portaldacovid-19.com Open in urlscan Pro
2606:4700:3035::ac43:ca51 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://portaldacovid-19.com/
Submission Tags: falconsandbox
Submission: On May 25 via api (May 25th 2021, 11:29:41 am UTC) from US

Summary HTTP 26 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 15 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3035::ac43:ca51, located in United States and belongs to CLOUDFLARENET, US. The main domain is portaldacovid-19.com.

This is the only time portaldacovid-19.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3035::ac43:ca51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21f... 2600:9000:21f3:1800:5:6d4d:d280:21	16509 (AMAZON-02) (AMAZON-02)
1	162.241.60.121 162.241.60.121	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	179.188.43.175 179.188.43.175	27715 (Locaweb S...) (Locaweb Servicos de Internet S/A)
1	189.90.171.7 189.90.171.7	28197 (EMPRESA D...) (EMPRESA DE TECNOLOGIA DA INFORMACAO DO CEARA-ETICE)
1	170.82.173.10 170.82.173.10	266444 (3L CLOUD ...) (3L CLOUD INTERNET SERVICES LTDA - EPP)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	186.192.91.9 186.192.91.9	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
26	18

1 2606:4700:3035::ac43:ca51 (United States)

ASN13335 (CLOUDFLARENET, US)

portaldacovid-19.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:1800:5:6d4d:d280:21 (United States)

ASN16509 (AMAZON-02, US)

d3043uog1ad1l6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.241.60.121 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)

hab.org.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 179.188.43.175 (Brazil)

ASN27715 (Locaweb Servicos de Internet S/A, BR)

www.registro.sp.gov.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 189.90.171.7 (Fortaleza, Brazil)

ASN28197 (EMPRESA DE TECNOLOGIA DA INFORMACAO DO CEARA-ETICE, BR)

coronavirus.ceara.gov.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 170.82.173.10 (São Paulo, Brazil)

ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR)

www.widestock.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.91.9 (Nova Iguaçu, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)

s2.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	youtube.com www.youtube.com	636 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	399 B
3	gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com www.gstatic.com	29 KB
1	ytimg.com i.ytimg.com	24 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	google.com www.google.com	13 KB
1	blogspot.com 1.bp.blogspot.com	14 KB
1	glbimg.com s2.glbimg.com	97 KB
1	widestock.com.br www.widestock.com.br	39 KB
1	ceara.gov.br coronavirus.ceara.gov.br	56 KB
1	registro.sp.gov.br www.registro.sp.gov.br	121 KB
1	hab.org.br hab.org.br	43 KB
1	cloudfront.net d3043uog1ad1l6.cloudfront.net	202 KB
1	portaldacovid-19.com portaldacovid-19.com	19 KB
0	ecrie.com.br Failed ecrie.com.br Failed
26	15

	Domain	Requested by
9	www.youtube.com	portaldacovid-19.com www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	www.gstatic.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	1.bp.blogspot.com	portaldacovid-19.com
1	s2.glbimg.com	portaldacovid-19.com
1	encrypted-tbn0.gstatic.com	portaldacovid-19.com
1	www.widestock.com.br	portaldacovid-19.com
1	coronavirus.ceara.gov.br	portaldacovid-19.com
1	www.registro.sp.gov.br	portaldacovid-19.com
1	hab.org.br	portaldacovid-19.com
1	d3043uog1ad1l6.cloudfront.net	portaldacovid-19.com
1	portaldacovid-19.com
0	ecrie.com.br Failed	portaldacovid-19.com
26	18

This site contains links to these domains. Also see Links.

Domain
hab.org.br
www.sefras.org.br
www.hc.fm.usp.br
gerandofalcoes.com
instagram.com
cedecaceara.org.br
www.otempo.com.br
www.instagram.com
coronavirus.saude.gov.br

Subject Issuer	Validity	Valid
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
hab.org.br R3	`2021-04-07` - `2021-07-06`	3 months	crt.sh
*.registro.sp.gov.br AlphaSSL CA - SHA256 - G2	`2021-04-22` - `2022-05-24`	a year	crt.sh
coronavirus.ceara.gov.br R3	`2021-05-17` - `2021-08-15`	3 months	crt.sh
www.widestock.com.br R3	`2021-05-15` - `2021-08-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.glbimg.com RapidSSL RSA CA 2018	`2020-04-15` - `2021-06-14`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://portaldacovid-19.com/
Frame ID: AA1BA69CFDE7CA7EEA7CFF27DA569C67
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube.com/embed/rsQlyIwetsE
Frame ID: 5529BED109724C18CE4987F6A4D265F0
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

