67bdbed.contato.site Open in urlscan Pro
173.212.200.60 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://67bdbed.contato.site/
Submission: On August 03 via automatic, source certstream-suspicious (August 3rd 2022, 9:05:24 pm UTC) — Scanned from DE

Summary HTTP 103 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 20 domains to perform 103 HTTP transactions. The main IP is 173.212.200.60, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is 67bdbed.contato.site.
TLS certificate: Issued by WMSvc-SHA2-MONSTRO019 on June 5th 2020. Valid for: 10 years.

This is the only time 67bdbed.contato.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	173.212.200.60 173.212.200.60	51167 (CONTABO) (CONTABO)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2 15	18.66.139.102 18.66.139.102	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:249... 2600:9000:2491:1c00:11:8a69:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.96.67.224 34.96.67.224	15169 (GOOGLE) (GOOGLE)
13	108.138.17.14 108.138.17.14	16509 (AMAZON-02) (AMAZON-02)
1	34.235.215.69 34.235.215.69	14618 (AMAZON-AES) (AMAZON-AES)
2	52.72.95.161 52.72.95.161	14618 (AMAZON-AES) (AMAZON-AES)
2	100.25.227.44 100.25.227.44	14618 (AMAZON-AES) (AMAZON-AES)
3	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
4	3.218.163.189 3.218.163.189	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	54.243.29.87 54.243.29.87	14618 (AMAZON-AES) (AMAZON-AES)
103	32

9 173.212.200.60 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: m5600.contaboserver.net

67bdbed.contato.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.66.139.102 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-102.fra60.r.cloudfront.net

pay.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

beepluginaddons.contato.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

blob.contato.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:1c00:11:8a69:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

app-hotpay-checkout.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.67.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.sift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 108.138.17.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-14.fra56.r.cloudfront.net

checkout.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.215.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-215-69.compute-1.amazonaws.com

api-pixel.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.95.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-95-161.compute-1.amazonaws.com

tracking-api.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.25.227.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-227-44.compute-1.amazonaws.com

launcher.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o49094.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.218.163.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-163-189.compute-1.amazonaws.com

api-checkout-vue.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.243.29.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-29-87.compute-1.amazonaws.com

identification.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	hotmart.com 2 redirects pay.hotmart.com — Cisco Umbrella Rank: 454054 checkout.hotmart.com — Cisco Umbrella Rank: 690121 Failed app-hotpay-checkout.hotmart.com — Cisco Umbrella Rank: 701374 api-pixel.hotmart.com — Cisco Umbrella Rank: 572733 tracking-api.hotmart.com — Cisco Umbrella Rank: 97812 launcher.hotmart.com — Cisco Umbrella Rank: 190201 api-checkout-vue.hotmart.com identification.hotmart.com — Cisco Umbrella Rank: 209036	1 MB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 111	781 KB
9	contato.site 67bdbed.contato.site	61 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 static.doubleclick.net — Cisco Umbrella Rank: 458	6 KB
5	google.com www.google.com — Cisco Umbrella Rank: 10	14 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 jnn-pa.googleapis.com — Cisco Umbrella Rank: 346	31 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5596	828 B
4	gstatic.com fonts.gstatic.com www.gstatic.com	63 KB
3	sentry.io o49094.ingest.sentry.io — Cisco Umbrella Rank: 128960	320 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	165 KB
2	sift.com cdn.sift.com — Cisco Umbrella Rank: 11183	40 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	39 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	388 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	30 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	111 KB
2	contato.io beepluginaddons.contato.io blob.contato.io	3 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 283	721 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 402	10 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 141	25 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 261	4 KB
103	20

	Domain	Requested by
15	pay.hotmart.com	2 redirects 67bdbed.contato.site pay.hotmart.com
13	checkout.hotmart.com	pay.hotmart.com checkout.hotmart.com
9	www.youtube.com	67bdbed.contato.site www.youtube.com
9	67bdbed.contato.site	67bdbed.contato.site
6	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com
5	www.google.com	67bdbed.contato.site www.youtube.com pay.hotmart.com
4	api-checkout-vue.hotmart.com	checkout.hotmart.com
4	jnn-pa.googleapis.com	www.youtube.com
4	www.google.de	67bdbed.contato.site pay.hotmart.com
3	o49094.ingest.sentry.io	checkout.hotmart.com
3	www.googletagmanager.com	67bdbed.contato.site pay.hotmart.com www.googletagmanager.com
2	identification.hotmart.com	launcher.hotmart.com
2	launcher.hotmart.com	checkout.hotmart.com
2	tracking-api.hotmart.com	api-pixel.hotmart.com checkout.hotmart.com
2	cdn.sift.com	pay.hotmart.com checkout.hotmart.com
2	www.google-analytics.com	pay.hotmart.com checkout.hotmart.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	www.facebook.com	67bdbed.contato.site
2	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
2	www.googleadservices.com	www.googletagmanager.com
2	connect.facebook.net	67bdbed.contato.site connect.facebook.net
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	checkout.hotmart.com
1	api-pixel.hotmart.com	checkout.hotmart.com
1	app-hotpay-checkout.hotmart.com	pay.hotmart.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.googleapis.com	blob.contato.io
1	blob.contato.io	67bdbed.contato.site
1	beepluginaddons.contato.io	67bdbed.contato.site
103	31

This site contains no links.

Subject Issuer	Validity	Valid
WMSvc-SHA2-MONSTRO019 WMSvc-SHA2-MONSTRO019	`2020-06-05` - `2030-06-03`	10 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
hp.hotmart.com Amazon	`2022-07-07` - `2023-08-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-10` - `2023-06-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-13` - `2022-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.sift.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-07` - `2023-01-20`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
data.hotmart.com Amazon	`2022-01-04` - `2023-02-01`	a year	crt.sh
hotmart.com Amazon	`2022-06-12` - `2023-07-11`	a year	crt.sh
*.ingest.sentry.io R3	`2022-06-21` - `2022-09-19`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://67bdbed.contato.site/
Frame ID: 8144F4280A5F6907EA04AE062819AC2A
Requests: 29 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5EzI-A16-cg
Frame ID: 8CF3E582CB25D0C587AB44B42CAE71B5
Requests: 20 HTTP requests in this frame

Frame: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Frame ID: E93FF77B69FC4E28AC8612783597693C
Requests: 21 HTTP requests in this frame

Frame: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Frame ID: E93DB23864DDC06FAEFE96DA4008AD36
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RECADO IMPORTANTE PARA ALUNOS QUINTESSENCIA

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

Page Statistics

103
Requests

89 %
HTTPS

58 %
IPv6

20
Domains

31
Subdomains

32
IPs

3
Countries

2815 kB
Transfer

9772 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://pay.hotmart.com/funnel?&key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode= HTTP 302
https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode HTTP 302
https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498

Request Chain 34

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

103 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
67bdbed.contato.site/ 8 KB
4 KB 260ms
39ms Document
text/html 173.212.200.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://67bdbed.contato.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.212.200.60 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m5600.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7fec00617f7ad5d08bb39cde4d1ebe1ba7328f59ca280d6fb46045d2c8cff848

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
content-encoding: gzip
content-length: 3522
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 21:05:19 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.0
x-powered-by: ASP.NET

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 50ms
23ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-880785909

Requested by

Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3f299abce566be4c1aa682df5b5fe1586dd594c88d95a947191a32210d65a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:19 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63750
x-xss-protection: 0
expires: Wed, 03 Aug 2022 21:05:19 GMT

GET
H2 200 hotmart.upsell_checkout.js Show response
pay.hotmart.com/assets/js/ 5 KB
2 KB 83ms
11ms Script
application/javascript 18.66.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.hotmart.com/assets/js/hotmart.upsell_checkout.js
Requested by: Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-102.fra60.r.cloudfront.net
Software: nginx/1.19.0 /
Resource Hash: 5c38958f90f8b9162e42ad092c01faa25cff623c49ac2c3db4f0c6b8625c7736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:00:29 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 19:12:08 GMT
server: nginx/1.19.0
age: 290
etag: W/"15a6-1825ad29b40"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
cache-control: public, max-age=0
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: ErU7Y9IR1j5d8yAQlRZggBWFnSvuEx5fDqpBHIBAiDahxE-UL9ikgQ==

