDE Value: AHWqTUltlKZshdxu-gvh9HN0O-Kq6xmMzN-yV0_6DuYpLmsoOEL_ibulBa_hf8GL
.bat.bing.com/	1970-01-21 08:45:27	Name: MSPTC Value: hIHInAmIuJjAjELCF0gP9hAt9qyfFr_9un5OLkC-zic
.xpi.com.br/	1970-01-20 23:25:18	Name: _uetsid Value: 780439306e2b11efbe200305a5d984f8\|1ofzw53\|2\|fp0\|0\|1712
lp.xpi.com.br/	1970-01-20 23:23:53	Name: instap-spses.3abb Value: *
lp.xpi.com.br/	1970-01-21 08:59:51	Name: instap-spid.3abb Value: 231a476f-448a-4e92-919b-222839470873.1725831845.1.1725831845.1725831845.a231496a-a73e-4bfd-976b-df036c356e7c
.xpi.com.br/	1970-01-21 08:45:27	Name: _uetvid Value: 78044e406e2b11ef90aec964eebb4d10\|oy31sp\|1725831845249\|1\|1\|bat.bing.com/p/insights/c/x
lp.xpi.com.br/	1970-01-21 08:09:27	Name: mdLogger Value: false
lp.xpi.com.br/	1970-01-21 08:09:27	Name: kampyle_userid Value: 512c-0b48-9bd4-c0c1-57e7-0a7e-55fa-f136
lp.xpi.com.br/	1970-01-21 08:09:27	Name: kampyleUserSession Value: 1725831845329
lp.xpi.com.br/	1970-01-21 08:09:27	Name: kampyleUserSessionsCount Value: 1
lp.xpi.com.br/	1970-01-21 08:09:27	Name: kampyleSessionPageCounter Value: 1
lp.xpi.com.br/	1970-01-21 08:09:27	Name: kampyleUserPercentile Value: 10.94354147702894