26
Requests

92 %
HTTPS

72 %
IPv6

15
Domains

18
Subdomains

18
IPs

3
Countries

1294 kB
Transfer

3059 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://hab.org.br/coronavirus/
Title: Hospital Adventista de Belém

Search URL Search Domain Scan URL

URL: http://www.sefras.org.br/novo/
Title: Site

Search URL Search Domain Scan URL

URL: https://www.hc.fm.usp.br/
Title: Site

Search URL Search Domain Scan URL

URL: https://gerandofalcoes.com/coronanoparedao
Title: Site

Search URL Search Domain Scan URL

URL: https://instagram.com/marmitadabh?igshid=fbdnz7rd5cqd
Title: Instagram

Search URL Search Domain Scan URL

URL: http://cedecaceara.org.br/site/index.php/quero-doar/
Title: Doações

Search URL Search Domain Scan URL

URL: https://www.otempo.com.br/coronavirus
Title: aqui

Search URL Search Domain Scan URL

URL: https://www.instagram.com/stayawayfromcovid/?hl=pt-br
Title: Nosso instagram

Search URL Search Domain Scan URL

URL: https://www.instagram.com/minsaude/?hl=pt-br
Title: Ministério da Saúde

Search URL Search Domain Scan URL

URL: https://coronavirus.saude.gov.br/
Title: Ministério da Saúde

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

26 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
portaldacovid-19.com/ 28 KB
19 KB 267ms
230ms Document
text/html 2606:4700:3035::ac43:ca51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://portaldacovid-19.com/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:ca51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d524ed9e58b352ef49f5c8b349f879f7020728a5d25a1b7c7170a1a57d93f91

Request headers

Host: portaldacovid-19.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 11:29:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2021 00:06:21 GMT
Vary: Accept-Encoding
X-Turbo-Charged-By: LiteSpeed
CF-Cache-Status: DYNAMIC
cf-request-id: 0a44e21fe9000006298313f000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LGQB2rk0HCUbT8niwpskscimgaULPjNCJC1e3KmQ4Gx%2BlHhSCB6y1HxLFJInpgV%2FM0mtr13EXHQ6vEEixlPh9xfnzlp3x2ZNgOvU9CXbfVeHTCUWnmHU0Efib17fDwPkXSHmMHCDtW0QIVdJHlo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 654e6c7979010629-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 photo-1584118624012-df056829fbd0.jpeg
d3043uog1ad1l6.cloudfront.net/uploads/2020/03/ 201 KB
202 KB 55ms
14ms Image
image/jpeg 2600:9000:21f3:1800:5:6d4d:d280:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3043uog1ad1l6.cloudfront.net/uploads/2020/03/photo-1584118624012-df056829fbd0.jpeg
Requested by: Host: portaldacovid-19.com
URL: http://portaldacovid-19.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1800:5:6d4d:d280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 023949c0c41656ce157cea8b4c0e2be6b2384781f751dbe1023d0a8d34a1d4a9

Request headers

Referer: http://portaldacovid-19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 13:04:46 GMT
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
last-modified: Sun, 29 Mar 2020 18:28:18 GMT
server: AmazonS3
age: 80657
etag: "8e6cbc2fc31472a6ac33297b42b1f91e"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 205882
x-amz-cf-id: 2wVgcewOnX2vDUYNty7C5CIRW5k4EyxWOvLXrDv2JgNzZWdTQcdRHg==

GET
H2 200 covide-transmissao-450x200.png
hab.org.br/wp-content/uploads/2020/03/ 43 KB
43 KB 575ms
266ms Image
image/png 162.241.60.121
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hab.org.br/wp-content/uploads/2020/03/covide-transmissao-450x200.png
Requested by: Host: portaldacovid-19.com
URL: http://portaldacovid-19.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.60.121 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: 422f7ff597a83c69216eb1ae25be09c27078c56481b55458ab3c5eb467b1a2c3

Request headers

Referer: http://portaldacovid-19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 11:29:03 GMT
content-length: 43561
last-modified: Mon, 16 Mar 2020 15:25:25 GMT
server: nginx/1.19.5
accept-ranges: bytes
x-server-cache: false
content-type: image/png