GET
H2 200 base-script.js Show response
beepluginaddons.contato.io/scripts/ 3 KB
2 KB 512ms
74ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beepluginaddons.contato.io/scripts/base-script.js
Requested by: Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0, ASP.NET
Resource Hash: ec524f47beda7b12cf6265979fe5320d0ee82b6ed842a8aeef77a12faad4ef9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:20 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ARR/3.0, ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 18 Apr 2022 20:55:54 GMT
server: cloudflare
etag: W/"b19-1803e75df90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZNTBZo%2B6O1U%2FU5ZUFK%2BZrjZ5rjOVryaUCx6%2BF1IUJWDkE3WpCXwKckq3T1a5T0TSNGF%2BVkUGIGADiBRasVQ1kRXq%2FXSXJMPEAxy4z%2B%2FbJfl3V4uogu%2Fy7k1ETz1i6IP2QC6KE%2FtfTgJcT6PQ03XMxYmytMfaH%2FfuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 735202c54a6e5c3e-FRA

GET
H2 200 beefree-pages-overwrites
67bdbed.contato.site/Content/ 275 B
321 B 43ms
41ms Stylesheet
text/css 173.212.200.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://67bdbed.contato.site/Content/beefree-pages-overwrites?v=KtTlqPGC4p3e40yCX4jAUkaKtaZ3PiNPrHp45nXIx341
Requested by: Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.212.200.60 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m5600.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad7be3af20b2c3024e17c4f95cff5c2bc9640edc2e30c7b8817e365efaf6f8eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 21:05:20 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public
access-control-allow-headers: *
content-length: 256
expires: Thu, 03 Aug 2023 21:05:20 GMT

GET
H2 200 bee-pages.css
blob.contato.io/machine-files/all-css/ 232 B
849 B 52ms
15ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blob.contato.io/machine-files/all-css/bee-pages.css
Requested by: Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7de6075b9abb486f42eed502f29ee67de1adad093963390cce7cbfaaf4c0a4f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 Aug 2022 21:05:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: kCr8ZXFWBXElCc/Uc/6U8A==
age: 6420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 09 Jun 2020 19:38:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cD8vWAn7HM922X6IklQiRFJ07Cc3a2EASd9Os1AkxkzRS9FfR8QQKLxy0dH6YLs7fR17hu7CC7aRg9IuMIUb%2BrIHwu0aNw5s8fiyUKlSBOqgq9VPOSvwysnJrqqqeoZzSPh1QvraZhNnPYCfK6k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: da0e8106-001e-0017-2523-a566a3000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 735202c2a971bbdf-FRA

GET
H2 200 jquery-351 Show response
67bdbed.contato.site/bundles/ 87 KB
40 KB 24ms
24ms Script
text/javascript 173.212.200.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://67bdbed.contato.site/bundles/jquery-351?v=LYwc5OxGSW7ZpkTf7ckY3GOdqafOvzeknRc1cFb3gaI1
Requested by: Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.212.200.60 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m5600.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 90a5d852e7b743833126df2dafc092d4a2a59fd1a4cceb98412eda984dc065a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 21:05:20 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public
access-control-allow-headers: *
content-length: 40527
expires: Thu, 03 Aug 2023 21:05:20 GMT

GET
H2 200 page-views Show response
67bdbed.contato.site/bundles/ 357 B
402 B 40ms
38ms Script
text/javascript 173.212.200.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://67bdbed.contato.site/bundles/page-views?v=RFS_9pcQpAX3kK36TH6nfMX6edR9IzqGFT5-MduLznc1
Requested by: Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.212.200.60 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m5600.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 730458e207108233af8e957278708556f83f3ea6288c700da49a410d5ada78f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 21:05:20 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public
access-control-allow-headers: *
content-length: 355
expires: Thu, 03 Aug 2023 21:05:20 GMT

GET
H2 200 capture-css-component
67bdbed.contato.site/Content/ 418 B
417 B 43ms
42ms Stylesheet
text/css 173.212.200.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://67bdbed.contato.site/Content/capture-css-component?v=N_BHify-8HhgPo6IORhrzVQgZZJBfqLMEhzkzzoPmA01
Requested by: Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.212.200.60 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m5600.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8c3fba3915fbe9cbd21ca6ba73f60eecacec64eea13ea79c43e2e71f24641320

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 21:05:20 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public
access-control-allow-headers: *
content-length: 370
expires: Thu, 03 Aug 2023 21:05:20 GMT

GET
H2 200 capture-script-component Show response
67bdbed.contato.site/bundles/ 5 KB
2 KB 37ms
35ms Script
text/javascript 173.212.200.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://67bdbed.contato.site/bundles/capture-script-component?v=FHBTBGPiYybpb4hqOszIlPgKU15gFD5uHMCaaj8k4PU1
Requested by: Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.212.200.60 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m5600.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d84e24f07dad9ff17e4c7febaded1c50361f94e4e1a2e61dad9cf5620d815b34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 21:05:20 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public
access-control-allow-headers: *
content-length: 2288
expires: Thu, 03 Aug 2023 21:05:20 GMT

GET
H2 200 cleave Show response
67bdbed.contato.site/bundles/ 33 KB
13 KB 34ms
32ms Script
text/javascript 173.212.200.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://67bdbed.contato.site/bundles/cleave?v=z6aLQf9LMoQYlbBUWXT2gmO-z3-3c6PPBNnKgxDmzv81
Requested by: Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.212.200.60 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m5600.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42e3910cb1dfa992cae10d041d44e530cf63bf27eab0ddb0da41a5cf335301c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 21:05:20 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public
access-control-allow-headers: *
content-length: 13428
expires: Thu, 03 Aug 2023 21:05:20 GMT

GET
H2 200 ll-fields-mask Show response
67bdbed.contato.site/bundles/ 486 B
429 B 39ms
37ms Script
text/javascript 173.212.200.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://67bdbed.contato.site/bundles/ll-fields-mask?v=N8DZXC3DCNLuY35Ib01g1Bve1k4f3QGhhH08hgBzCLg1
Requested by: Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.212.200.60 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m5600.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e596e36b239dbf027cd2073cf58516273d99154b55d01760183294bac34c11a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:19 GMT
content-encoding: gzip
last-modified: Wed, 03 Aug 2022 21:05:20 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public
access-control-allow-headers: *
content-length: 382
expires: Thu, 03 Aug 2023 21:05:20 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 53ms
12ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97d2d7795d8696da8f15abfbc4ed528f5d97767966a23ad602f276c8d6680de9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26222
x-xss-protection: 0
pragma: public
x-fb-debug: QfdN0f5cwCrhtrB0WnTqQ6mZBx2t1wHFxK8c+oxW7LFXXz+Licj6LBTIDsYn1nax2QMA+M18b4O68/pcuWb/4A==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 03 Aug 2022 21:05:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5EzI-A16-cg Show response
www.youtube.com/embed/ Frame 8CF3 62 KB
27 KB 97ms
73ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/5EzI-A16-cg

Requested by

Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

246ec45d67d6d0ec3dd4b293e0863b56a73b41f1fc53be07e38b5776effeee6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://67bdbed.contato.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 03 Aug 2022 21:05:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 45ms
20ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-880785909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 21:05:19 GMT

GET
H2

200

funnel Show response
pay.hotmart.com/pay/ Frame E93F
Redirect Chain

https://pay.hotmart.com/funnel?&key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode=
https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode
https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498

183 KB
44 KB

383ms
382ms

Document
text/html

18.66.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Requested by: Host: pay.hotmart.com
URL: https://pay.hotmart.com/assets/js/hotmart.upsell_checkout.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-102.fra60.r.cloudfront.net
Software: nginx/1.19.0 /
Resource Hash: 673962d8308658ff3ed4c302e3228b00812911563abd88119372bcf03bc0bdf3