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9143205.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
analytics.tiktok.com
analytics.twitter.com
api.segment.io
bat.bing.com
cdn.instapagemetrics.com
cdn.jsdelivr.net
cdn.segment.com
connect.facebook.net
ec.instapagemetrics.com
fonts.googleapis.com
fonts.gstatic.com
g.fastcdn.co
heatmap-events-collector.instapage.com
lp.xpi.com.br
nebula-cdn.kampyle.com
region1.analytics.google.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
td.doubleclick.net
udc-neb.kampyle.com
v.fastcdn.co
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.clarity.ms
104.244.42.67
13.35.58.148
142.250.185.168
142.250.185.98
142.250.186.134
146.75.120.157
151.101.129.175
151.101.193.175
157.240.252.13
172.217.16.194
172.217.16.195
172.217.23.102
172.66.0.227
172.67.185.227
2001:4860:4802:34::36
2606:4700:4400::6812:29da
2606:4700:4400::ac40:9226
2606:4700:4400::ac40:96fb
2606:4700::6812:bb1f
2620:1ec:33:1::10
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:829::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9c
2a02:26f0:e300::5f64:9218
2a03:2880:f177:185:face:b00c:0:25de
34.36.17.181
35.155.246.37
35.241.45.82
95.100.146.25
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
039f76674b8d6d6d2c992da325570b36ab52ba990b2af1338a6dcc8a98ffc403
03b575fd00be77d0cd9dabe59c851144b8244818b7bbcbde72ad70150625ffac
07fc95df170c97ee2ec110c3a76595a9bdb6da112a05cd9e6c00868cfc29134b
0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a
0fbfeb1dedb32f10fff2c4c8ce63f823094293a8c2634de9bb342100f28229fa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1541a7ee5e8c6d6b3bbae570e689db76d4f8cd6ec52cf5bb2259dee1c226aaf3
191ee2eb3bffb0f8eb8569e44375cd61e8a54247e3015c5cd7d3198b0f0b59bc
1ba8d186eaf517e8c1167da81dc1c071b1512d8a8a55336fa8bde4cb7807dbbd
1e22be314614f01409c8b320e825c02494115854a16dd3e423002553c12fbe4d
20839cfb26f6cf325666113e0bb3847c01386e90416152b64df6a0b40be2bcfa
23313c64acdc39327008f8fe88c53d004220388f360d30fe7c19f07bc805239d
244fc6cb1cfcb9ab7082ec7ae4e7e236228500fe3bcf2d375c6d0c031d6a54d8
25f437bd5c3576d516f6d1712d35c24d6311f76518b3835a9d2bca22fd56094c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2e065b142374be24bcdfff600deccc28f6af18f5401cc224342fbe8fca3de357
42f3cf14726b851c09368d72835860721786b2de7633048f8df1a448c815a2a2
42ff4feb8a5d943e5fa241926ae48f1f9a5dffd7d73e1f63cb3e616b68933483
45a81b25e39e421b082118205814b8ae0e32f6104007e3fe90c114d9bcdd6fdb
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
55cf978172b0066d80a60184111e6bca30ad7e66ecc1ac8041235422ade87db7
5737f5aa0d6fe9f76fb750fc3a82f4796d8920bfce5a0e165864bf756b99bb68
5ab8dc2e07d8d388c713d002bbf9f77f758c0eddc7ab0d4caeaff1b6d2602fc7
60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438
6504dff4d02faf85d4df8b05d5638e5dffb4189dfdb91e7f2dcef8ce5d45eeaf
6598be857b7d6712cf585ee8fa5d82abdb3624e7763d84895628709132afc187
716026297e5a75024752b195afe5f3f8e90dc7735204dfa7dbd5cb3e80c40f36
72e3f23b5f5b2b0b0b4fed8bca794625de2c78d3e40ab5c037785156c65a68ff
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7cced09b0fd8718262ff270eb5abd55b60b5ba5459692321c6be96c460c1c14e
7fe6faaa9000001abfaa88dcdb7e1e06e4c656d596928b59793271eb01852558
836f33a247878b76cba7ee408437eb46006b5a1b6b0a4879287913031e6c07ec
853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29
91ebc318f157f3215c453023a445e3152f17ba7845a6cf24fbe3b10b242dad74
97cb5582858b04ad514c84f116de94e931849838034ef1f324beda5f60514c06
98f56cd6c919bed137147071003a7f3e15b7e0cdc02a81b5f9922de22e7ed08a
9b72095339aadf8ac51e39aeb5188ee7c76ff5fff37df1d4f01c330bd18a16f9
a41378d3dbb0cf77581caf0e30f3b22cb583ab6e9810942adda811243e984999
a70c2bc728eb261ac55c2ff878249947bcd3a9d8827d94e63fbdd8fe67156986
a91cf6baeae173f2e775870281900894abb6eaabe9b412688acf5bf19743dffd
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af4e90300b10a0989dd4b0a0ba9b2e6d9a0fa35d04476f25c92f44a410fffffe
b0cd5d1f210d1f51bf2b93041e0e4956af4710f926ad4f04b75d34ac65891fc9
b828a03c7f7e0b7f1dcd09786a7262fdc14426a35ec00be711007de4560982af
b98c68d672e21eab4ef878cb09748967f161f2c79859f1a802067ce965cf1e68
bc8180fca7cedc8ded0665a0e0391db4333d62db5fdf5b432742517dd588c848
bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0
c6de079b319e31eb3e94762d2c05223c55f7a82c440ab70edbee4f03a58d0972
c96ef65197c2b41c1212e37c88c8dee886d4eb44cdd3a31709c4c74e8f6e1092
c9c19d88d9366bfa36ffd12f6237c58322e91c1f2e57a896172a05f41318134a
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459
cbeb64b9bdff73fd1db0384eeb0e5c84975c1056ab88327d8afd41afec009a2a
d550b3e5039e4eb05f2018a601300548659993889a13db899de0356695923c2e
daf30c7fcc32948d031ec62440dec45b1822068e715387039585b8000102325f
dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df2744b702055675d238d7f172395d04b74d1bbf4ad3617bcdb1fb3650a0ab15
df84aa935d24cc88188a22657c7c82cbfe94d30a1bc796946e1650d983238e97
e316c80c690869a313a3b3fa8ae4ed76cc522407022c4d2ee84f0f584f4e0203
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b0b1afcf5ac2589cc4197cd315ad81f70545868cffdb37e56c71518e2ad1df
e5cb0a182984db908f6ac268f9f0c489ff1643cce4fb636d0e6510fcc89c3d16
eacaab04cd490c7342c6ec0c996e345d62ff3be79e638084420a7592b5051cbd
ed0e32e2d68288682e401451476f2bdeb8cca3722ab801a5582facb2323f7916
ed1e9f37613dc0248c7e00bb0f1ba1d545a031c69d90ae59a83e8bcb0249ee20
eef0e09dc4a9421d6e306aaf95c2dc6bfb770d2a7597099dde8fe98d0cbf0ec5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15dc2df620a373ac551ceb8364ba4b2085b95ffc59fac2bbc304af57bf20e55
f2e976b7a40dc8d0ab32d697dc82df81cf3b9914580038d7d85690cbc7b80856
fd46f024f5c6207e9a8e46fc4d41a7c0255f06719a831f41bf65ffc492ee829b
fd6c5572307f4c8eee419ad21a71e4f712b867f48beeaa492076ac350df77b66

lp.xpi.com.br Open in urlscan Pro 2a02:26f0:e300::5f64:9218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

102 Requests

97 %HTTPS

44 %IPv6

24 Domains

31 Subdomains

32 IPs

4 Countries

2466 kBTransfer

6374 kBSize

39 Cookies

3 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lp.xpi.com.br Open in urlscan Pro
2a02:26f0:e300::5f64:9218 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

97 %
HTTPS

44 %
IPv6

24
Domains

31
Subdomains

32
IPs

4
Countries

2466 kB
Transfer

6374 kB
Size

39
Cookies

102 HTTP transactions
1 data transactions