GET
H/1.1 200
OK 7_3913_148120fc-7e1c-4f4e-ad6e-25494b4641ad.jpg
www.registro.sp.gov.br/arquivos/foto_g/ 121 KB
121 KB 2041ms
423ms Image
image/jpeg 179.188.43.175
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.registro.sp.gov.br/arquivos/foto_g/7_3913_148120fc-7e1c-4f4e-ad6e-25494b4641ad.jpg
Requested by: Host: portaldacovid-19.com
URL: http://portaldacovid-19.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 179.188.43.175 , Brazil, ASN27715 (Locaweb Servicos de Internet S/A, BR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 15717cffc21ebb2508195bba62aa0203598bfd594bb1c811d35b2ded0cc290eb

Request headers

Referer: http://portaldacovid-19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 11:29:05 GMT
Last-Modified: Wed, 07 Oct 2020 17:52:43 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "6ed4ea8d29cd61:0"
Content-Length: 123550
Content-Type: image/jpeg

GET
H/1.1 200
OK vermelho.jpg
coronavirus.ceara.gov.br/wp-content/uploads/2020/04/ 56 KB
56 KB 2351ms
449ms Image
image/jpeg 189.90.171.7
EMPRESA DE TECNOL...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coronavirus.ceara.gov.br/wp-content/uploads/2020/04/vermelho.jpg
Requested by: Host: portaldacovid-19.com
URL: http://portaldacovid-19.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 189.90.171.7 Fortaleza, Brazil, ASN28197 (EMPRESA DE TECNOLOGIA DA INFORMACAO DO CEARA-ETICE, BR),
Reverse DNS
Software: nginx /
Resource Hash: 44b993415c77f4e77a7da3a00199106c2e848a1c7fb064f631b0aa5ae0a5c5fd

Request headers

Referer: http://portaldacovid-19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 25 May 2021 11:29:05 GMT
Last-Modified: Sat, 02 May 2020 22:57:46 GMT
Server: nginx
ETag: "df47-5a4b239f406b1"
Vary: User-Agent
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57159

GET m_10_0_1_07052020112126.jpeg
ecrie.com.br/sistema/conteudos/imagem/ 0
0

GET
H2 200 asseptgel_gel_antisseptico_500ml_tampa_disk_top_2_.jpg
www.widestock.com.br/media/catalog/product/a/s/ 38 KB
39 KB 1521ms
643ms Image
image/jpeg 170.82.173.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.widestock.com.br/media/catalog/product/a/s/asseptgel_gel_antisseptico_500ml_tampa_disk_top_2_.jpg
Requested by: Host: portaldacovid-19.com
URL: http://portaldacovid-19.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 170.82.173.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: 2428438ad9fe8089f632ae516b36988ef3cf65f1a06582d81cf8c81ab529b1c7

Request headers

Referer: http://portaldacovid-19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 11:29:04 GMT
last-modified: Thu, 02 Apr 2020 11:57:22 GMT
server: gocache
etag: "5e85d322-99d5"
x-gocache-cachestatus: MISS
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
content-length: 39381
expires: Wed, 26 May 2021 11:29:04 GMT

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 12 KB
12 KB 51ms
30ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn%3AANd9GcRbUMh3BkLuIl0B2QZu5FQckeIyROmTHA9EwQ&usqp=CAU

Requested by

Host: portaldacovid-19.com
URL: http://portaldacovid-19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2829ab96e049eb84205d3acefb959739bef8bdb4d4d2d93b10e89a74737f2e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://portaldacovid-19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 11:29:03 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Jun 2020 21:02:52 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12105
x-xss-protection: 0
expires: Wed, 25 May 2022 11:29:03 GMT

GET
H2 200 fachada-ichc-hc.jpg
s2.glbimg.com/nme_x8PIXW66iz-gtw8O7Mmjs8I=/0x0:1000x779/984x0/smart/filters:strip_icc()/s.glbimg.com/jo/g1/f/original/2019/03/17/ 96 KB
97 KB 674ms
223ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/nme_x8PIXW66iz-gtw8O7Mmjs8I=/0x0:1000x779/984x0/smart/filters:strip_icc()/s.glbimg.com/jo/g1/f/original/2019/03/17/fachada-ichc-hc.jpg
Requested by: Host: portaldacovid-19.com
URL: http://portaldacovid-19.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Nova Iguaçu, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash: fc35b6a2e22ed62317f1deb1d980ea17bbe70c704fb6ee90ddfd696e64b0f3cc