Request headers

Referer: https://67bdbed.contato.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 21:05:20 GMT
etag: "2db15-l4xh7zF/57XFZICTrVuYR6WESK8"
server: nginx/1.19.0
vary: Accept-Encoding
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-amz-cf-id: hfqNIN7tcbYU9dNu-R52KNr7rNLsJ102GyFsaC9Dzs7nprdDG2kn5Q==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront

Redirect headers

content-length: 0
date: Wed, 03 Aug 2022 21:05:20 GMT
location: /pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
server: nginx/1.19.0
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-amz-cf-id: IxrUsnRtH0YhZ1LCtr-Zjn2LmKcKStjepxz6fgtJ7BjoGHbTRcURZA==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront

GET
H2 200 css2
fonts.googleapis.com/ 30 KB
1 KB 45ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: blob.contato.io
URL: https://blob.contato.io/machine-files/all-css/bee-pages.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53f4cc30a0cdd34d16dfda9a1e410b541dd08c7711fc2a763045b812ba65150c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blob.contato.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 19:37:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 03 Aug 2022 21:05:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Aug 2022 21:05:19 GMT

GET
H2 200 542353293230762 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 83ms
82ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/542353293230762?v=2.9.70&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d37bc64536e0a4d39dc311ded734f17bd0b90d1b34e7b38cd85e4e7d7cf39d5b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Xnqog3yvNR4xHWUO3m1erk6vgIpd31AVTR58gplYqNRwPU4lOIO97/HKRbwwpDvq7yvtMmLMLUQWZxPmMQJ2pg==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 03 Aug 2022 21:05:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1659560719936
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/7a7465f5/ Frame 8CF3 340 KB
47 KB 27ms
9ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7a7465f5/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5EzI-A16-cg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af5b01db369432e13c4fc7fd732a09338294d39668f7dd3d4c0c063db3a18be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5EzI-A16-cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 07:43:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48082
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47818
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 00:20:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 03 Aug 2023 07:43:57 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/7a7465f5/www-embed-player.vflset/ Frame 8CF3 307 KB
95 KB 35ms
17ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7a7465f5/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5EzI-A16-cg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2623028b608ddfeee51b931f3b9e12237167c360ad64d7f069b65055f9feaeea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5EzI-A16-cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96877
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 00:20:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 01 Aug 2023 14:48:40 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/ Frame 8CF3 2 MB
565 KB 40ms
22ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5EzI-A16-cg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1372e99784f1a09da0cfe05bdaf2eb4dc4cae8e68b37bc5ae5780636331f32b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5EzI-A16-cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 578743
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 00:20:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 01 Aug 2023 14:48:40 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/7a7465f5/fetch-polyfill.vflset/ Frame 8CF3 9 KB
3 KB 32ms
15ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7a7465f5/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5EzI-A16-cg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5EzI-A16-cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 00:20:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 01 Aug 2023 14:48:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8CF3 15 KB
16 KB 36ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5EzI-A16-cg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 100718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 02 Aug 2023 17:06:41 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/880785909/ 2 KB
2 KB 56ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/880785909/?random=1659560719894&cv=9&fst=1659560719894&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F67bdbed.contato.site%2F&tiba=RECADO%20IMPORTANTE%20PARA%20ALUNOS%20QUINTESSENCIA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10d9fc055c75792845cb1a2e393e1f7fc030d160e54735917852f5134ff1d087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 21:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1062
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/880785909/ 3 KB
1 KB 56ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/880785909/?random=1659560719896&cv=9&fst=1659560719896&num=1&userId=replace%20with%20value&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Deducation%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2F67bdbed.contato.site%2F&tiba=RECADO%20IMPORTANTE%20PARA%20ALUNOS%20QUINTESSENCIA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76c7ccf7b6af926d8f6a6f9d4384bfdf0df9a033f84f9663af3a8c112cfafda9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 21:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1127
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/880785909/ 3 KB
1 KB 56ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/880785909/?random=1659560719897&cv=9&fst=1659560719896&num=1&userId=replace%20with%20value&value=replace%20with%20value&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&ig=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail%3Bid%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2F67bdbed.contato.site%2F&tiba=RECADO%20IMPORTANTE%20PARA%20ALUNOS%20QUINTESSENCIA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7739ee04eda0ed5835b84ecf78316876b8e176ebbc91de10653097f8e07c721d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 21:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1117
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 13ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://67bdbed.contato.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 582059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 03:24:20 GMT

POST
H2 200 AddPageViewScript Show response
67bdbed.contato.site/Pages/ 4 B
131 B 81ms
78ms XHR
application/json 173.212.200.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://67bdbed.contato.site/Pages/AddPageViewScript
Requested by: Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/bundles/jquery-351?v=LYwc5OxGSW7ZpkTf7ckY3GOdqafOvzeknRc1cFb3gaI1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 173.212.200.60 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m5600.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://67bdbed.contato.site/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 21:05:19 GMT
x-aspnetmvc-version: 5.0
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: *
content-length: 4

GET
H2 200 /
www.google.com/pagead/1p-user-list/880785909/ 42 B
548 B 74ms
31ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/880785909/?random=1659560719894&cv=9&fst=1659560400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F67bdbed.contato.site%2F&tiba=RECADO%20IMPORTANTE%20PARA%20ALUNOS%20QUINTESSENCIA&async=1&fmt=3&is_vtc=1&random=2959581122&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 21:05:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/880785909/ 42 B
548 B 62ms
19ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/880785909/?random=1659560719894&cv=9&fst=1659560400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2F67bdbed.contato.site%2F&tiba=RECADO%20IMPORTANTE%20PARA%20ALUNOS%20QUINTESSENCIA&async=1&fmt=3&is_vtc=1&random=2959581122&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 21:05:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/880785909/ 42 B
108 B 75ms
32ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/880785909/?random=1659560719896&cv=9&fst=1659560400000&num=1&userId=replace%20with%20value&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Deducation%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2F67bdbed.contato.site%2F&tiba=RECADO%20IMPORTANTE%20PARA%20ALUNOS%20QUINTESSENCIA&async=1&fmt=3&is_vtc=1&random=204154396&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 21:05:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/880785909/ 42 B
108 B 64ms
21ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/880785909/?random=1659560719896&cv=9&fst=1659560400000&num=1&userId=replace%20with%20value&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Deducation%3Bid%3Dreplace%20with%20value%3Blocation_id%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2F67bdbed.contato.site%2F&tiba=RECADO%20IMPORTANTE%20PARA%20ALUNOS%20QUINTESSENCIA&async=1&fmt=3&is_vtc=1&random=204154396&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 21:05:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/880785909/ 42 B
108 B 78ms
36ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/880785909/?random=1659560719897&cv=9&fst=1659560400000&num=1&userId=replace%20with%20value&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail%3Bid%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2F67bdbed.contato.site%2F&tiba=RECADO%20IMPORTANTE%20PARA%20ALUNOS%20QUINTESSENCIA&async=1&fmt=3&is_vtc=1&random=2163573269&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 21:05:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/880785909/ 42 B
108 B 62ms
20ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/880785909/?random=1659560719897&cv=9&fst=1659560400000&num=1&userId=replace%20with%20value&value=replace%20with%20value&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dpage_view%3Bgoogle_business_vertical%3Dretail%3Bid%3Dreplace%20with%20value&frm=0&url=https%3A%2F%2F67bdbed.contato.site%2F&tiba=RECADO%20IMPORTANTE%20PARA%20ALUNOS%20QUINTESSENCIA&async=1&fmt=3&is_vtc=1&random=2163573269&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 21:05:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 39ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=542353293230762&ev=PageView&dl=https%3A%2F%2F67bdbed.contato.site%2F&rl=&if=false&ts=1659560719997&sw=1600&sh=1200&v=2.9.70&r=stable&ec=0&o=30&fbp=fb.1.1659560719996.1557541593&it=1659560719858&coo=false&rqm=GET

Requested by

Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 03 Aug 2022 21:05:20 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 8CF3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

15ms
15ms

XHR
application/json

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5EzI-A16-cg

Protocol

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f26b2fb045235e7a9fe80f986a4dd5c53f18f18def1cb9ef03807cc1038ffaae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 03 Aug 2022 21:05:20 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 8CF3 29 B
588 B 36ms
8ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 20:54:28 GMT
x-content-type-options: nosniff
age: 652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 Aug 2022 21:09:28 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 61ms
17ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 03 Aug 2022 21:05:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8CF3 64 KB
30 KB 41ms
23ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

478e50cbd887bc65fec370d7ee96150d93564536f5de72fd5f23ed5d2bd0ddf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 03 Aug 2022 21:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30258
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/ Frame 8CF3 119 KB
37 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d2c4e47d312ed9081170f9d3726d3334c0ed97022b18012e199d9e5e0d0ebb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5EzI-A16-cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:48:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37730
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 00:20:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 01 Aug 2023 14:48:42 GMT

GET
H3 200 IruI-nnR9cApON5NnX4a6Rk2hklUovmjhYf98lhYBDk.js Show response
www.google.com/js/th/ Frame 8CF3 36 KB
14 KB 48ms
22ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/IruI-nnR9cApON5NnX4a6Rk2hklUovmjhYf98lhYBDk.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22bb88fa79d1f5c02938de4d9d7e1ae91936864954a2f9a38587fdf258580439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 20:59:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 345950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 13:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 30 Jul 2023 20:59:30 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/ Frame 8CF3 27 KB
8 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6eec341c9c241a1081597ada35bc20370b48a3ef4ba97fc4d59fb7d37302a1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5EzI-A16-cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 14:48:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8114
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 00:20:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 01 Aug 2023 14:48:42 GMT

GET
DATA 200
OK truncated
/ Frame 8CF3 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 NzukFjEepFGm3oqde0DUw10Ac85O0B1tbOC-GhU-CezaJJGPb4XEbVLQwkATZBeKtuoY-o65pQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 8CF3 3 KB
4 KB 33ms
9ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/NzukFjEepFGm3oqde0DUw10Ac85O0B1tbOC-GhU-CezaJJGPb4XEbVLQwkATZBeKtuoY-o65pQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5EzI-A16-cg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bf823aa356559ab5df1470efd2d72939bff320564780c767a0d17fc4487e9195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 19:49:06 GMT
x-content-type-options: nosniff
age: 4574
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3290
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 15 Jun 2022 01:26:02 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/5EzI-A16-cg/ Frame 8CF3 25 KB
25 KB 607ms
577ms Image
image/webp 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/5EzI-A16-cg/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5EzI-A16-cg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3074482f080f493eb1e4d71ac238c60446c581a78d5ebc157d0292c978b76ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:20 GMT
x-content-type-options: nosniff
server: sffe
etag: "1659560306"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=300
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25420
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Aug 2022 21:10:20 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 8CF3 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?7Yg_Dg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/5EzI-A16-cg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5EzI-A16-cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 8CF3 4 KB
3 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 Aug 2022 21:05:20 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/104/ Frame 8CF3 52 KB
15 KB 32ms
15ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/104/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a35a51e32439cce8b4dd6734f65c18debec94ca81a30640b2ccaba988ce1639e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15107
x-xss-protection: 0
last-modified: Mon, 30 May 2022 15:03:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 04 Aug 2022 21:05:20 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8CF3 98 B
142 B 18ms
18ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9191639e30fe9a1d3e0eefa3ea40cff3d9c36d3b2073937ef08b32bbfc201a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 03 Aug 2022 21:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 03 Aug 2022 21:05:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=542353293230762&ev=Microdata&dl=https%3A%2F%2F67bdbed.contato.site%2F&rl=&if=false&ts=1659560720499&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22RECADO%20IMPORTANTE%20PARA%20ALUNOS%20QUINTESSENCIA%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22RECADO%20IMPORTANTE%20PARA%20ALUNOS%20QUINTESSENCIA%22%2C%22og%3Asite_name%22%3A%22Quintessencia%20Presencial%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.70&r=stable&ec=1&o=30&fbp=fb.1.1659560719996.1557541593&it=1659560719858&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: 67bdbed.contato.site
URL: https://67bdbed.contato.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://67bdbed.contato.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 03 Aug 2022 21:05:20 GMT

GET
H2 200 b3900fc.js Show response
pay.hotmart.com/_nuxt/ Frame E93F 5 KB
3 KB 12ms
11ms Script
application/javascript 18.66.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.hotmart.com/_nuxt/b3900fc.js
Requested by: Host: pay.hotmart.com
URL: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-102.fra60.r.cloudfront.net
Software: nginx/1.19.0 /
Resource Hash: 84a30e39d6e892175d046608e636fa9c5e1fad5c49f3870c9ee2b7f7739e20e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 19:20:35 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 19:12:57 GMT
server: nginx/1.19.0
age: 6295
etag: W/"1281-1825ad35aa8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: WDSFp2kwJb_np_ZodYu0NbDXB67vuKAponuqCIYkoSGRxA6esO8GWA==

GET
H2 200 3b820cd.js Show response
pay.hotmart.com/_nuxt/ Frame E93F 212 KB
72 KB 13ms
11ms Script
application/javascript 18.66.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.hotmart.com/_nuxt/3b820cd.js
Requested by: Host: pay.hotmart.com
URL: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-102.fra60.r.cloudfront.net
Software: nginx/1.19.0 /
Resource Hash: 47e751617145385d8653615fe4ce8bf4a23446bc9102db82c288f4cf29a6ab06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 16:53:54 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 19:12:57 GMT
server: nginx/1.19.0
age: 15227
etag: W/"34f2d-1825ad35aa8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: ve-5mhNHUdyAaSR94mHTDNXJZd62mG6cEmsebyIbgbEZ8g2ry2tk8g==

GET
H2 200 47ead65.js Show response
pay.hotmart.com/_nuxt/ Frame E93F 757 KB
198 KB 21ms
19ms Script
application/javascript 18.66.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.hotmart.com/_nuxt/47ead65.js
Requested by: Host: pay.hotmart.com
URL: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-102.fra60.r.cloudfront.net
Software: nginx/1.19.0 /
Resource Hash: 123f250ac9708a2185166f2e55e009cd2ad10d8aa90ce5ec8f8e251a903b8387

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 19:20:35 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 19:12:57 GMT
server: nginx/1.19.0
age: 6295
etag: W/"bd36c-1825ad35aa8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: cBDE0-EoqvDODBcmiLW5FHFsnDwf_QkSPaojDyUbFZaZGfuhffto6w==

GET
H2 200 0fb1280.js Show response
pay.hotmart.com/_nuxt/ Frame E93F 429 KB
115 KB 31ms
29ms Script
application/javascript 18.66.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.hotmart.com/_nuxt/0fb1280.js
Requested by: Host: pay.hotmart.com
URL: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-102.fra60.r.cloudfront.net
Software: nginx/1.19.0 /
Resource Hash: 3ae11f913ee39154f91e31b1931c30b2dd4a3c3e6c532d86a54274a62c7de608

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 19:20:35 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 19:12:57 GMT
server: nginx/1.19.0
age: 6296
etag: W/"6b3b6-1825ad35aa8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: _XPWDAYKFCe6LlXSdodl_SDwe0HewcveKFjfcqjv7i7_jrsMLCSdcw==

GET
H2 200 51ab78e.js Show response
pay.hotmart.com/_nuxt/ Frame E93F 8 KB
3 KB 36ms
35ms Script
application/javascript 18.66.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.hotmart.com/_nuxt/51ab78e.js
Requested by: Host: pay.hotmart.com
URL: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-102.fra60.r.cloudfront.net
Software: nginx/1.19.0 /
Resource Hash: 0fb99fcb2ae8b89b3893078d22f6437bbd20b91661ff99f1097a4445b19ef77e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 17:04:30 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 19:12:57 GMT
server: nginx/1.19.0
age: 14450
etag: W/"1f08-1825ad35aa8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: FO7Q3EHn_55G4HwM1m3jwqeYfDPkg3BzlbNW9YU3Mw7N-KtlR8gLMw==