Request headers

Referer: http://portaldacovid-19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 11:29:03 GMT
via: 2.0 CachOS
x-bip: 509931328 ra03 11 03
age: 132207
etag: "4559d4880d0e5ed8e6157930304113ebf3af3c10"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB1D017
access-control-allow-headers: Content-Type
content-length: 98702
x-request-id: d8a220d8-476b-47fc-a9f1-0eea0691289e
expires: Tue, 22 Jun 2021 22:45:36 GMT

GET
H2 200 0%253D%253DAO4UTOzMjOyJmLt92Yuk2bANXZuVnbvl2YpJHdhBnO3ITOzQzN5ITMyozZlBnauEzMlFzMjV2NxIDM3QDNhJTYwQjZ1QWOjRTN0UjZxMWOGJTJxMWOGJTJ0MTM1YkMlQDNwQTMf1SNx0yXt92YuIHct1SaGJTJGJTJBNTJwRHdopTM.jpg
1.bp.blogspot.com/-YGY5nWY03T8/Xd7nc-l5UaI/AAAAAAAEj5M/nEeDhIaSjOYEqOcB0su2pQGJAAFiGUangCLcBGAsYHQ/s1600/ 14 KB
14 KB 216ms
214ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-YGY5nWY03T8/Xd7nc-l5UaI/AAAAAAAEj5M/nEeDhIaSjOYEqOcB0su2pQGJAAFiGUangCLcBGAsYHQ/s1600/0%253D%253DAO4UTOzMjOyJmLt92Yuk2bANXZuVnbvl2YpJHdhBnO3ITOzQzN5ITMyozZlBnauEzMlFzMjV2NxIDM3QDNhJTYwQjZ1QWOjRTN0UjZxMWOGJTJxMWOGJTJ0MTM1YkMlQDNwQTMf1SNx0yXt92YuIHct1SaGJTJGJTJBNTJwRHdopTM.jpg

Requested by

Host: portaldacovid-19.com
URL: http://portaldacovid-19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3adc66472973e671781735a5e516b66ad24a06a9d6dc7ca0d8e4a25353e2e55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://portaldacovid-19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 11:29:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v48f94"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="0==AO4UTOzMjOyJmLt92Yuk2bANXZuVnbvl2YpJHdhBnO3ITOzQzN5ITMyozZlBnauEzMlFzMjV2NxIDM3QDNhJTYwQjZ1QWOjRTN0UjZxMWOGJTJxMWOGJTJ0MTM1YkMlQDNwQTMf1SNx0yXt92YuIHct1SaGJTJGJTJBNTJwRHdopTM.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13937
x-xss-protection: 0
expires: Wed, 26 May 2021 11:29:03 GMT

GET
H2 200 rsQlyIwetsE Show response
www.youtube.com/embed/ Frame 5529 51 KB
22 KB 52ms
52ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/rsQlyIwetsE

Requested by

Host: portaldacovid-19.com
URL: http://portaldacovid-19.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7b71daab79d4a3bb7d49480825200c29d14b402977ede0dc0fa786c15a7ddfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/rsQlyIwetsE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://portaldacovid-19.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://portaldacovid-19.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 25 May 2021 11:29:03 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Hhh-f1OsbdQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=iLgX2XsbcLc; Domain=.youtube.com; Expires=Sun, 21-Nov-2021 11:29:03 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+636; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/8523e85c/ Frame 5529 356 KB
45 KB 11ms
8ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8523e85c/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rsQlyIwetsE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5b5fab3b788b3161871e2509cbaaa55f9b73fae0aae0459211269320f11ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/rsQlyIwetsE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 14:45:58 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 24 May 2021 00:18:21 GMT
server: sffe
age: 74585
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46118
x-xss-protection: 0
expires: Tue, 24 May 2022 14:45:58 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/8523e85c/www-embed-player.vflset/ Frame 5529 192 KB
63 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8523e85c/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rsQlyIwetsE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fae5fa464d58c38ecd58b63d5bcba507b4ecf344c652f698ce54fd7dca6744a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/rsQlyIwetsE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 14:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 24 May 2021 00:18:21 GMT
server: sffe
age: 74576
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64790
x-xss-protection: 0
expires: Tue, 24 May 2022 14:46:07 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/8523e85c/player_ias.vflset/en_US/ Frame 5529 2 MB
465 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8523e85c/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rsQlyIwetsE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516de997ff27077b3a621551fbcc71f465c3201267306ddb31c92970b3c3d4f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/rsQlyIwetsE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 14:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 24 May 2021 00:18:21 GMT
server: sffe
age: 74612
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476450
x-xss-protection: 0
expires: Tue, 24 May 2022 14:45:31 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8523e85c/fetch-polyfill.vflset/ Frame 5529 8 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8523e85c/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rsQlyIwetsE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/rsQlyIwetsE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 14:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 24 May 2021 00:18:21 GMT
server: sffe
age: 74576
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Tue, 24 May 2022 14:46:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5529 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rsQlyIwetsE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 21:46:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 567783
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Wed, 18 May 2022 21:46:00 GMT