GET
H2 200 2c95ab2.js Show response
pay.hotmart.com/_nuxt/ Frame E93F 82 KB
33 KB 39ms
38ms Script
application/javascript 18.66.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.hotmart.com/_nuxt/2c95ab2.js
Requested by: Host: pay.hotmart.com
URL: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-102.fra60.r.cloudfront.net
Software: nginx/1.19.0 /
Resource Hash: 0fa53d52940fab5baf6072f86341d3f81883934bbd2cc2ea81974c086abc0a8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:04:01 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 19:12:56 GMT
server: nginx/1.19.0
age: 46879
etag: W/"14735-1825ad356c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: 9ISbNqbQEV9xWoQ2B4nYqawsOlTrcsNpVOi8T98ULFIrSiI6EOCb1Q==

GET
H2 200 d4d1be2.js Show response
pay.hotmart.com/_nuxt/ Frame E93F 154 KB
35 KB 37ms
36ms Script
application/javascript 18.66.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.hotmart.com/_nuxt/d4d1be2.js
Requested by: Host: pay.hotmart.com
URL: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-102.fra60.r.cloudfront.net
Software: nginx/1.19.0 /
Resource Hash: 007670fa3826298211f49cd594a5f21514c86d48d278ea5409e588650b2c54cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 04:55:16 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 19:12:56 GMT
server: nginx/1.19.0
age: 58251
etag: W/"269e0-1825ad356c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: dzNVYepDPKmn2kKNH8jpZWnZRHny8S2NwrDPd-jb3Ird6F4KDjfMMA==

GET
H2 200 98040a9.js Show response
pay.hotmart.com/_nuxt/ Frame E93F 177 KB
39 KB 34ms
33ms Script
application/javascript 18.66.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.hotmart.com/_nuxt/98040a9.js
Requested by: Host: pay.hotmart.com
URL: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-102.fra60.r.cloudfront.net
Software: nginx/1.19.0 /
Resource Hash: 41bd5607d502db38af2ef90665b2c9718178cc80c33306ea9567b9fd921fc1a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 16:53:54 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 19:12:56 GMT
server: nginx/1.19.0
age: 15269
etag: W/"2c420-1825ad356c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: oqVHhgrXqTmSStEi5h2yha8qwdFMHi4LCG1KmjVeOEJ3M-uDniqCvA==

GET funnel
checkout.hotmart.com/ Frame E93D 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame E93F 49 KB
20 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: pay.hotmart.com
URL: https://pay.hotmart.com/_nuxt/47ead65.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 201
date: Wed, 03 Aug 2022 21:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 03 Aug 2022 23:02:00 GMT

GET
H2 200 38d1ee8.js Show response
pay.hotmart.com/_nuxt/ Frame E93F 13 KB
4 KB 10ms
10ms Script
application/javascript 18.66.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.hotmart.com/_nuxt/38d1ee8.js
Requested by: Host: pay.hotmart.com
URL: https://pay.hotmart.com/_nuxt/b3900fc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-102.fra60.r.cloudfront.net
Software: nginx/1.19.0 /
Resource Hash: 3c4848fb8a26b84ce37a9be83bf3a545d8b87a26f7734c7683a3666f899b1cd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 07:41:46 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 19:12:57 GMT
server: nginx/1.19.0
age: 48234
etag: W/"3587-1825ad35aa8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: rg4XhQwLMF3kKnO5EdRQNmHZJNmfEw801RPMPBhD_2R7qCQfn3yeww==

GET
H2 200 b0ac736.js Show response
pay.hotmart.com/_nuxt/ Frame E93F 13 KB
4 KB 9ms
9ms Script
application/javascript 18.66.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.hotmart.com/_nuxt/b0ac736.js
Requested by: Host: pay.hotmart.com
URL: https://pay.hotmart.com/_nuxt/b3900fc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-102.fra60.r.cloudfront.net
Software: nginx/1.19.0 /
Resource Hash: aec219f536359a751fa88d3db61f2fc25a94129fc1a14907002d377b06ad2b25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 07:31:48 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 19:12:57 GMT
server: nginx/1.19.0
age: 48845
etag: W/"337b-1825ad35aa8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: XivTIxkCp1k5NuZJXyszOoK5oi7GwaenE8uQbgGgvVyC1VNmvYd7Hw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame E93F 107 KB
41 KB 42ms
22ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-171466423-1

Requested by

Host: pay.hotmart.com
URL: https://pay.hotmart.com/_nuxt/0fb1280.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf1ef92a444ea91fc649c7db189f3659ac24b4257590eabeb6cbf5cf6014f3f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41877
x-xss-protection: 0
expires: Wed, 03 Aug 2022 21:05:21 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame E93F 169 KB
61 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-991176222&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-171466423-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d59d5722db18f302ca5dcc89947e1d7bdb3a0123c6ca92aa9d3c931a0e5e574d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62509
x-xss-protection: 0
expires: Wed, 03 Aug 2022 21:05:21 GMT

GET
H2 200 hotpay-gateway-tokens.js Show response
app-hotpay-checkout.hotmart.com/ Frame E93F 14 KB
6 KB 58ms
9ms Script
application/javascript 2600:9000:2491:1c00:11:8a69:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-hotpay-checkout.hotmart.com/hotpay-gateway-tokens.js
Requested by: Host: pay.hotmart.com
URL: https://pay.hotmart.com/_nuxt/0fb1280.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:1c00:11:8a69:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4fce2d721281d04d13bb004901fc494d6aec000148c2c65dee49ae978af3514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: 0Tf2laooQ7RrHCQgHWXlqgqZrai1sAqQ
content-encoding: gzip
etag: W/"ff65ff95d09a3f8d80790cb92dc1b150"
last-modified: Wed, 15 Jun 2022 18:57:51 GMT
server: AmazonS3
age: 3132
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
date: Wed, 03 Aug 2022 20:15:45 GMT
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: Rj3WNnIbHvWpe8VuVoKfraP2y_SBMdZ5kAXN_k_aFY0CxEFU3kQ6rQ==

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame E93F 40 KB
15 KB 38ms
20ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-991176222&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 21:05:21 GMT

GET
H2 200 s.js Show response
cdn.sift.com/ Frame E93F 61 KB
20 KB 143ms
8ms Script
application/javascript 34.96.67.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sift.com/s.js
Requested by: Host: pay.hotmart.com
URL: https://pay.hotmart.com/_nuxt/0fb1280.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.67.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.67.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:44:14 GMT
content-encoding: gzip
age: 26467
x-guploader-uploadid: ADPycdtRAuCRENr_9XmaRmDnn3ZodlygpVaGikxB7uG3bcSTIDNcdqXyKL0OrlS8HAW48K9GhQkUb7ZrMO0VUHYADoItVQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20452
last-modified: Thu, 09 Apr 2020 21:59:13 GMT
server: UploadServer
etag: "07cb8203158abb26b3c18318350e7b36"
vary: Accept-Encoding
x-goog-hash: crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
x-goog-generation: 1586469553682331
cache-control: public, max-age=86400
x-goog-stored-content-length: 20452
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 04 Aug 2022 13:44:14 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/991176222/ Frame E93F 2 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991176222/?random=1659560721316&cv=9&fst=1659560721316&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fpay.hotmart.com%2Fpay%2Ffunnel%3Fkey%3DUSL-54329-134085-265f281166f61b427f9206ece42f9d2e%26launcherCode%26checkoutMode%3D0%26bid%3D1659560720498&ref=https%3A%2F%2F67bdbed.contato.site%2F&tiba=Hotmart&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04bdb255e2871ca1171769fbda1e3e126198aeeca8c1ddc12ebe0ff5ca0fa9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 21:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1127
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/991176222/ Frame E93F 42 B
64 B 36ms
34ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/991176222/?random=1659560721316&cv=9&fst=1659560400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fpay.hotmart.com%2Fpay%2Ffunnel%3Fkey%3DUSL-54329-134085-265f281166f61b427f9206ece42f9d2e%26launcherCode%26checkoutMode%3D0%26bid%3D1659560720498&ref=https%3A%2F%2F67bdbed.contato.site%2F&tiba=Hotmart&async=1&fmt=3&is_vtc=1&random=975405360&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: pay.hotmart.com
URL: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 21:05:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/991176222/ Frame E93F 42 B
64 B 53ms
23ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/991176222/?random=1659560721316&cv=9&fst=1659560400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fpay.hotmart.com%2Fpay%2Ffunnel%3Fkey%3DUSL-54329-134085-265f281166f61b427f9206ece42f9d2e%26launcherCode%26checkoutMode%3D0%26bid%3D1659560720498&ref=https%3A%2F%2F67bdbed.contato.site%2F&tiba=Hotmart&async=1&fmt=3&is_vtc=1&random=975405360&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: pay.hotmart.com
URL: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 21:05:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 funnel Show response
checkout.hotmart.com/ Frame E93D 3 KB
3 KB 889ms
888ms Document
text/html 108.138.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Requested by: Host: pay.hotmart.com
URL: https://pay.hotmart.com/_nuxt/3b820cd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-14.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30d8043f640e8f3493172a40ab7a2e77ecec653ea7dce0d3c17482f9346ddcf3

Request headers

Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 2982
content-type: text/html
date: Wed, 03 Aug 2022 21:05:21 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
x-amz-cf-id: xH-03plYbLltjDMkxjsLKA33bErtErpGFClonc-w_aI6lqMWdT4tWg==
x-amz-cf-pop: FRA56-P7
x-cache: Error from cloudfront

POST
H2 200 execute Show response
pay.hotmart.com/api/test/62a0e57667542e07c0161ec9/ Frame E93F 44 B
421 B 452ms
452ms XHR
application/json 18.66.139.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.hotmart.com/api/test/62a0e57667542e07c0161ec9/execute?transactionRef=
Requested by: Host: pay.hotmart.com
URL: https://pay.hotmart.com/_nuxt/3b820cd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-102.fra60.r.cloudfront.net
Software: nginx/1.19.0 / Express
Resource Hash: 710054a12e705436eac00b5b7ed86ad30d6c7e4dbaaf697cd17a2034d273cf86

Request headers

Accept: application/json, text/plain, */*
Referer: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Aug 2022 21:05:21 GMT
content-encoding: gzip
server: nginx/1.19.0
x-amz-cf-pop: FRA60-P4
x-powered-by: Express
etag: W/"2c-ma6NlyF36Iqaw45q06plAsW1v1k"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: fzHUwkh8qIOtosXz74cYNcBzFzBq_d7vcJcxTgzh9XZ5hAiTytKvSw==
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)

GET
H2 200 vendors~app.5d00b21c.css
checkout.hotmart.com/prod/2022.07.08-1/static/ Frame E93D 272 KB
27 KB 13ms
11ms Stylesheet
text/css 108.138.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/vendors~app.5d00b21c.css
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-14.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a28335cae3d654bb49952a35054837be8992e4839cd6a209851ca8d41811d5b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: 6yKqwxeEH_Dx1jnkjj_4KQjy7HPPCP7x
content-encoding: gzip
etag: W/"4b90e75bd7eed7d12cb41f59423cb244"
last-modified: Fri, 08 Jul 2022 13:09:54 GMT
server: AmazonS3
age: 1606
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
date: Wed, 03 Aug 2022 20:38:37 GMT
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: 0B4v7vkGbTJSHHjPv74JBhCYdBURpP-3-hTmubfLFww9iosRIjaiMQ==

GET
H2 200 app.070bd8fd.css
checkout.hotmart.com/prod/2022.07.08-1/static/ Frame E93D 137 KB
20 KB 15ms
13ms Stylesheet
text/css 108.138.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/app.070bd8fd.css
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-14.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1069c38b095a4823295c0011808c91d65de976b811f7f0b8b3a70b5e000e3d2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: Xttd4onL7HNa.bn5mw1pAetML0amyv9n
content-encoding: gzip
etag: W/"e73e0b268cc3a74ccc8611384f051649"
last-modified: Fri, 08 Jul 2022 13:09:54 GMT
server: AmazonS3
age: 1606
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
date: Wed, 03 Aug 2022 20:38:37 GMT
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: qZuoJF4cw2IuCjyoAfMij0C75H57ujB3pBKOkngkNQ8QQTb6_RTtuA==

GET
H2 200 px-init.js Show response
api-pixel.hotmart.com/js/ Frame E93D 17 KB
4 KB 374ms
103ms Script
application/javascript 34.235.215.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-pixel.hotmart.com/js/px-init.js

Requested by

Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.235.215.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-235-215-69.compute-1.amazonaws.com

Software

Resource Hash

a23ecda3ca8dac7feded1178112667d25ca9c35ea4a1995f08750a800f20e6bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Jun 2022 10:42:11 GMT
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
cache-control: no-store, must-revalidate
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 3309
x-xss-protection: 1; mode=block

GET
H2 200 sampling.db34fc3376f24df49d55.js Show response
checkout.hotmart.com/prod/2022.07.08-1/static/ Frame E93D 2 KB
1 KB 48ms
46ms Script
application/javascript 108.138.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/sampling.db34fc3376f24df49d55.js
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-14.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67c81c9019d5869d38ff1fed8e7c88f011a6421fb347654675e4f402c989cc96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: 65Bf539LnYTF.x641jX1g4DZ_1ckUGDX
content-encoding: gzip
etag: W/"d7276752b977ecc4b3c4f6ff44c3bf22"
last-modified: Fri, 08 Jul 2022 13:09:54 GMT
server: AmazonS3
age: 1606
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
date: Wed, 03 Aug 2022 20:38:37 GMT
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: 0FclGBerebkvO52J178UsJ3-RYR-Gh09ZwVs-onsuspG9ahxczu0Cg==

GET
H2 200 vendors~adyen~app.db34fc3376f24df49d55.js Show response
checkout.hotmart.com/prod/2022.07.08-1/static/ Frame E93D 24 KB
8 KB 15ms
13ms Script
application/javascript 108.138.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/vendors~adyen~app.db34fc3376f24df49d55.js
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-14.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c81d2873ebbd73607bba8121cc3b4105eed44afcbcf866f59147c5846a6d385b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: RHeOSyt1UG1ytva0PgHXoBniyhI6xI5u
content-encoding: gzip
etag: W/"98894a288b2be0fa2761eeae116f69c1"
last-modified: Fri, 08 Jul 2022 13:09:54 GMT
server: AmazonS3
age: 1606
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
date: Wed, 03 Aug 2022 20:38:37 GMT
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: GZa4FYoMqd5myL5iA_Ww2dpV8jm6lVYbOj-LmTsK4LT68kE-TcRF4Q==

GET
H2 200 vendors~adyen.db34fc3376f24df49d55.js Show response
checkout.hotmart.com/prod/2022.07.08-1/static/ Frame E93D 385 KB
115 KB 49ms
47ms Script
application/javascript 108.138.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/vendors~adyen.db34fc3376f24df49d55.js
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-14.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 919460afb299301f4fbb6a2b7f5a6411aebe53e6ec38974212f8e313fafaefb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: sdRcCsyL078BkvgrOWYHil5x.MsY3fRC
content-encoding: gzip
etag: W/"bd724555e9c51afa4f9877746ea984de"
last-modified: Fri, 08 Jul 2022 13:09:54 GMT
server: AmazonS3
age: 1606
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
date: Wed, 03 Aug 2022 20:38:37 GMT
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: pWeXJ4pQGoz0zocozI3R-l-Q7KBqVrX5VM9_5F0siFsqHYqFXP3NJQ==