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 349e95a77b26adbe5e74962861c69eba3996b68a88358190dcdde8ae8fc8c70c

Request headers

Referer: http://portaldacovid-19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 5529
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

14ms
14ms

XHR
application/json

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rsQlyIwetsE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb6bbd7b65d958f83365af9ed621dea16d5fe55ece10cf959e0e2843e13f331b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 11:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 25 May 2021 11:29:03 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 5529 29 B
91 B 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8523e85c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 11:26:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 179
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Tue, 25 May 2021 11:41:04 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/8523e85c/player_ias.vflset/en_US/ Frame 5529 98 KB
30 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8523e85c/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8523e85c/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bddd0b3e1be9e380e0a14ca96f995055d6527b9c0da9e8caa56ac358df7f63c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/rsQlyIwetsE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 14:45:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 24 May 2021 00:18:21 GMT
server: sffe
age: 74609
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30984
x-xss-protection: 0
expires: Tue, 24 May 2022 14:45:34 GMT

GET
H3-29 200 7WadPQM5Sz4PCIdYDiKmUZbGuJNx7cvT5MT2dFmDNsc.js Show response
www.google.com/js/th/ Frame 5529 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/7WadPQM5Sz4PCIdYDiKmUZbGuJNx7cvT5MT2dFmDNsc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8523e85c/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed669d3d03394b3e0f0887580e22a65196c6b89371edcbd3e4c4f674598336c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 08:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 11:00:00 GMT
server: sffe
age: 11566
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13162
x-xss-protection: 0
expires: Wed, 25 May 2022 08:16:17 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/8523e85c/player_ias.vflset/en_US/ Frame 5529 25 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8523e85c/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8523e85c/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8ef27610169d226ccb211c02bcff910ef5ff0274910ce0c0ac7e1b2f349d8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/rsQlyIwetsE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 14:51:21 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 24 May 2021 00:18:21 GMT
server: sffe
age: 74262
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7447
x-xss-protection: 0
expires: Tue, 24 May 2022 14:51:21 GMT

GET
DATA 200
OK truncated
/ Frame 5529 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwni7C2XLq34yDyUxsMN_ammmethnikVngXlzDRvD=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5529 3 KB
3 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwni7C2XLq34yDyUxsMN_ammmethnikVngXlzDRvD=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rsQlyIwetsE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5ca8450c5294cf0f6db0e96e847411580c4f416cef4fe8b228a903f17eaaf1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 08:24:27 GMT
x-content-type-options: nosniff
age: 11076
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2671
x-xss-protection: 0
server: fife
etag: "v49"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 09 May 2021 13:14:14 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/rsQlyIwetsE/ Frame 5529 24 KB
24 KB 7ms
6ms Image
image/webp 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/rsQlyIwetsE/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/rsQlyIwetsE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d624a4e9c2046d2a78878cfc90515a3cd4d8d4a555f23db0ac717e405bbec4ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 10:07:43 GMT
x-content-type-options: nosniff
server: sffe
age: 4880
etag: "1584452351"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24274
x-xss-protection: 0
expires: Tue, 25 May 2021 12:07:43 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 5529 4 KB
2 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8523e85c/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 11:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Tue, 25 May 2021 11:29:03 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 5529 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?2hjYnQ
Requested by: Host: portaldacovid-19.com
URL: http://portaldacovid-19.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/rsQlyIwetsE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 11:29:03 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 5529 28 B
54 B 21ms
21ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8523e85c/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/rsQlyIwetsE
X-YouTube-Client-Version: 1.20210523.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtpTGdYMlhzYmNMYyj_vrOFBg%3D%3D
X-YouTube-Ad-Signals: dt=1621942143363&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKoJ6PoBkB-JBmCAAeM9wtHwUHwoeCB6-mZbOXvfnCTPzxUHWG9wOQF-MQJbJlWCXymG46FIxdk1aZrPkuuH9vUQyBw9-A