GET
H2 200 adyen.db34fc3376f24df49d55.js Show response
checkout.hotmart.com/prod/2022.07.08-1/static/ Frame E93D 107 KB
38 KB 38ms
36ms Script
application/javascript 108.138.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/adyen.db34fc3376f24df49d55.js
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-14.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69d2753bd38881490f866b8bb3d4c142a88dd5bd7f25b4033bc44723d3c2bcc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: Dvl069GAGvScOQlak3OLDvcWucbgA41b
content-encoding: gzip
etag: W/"22dc7bcd1e358edeba080a0d05181baf"
last-modified: Fri, 08 Jul 2022 13:09:54 GMT
server: AmazonS3
age: 1606
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
date: Wed, 03 Aug 2022 20:38:37 GMT
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: tKHenp1G39f0P4t4fla9zyAS80GoEoeBrYwapajmA61xANFxkHNDOg==

GET
H2 200 vendors~app.db34fc3376f24df49d55.js Show response
checkout.hotmart.com/prod/2022.07.08-1/static/ Frame E93D 1 MB
359 KB 39ms
38ms Script
application/javascript 108.138.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/vendors~app.db34fc3376f24df49d55.js
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-14.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b03362a2560bd21e7c29f06bdd209fd2b0993e060501bd9d6edfb9499c3338c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: H_fmMeXp5kICbXR5m5kc4DnZqxt.aWW2
content-encoding: gzip
etag: W/"b1a4a36337d4c8350e0f7cfbbe637dfd"
last-modified: Fri, 08 Jul 2022 13:09:54 GMT
server: AmazonS3
age: 1606
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
date: Wed, 03 Aug 2022 20:38:37 GMT
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: nHZe7QOOtDXr-yfyhWlrr1yGlM7v5M1gxks3-6P7yJi1yho-MQXT5w==

GET
H2 200 app.db34fc3376f24df49d55.js Show response
checkout.hotmart.com/prod/2022.07.08-1/static/ Frame E93D 1 MB
268 KB 14ms
14ms Script
application/javascript 108.138.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/app.db34fc3376f24df49d55.js
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-14.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7927cfe38d2f8d56435f03a6a8d92c91c28ccad2575ce001eb4f1751afbf8a91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: LzV4z.6KhBoRGfLzV1Me2FZ8F2_8AoZ.
content-encoding: gzip
etag: W/"368405816543b75578e92e28d26e7857"
last-modified: Fri, 08 Jul 2022 13:09:54 GMT
server: AmazonS3
age: 1606
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
date: Wed, 03 Aug 2022 20:38:37 GMT
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: PM9PsLwd-FmlRsUFsweV3WwqG2INZkOQuuhToWKaUmZ3Mbb5VoL1AA==

POST
H2 200 json
tracking-api.hotmart.com/rest/track/event/ Frame E93D 0
230 B 332ms
96ms Ping
application/json 52.72.95.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking-api.hotmart.com/rest/track/event/json
Requested by: Host: api-pixel.hotmart.com
URL: https://api-pixel.hotmart.com/js/px-init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.95.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-95-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://checkout.hotmart.com
date: Wed, 03 Aug 2022 21:05:23 GMT
access-control-allow-credentials: true
access-control-allow-headers: accept, content-type, accept-language, user-agent, referer, X-Forwarded-For
content-length: 0
access-control-allow-methods: GET,POST
content-type: application/json

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame E93D 49 KB
20 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 202
date: Wed, 03 Aug 2022 21:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 03 Aug 2022 23:02:00 GMT

GET
H2 200 launcher.js Show response
launcher.hotmart.com/ Frame E93D 6 KB
3 KB 341ms
100ms Script
application/javascript 100.25.227.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://launcher.hotmart.com/launcher.js

Requested by

Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.227.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-227-44.compute-1.amazonaws.com

Software

Resource Hash

1690d9be98a0d0eae94c70bac71dbe9a8ba67fd946fb4f5ef3245d2c09253c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Aug 2022 21:05:23 GMT
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, no-store
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 2619
x-xss-protection: 1; mode=block
expires: Wed, 03 Aug 2022 21:05:23 GMT

GET
H2 200 newrelic.js Show response
checkout.hotmart.com/prod/2022.07.08-1/static/ Frame E93D 5 KB
3 KB 16ms
16ms Script
application/javascript 108.138.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/newrelic.js
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/sampling.db34fc3376f24df49d55.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-14.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c44a492c715925b0b046346f47dce205287096d67787508ecd38855a6312913

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: ToTAb2_HYM9U1QbMHjsNfcohJaRWOvGC
content-encoding: gzip
etag: W/"799fb1a0db6bf702c4444063468c5122"
last-modified: Fri, 08 Jul 2022 13:09:54 GMT
server: AmazonS3
age: 1085
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
date: Wed, 03 Aug 2022 21:05:22 GMT
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: W7FGhu1elz_3PY0dz_eMhZazb9881TMJ3mT9WK606cnMk67rKYSgnA==

POST
H2 200 / Show response
o49094.ingest.sentry.io/api/5228287/envelope/ Frame E93D 2 B
280 B 79ms
18ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o49094.ingest.sentry.io/api/5228287/envelope/?sentry_key=2235e94471474dedb11473abae67f2fa&sentry_version=7

Requested by

Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/vendors~app.db34fc3376f24df49d55.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://checkout.hotmart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 21:05:22 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://checkout.hotmart.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 6
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 6.db34fc3376f24df49d55.js Show response
checkout.hotmart.com/prod/2022.07.08-1/static/ Frame E93D 17 KB
5 KB 9ms
9ms Script
application/javascript 108.138.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/6.db34fc3376f24df49d55.js
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/app.db34fc3376f24df49d55.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-14.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1ee5a40870a92a80899e4e0414a406c961a697a76117ad231a5acb7eeb4e7e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: 8HBJ6Miii5Cv9QfL5CeIWGfu0geyj2_N
content-encoding: gzip
etag: W/"cd6f1298af4c63891885b20bee9bc845"
last-modified: Fri, 08 Jul 2022 13:09:54 GMT
server: AmazonS3
age: 1604
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
date: Wed, 03 Aug 2022 20:38:38 GMT
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: DWZmXJOGxwTHi4dxm6UAl0haAjg4DxHpxZlrI5FLw_MtDVxn9gnFmw==

GET
H2 200 / Show response
api-checkout-vue.hotmart.com/socket.io/ Frame E93D 103 B
634 B 303ms
96ms XHR
text/plain 3.218.163.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-checkout-vue.hotmart.com/socket.io/?EIO=3&transport=polling&t=O9bXm7r
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/vendors~app.db34fc3376f24df49d55.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.163.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-163-189.compute-1.amazonaws.com
Software: /
Resource Hash: b0fca93c39ac9dc4efaffb794be523eed4aac08e4db28f7b29c39923dbcd6f45

Request headers

Accept: */*
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://checkout.hotmart.com
date: Wed, 03 Aug 2022 21:05:23 GMT
access-control-allow-credentials: true
content-length: 103
content-type: text/plain; charset=UTF-8

GET
H2 200 41.91550c29.css
checkout.hotmart.com/prod/2022.07.08-1/static/ Frame E93D 5 KB
2 KB 18ms
17ms Stylesheet
text/css 108.138.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/41.91550c29.css
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/app.db34fc3376f24df49d55.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-14.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ed00caaebbb92047bb31254208054d2e282a4ae0da48d6d6aee0be6853ee5ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 03 Aug 2022 20:06:47 GMT
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 13:09:54 GMT
server: AmazonS3
age: 3516
etag: W/"a07bfa68fae3728f3d852c2845788e8a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: MSLuV55aqmVYTEcEzf0xkZoU0JZO3Vii
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
content-type: text/css
x-amz-cf-id: 37IIJ4--iJAdc9M2gmTX-uTq6rXn4OQjRPqn4o29I6pSswiPzZJ9rw==