Response headers

date: Tue, 25 May 2021 11:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 25 May 2021 11:29:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ecrie.com.br
URL: https://ecrie.com.br/sistema/conteudos/imagem/m_10_0_1_07052020112126.jpeg

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
coronavirus.ceara.gov.br
d3043uog1ad1l6.cloudfront.net
ecrie.com.br
encrypted-tbn0.gstatic.com
fonts.gstatic.com
googleads.g.doubleclick.net
hab.org.br
i.ytimg.com
portaldacovid-19.com
s2.glbimg.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.registro.sp.gov.br
www.widestock.com.br
www.youtube.com
yt3.ggpht.com
ecrie.com.br
162.241.60.121
170.82.173.10
179.188.43.175
186.192.91.9
189.90.171.7
2600:9000:21f3:1800:5:6d4d:d280:21
2606:4700:3035::ac43:ca51
2a00:1450:4001:802::2003
2a00:1450:4001:803::200e
2a00:1450:4001:808::2004
2a00:1450:4001:809::2006
2a00:1450:4001:809::200e
2a00:1450:4001:811::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2016
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
023949c0c41656ce157cea8b4c0e2be6b2384781f751dbe1023d0a8d34a1d4a9
0d524ed9e58b352ef49f5c8b349f879f7020728a5d25a1b7c7170a1a57d93f91
15717cffc21ebb2508195bba62aa0203598bfd594bb1c811d35b2ded0cc290eb
2428438ad9fe8089f632ae516b36988ef3cf65f1a06582d81cf8c81ab529b1c7
2829ab96e049eb84205d3acefb959739bef8bdb4d4d2d93b10e89a74737f2e34
349e95a77b26adbe5e74962861c69eba3996b68a88358190dcdde8ae8fc8c70c
3adc66472973e671781735a5e516b66ad24a06a9d6dc7ca0d8e4a25353e2e55c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
422f7ff597a83c69216eb1ae25be09c27078c56481b55458ab3c5eb467b1a2c3
44b993415c77f4e77a7da3a00199106c2e848a1c7fb064f631b0aa5ae0a5c5fd
516de997ff27077b3a621551fbcc71f465c3201267306ddb31c92970b3c3d4f6
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
9fae5fa464d58c38ecd58b63d5bcba507b4ecf344c652f698ce54fd7dca6744a
a5ca8450c5294cf0f6db0e96e847411580c4f416cef4fe8b228a903f17eaaf1f
bb6bbd7b65d958f83365af9ed621dea16d5fe55ece10cf959e0e2843e13f331b
bddd0b3e1be9e380e0a14ca96f995055d6527b9c0da9e8caa56ac358df7f63c5
d5b5fab3b788b3161871e2509cbaaa55f9b73fae0aae0459211269320f11ab5a
d624a4e9c2046d2a78878cfc90515a3cd4d8d4a555f23db0ac717e405bbec4ce
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b71daab79d4a3bb7d49480825200c29d14b402977ede0dc0fa786c15a7ddfb
e8ef27610169d226ccb211c02bcff910ef5ff0274910ce0c0ac7e1b2f349d8fb
ed669d3d03394b3e0f0887580e22a65196c6b89371edcbd3e4c4f674598336c7
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
fc35b6a2e22ed62317f1deb1d980ea17bbe70c704fb6ee90ddfd696e64b0f3cc

portaldacovid-19.com Open in urlscan Pro 2606:4700:3035::ac43:ca51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

26 Requests

92 %HTTPS

72 %IPv6

15 Domains

18 Subdomains

18 IPs

3 Countries

1294 kBTransfer

3059 kBSize

0 Cookies

10 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

Indicators

portaldacovid-19.com Open in urlscan Pro
2606:4700:3035::ac43:ca51 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

92 %
HTTPS

72 %
IPv6

15
Domains

18
Subdomains

18
IPs

3
Countries

1294 kB
Transfer

3059 kB
Size

0
Cookies

26 HTTP transactions
2 data transactions