GET
H2 200 41.db34fc3376f24df49d55.js Show response
checkout.hotmart.com/prod/2022.07.08-1/static/ Frame E93D 28 KB
8 KB 14ms
13ms Script
application/javascript 108.138.17.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/41.db34fc3376f24df49d55.js
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/app.db34fc3376f24df49d55.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-14.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11349bbeb74a511209e8df33663f85807fa5feb1994ebc0a9fa5a5fa74622b60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: Lkton.q.Z.xLtqpCiGDiChvQXw3OAlTm
content-encoding: gzip
etag: W/"e25cba092ca9d280a1e2aed2474f6785"
last-modified: Fri, 08 Jul 2022 13:09:54 GMT
server: AmazonS3
age: 1085
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
date: Wed, 03 Aug 2022 20:47:18 GMT
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: f3GTz2oP3u826sBVoCu92Yz6pQ9-J9PvqAFSJ7G7RyOgKq2mPF1D5w==

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 8CF3 28 B
54 B 21ms
20ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/7a7465f5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5EzI-A16-cg
X-YouTube-Client-Version: 1.20220731.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtSeDByNk4tV05PdyiPxquXBg%3D%3D
X-YouTube-Ad-Signals: dt=1659560720067&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C253&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 03 Aug 2022 21:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 03 Aug 2022 21:05:22 GMT

OPTIONS
H2 204 error
api-checkout-vue.hotmart.com/api/logger/ Frame 0
0 283ms
95ms Preflight 3.218.163.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-checkout-vue.hotmart.com/api/logger/error
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.163.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-163-189.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://checkout.hotmart.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Wed, 03 Aug 2022 21:05:23 GMT
vary: Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 error Show response
api-checkout-vue.hotmart.com/api/logger/ Frame E93D 0
404 B 96ms
96ms XHR
text/plain 3.218.163.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-checkout-vue.hotmart.com/api/logger/error
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/vendors~app.db34fc3376f24df49d55.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.163.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-163-189.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 03 Aug 2022 21:05:23 GMT
x-powered-by: Express
content-length: 0

POST
H3 200 / Show response
o49094.ingest.sentry.io/api/5228287/envelope/ Frame E93D 2 B
20 B 28ms
11ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o49094.ingest.sentry.io/api/5228287/envelope/?sentry_key=2235e94471474dedb11473abae67f2fa&sentry_version=7

Requested by

Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/vendors~app.db34fc3376f24df49d55.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://checkout.hotmart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 21:05:23 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://checkout.hotmart.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H3 200 / Show response
o49094.ingest.sentry.io/api/5228287/envelope/ Frame E93D 2 B
20 B 26ms
10ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o49094.ingest.sentry.io/api/5228287/envelope/?sentry_key=2235e94471474dedb11473abae67f2fa&sentry_version=7

Requested by

Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/vendors~app.db34fc3376f24df49d55.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://checkout.hotmart.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 21:05:23 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://checkout.hotmart.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 load-js Show response
launcher.hotmart.com/rest/v1/module/ Frame E93D 86 B
505 B 298ms
101ms XHR
application/json 100.25.227.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://launcher.hotmart.com/rest/v1/module/load-js?hotid=eyJzaWQiOiIwMGYwMTExM2ViNDA0Y2JmYWVlOTdhMmRmZDgwN2EwNiIsInBhZ2V2aWV3X2lkIjoiUFY5OXJvM3M5cnJ4YWw2ZTNsdGIzIiwidHJhY2VfaWQiOiJMVDVzY3Q1dmowY2x0bDZlM2x0YjMifQ==&locationHref=https%3A%2F%2Fcheckout.hotmart.com%2Ferror

Requested by

Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/vendors~app.db34fc3376f24df49d55.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.227.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-227-44.compute-1.amazonaws.com

Software

Resource Hash

6eebe4ea659753428c2c6dffebb32b427c5b0601ee1b74369564924c621834b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://checkout.hotmart.com/error
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 21:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Location, Link, ETag
cache-control: no-cache, no-store, max-age=0, must-revalidate
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
expires: 0

GET
H3 200 s.js Show response
cdn.sift.com/ Frame E93D 61 KB
20 KB 18ms
8ms Script
application/javascript 34.96.67.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sift.com/s.js
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/app.db34fc3376f24df49d55.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.67.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.67.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/error
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 07:08:59 GMT
content-encoding: gzip
age: 50184
x-guploader-uploadid: ADPycdtkIjr0gCsUwo5dicPbiQyUZMXTK0Y3yEtVvYfyAi8bod4AQpCZfM1szMCWIR4hnfXxy5yXEDz0I_TFQMH2VwK2ngv7Rssx
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20452
last-modified: Thu, 09 Apr 2020 21:59:13 GMT
server: UploadServer
etag: "07cb8203158abb26b3c18318350e7b36"
vary: Accept-Encoding
x-goog-hash: crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
x-goog-generation: 1586469553682331
cache-control: public, max-age=86400
x-goog-stored-content-length: 20452
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 04 Aug 2022 07:08:59 GMT

GET
H2 200 nr-1130.min.js Show response
js-agent.newrelic.com/ Frame E93D 24 KB
10 KB 38ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1130.min.js
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/newrelic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/error
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "73f8857196b9ef7fd3b302cbc557b8ac"
x-amz-request-id: X5KNDA2HQ8E63PXV
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 9407
x-amz-id-2: rTY033kGHC+TlOWtZg8B3HNTO2LFv5HMOj3dn3GJBWa7DxxqLSWzlOyVUr8N55/S8wXy22YgoDE=
x-served-by: cache-hhn4020-HHN
last-modified: Tue, 09 Jul 2019 23:52:06 GMT
server: AmazonS3
x-timer: S1659560723.139568,VS0,VE0
date: Wed, 03 Aug 2022 21:05:23 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10

GET
H/1.1 200
OK 3c1ca4c636 Show response
bam.nr-data.net/1/ Frame E93D 49 B
721 B 276ms
250ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/3c1ca4c636?a=74923820&sa=1&v=1130.54e767a&t=Unnamed%20Transaction&rst=1666&ref=https://checkout.hotmart.com/error&be=1522&fe=1623&perf=%7B%22timing%22:%7B%22of%22:1659560721481,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:1,%22c%22:1,%22ce%22:1,%22rq%22:2,%22rp%22:890,%22rpe%22:891,%22dl%22:892,%22di%22:1472,%22ds%22:1472,%22de%22:1472,%22dc%22:1623,%22l%22:1623,%22le%22:1624%7D,%22navigation%22:%7B%7D%7D&fp=998&fcp=1541&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1130.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/error
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 21:05:23 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 735202d7dabe90a6-FRA

GET
H2 200 / Show response
api-checkout-vue.hotmart.com/socket.io/ Frame E93D 3 B
530 B 477ms
477ms XHR
text/plain 3.218.163.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-checkout-vue.hotmart.com/socket.io/?EIO=3&transport=polling&t=O9bXmCe&sid=BJLm26CEQnK4YUv4SQr5
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/vendors~app.db34fc3376f24df49d55.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.163.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-163-189.compute-1.amazonaws.com
Software: /
Resource Hash: 62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

Request headers

Accept: */*
Referer: https://checkout.hotmart.com/error
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://checkout.hotmart.com
date: Wed, 03 Aug 2022 21:05:23 GMT
access-control-allow-credentials: true
content-length: 3
content-type: text/plain; charset=UTF-8

GET
H2 200 id.min.js Show response
identification.hotmart.com/ Frame E93D 5 KB
5 KB 347ms
102ms Script
text/html 54.243.29.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://identification.hotmart.com/id.min.js
Requested by: Host: launcher.hotmart.com
URL: https://launcher.hotmart.com/launcher.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.29.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-29-87.compute-1.amazonaws.com
Software: WildFly/9 / Undertow/1
Resource Hash: 22abb44ac609885ebd5ed2f512451085dc43e8457e9a2cfdf8bd86dd82073258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/error
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:23 GMT
last-modified: Wed, 03 Aug 2022 19:58:43 GMT
server: WildFly/9
x-powered-by: Undertow/1
content-type: text/html;charset=utf-8
cache-control: max-age=60
content-length: 5404
expires: 165956072370460000

GET
H2 200 track Show response
tracking-api.hotmart.com/rest/ Frame E93D 0
93 B 286ms
96ms XHR
application/json 52.72.95.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking-api.hotmart.com/rest/track?hotid=eyJzaWQiOiIwMGYwMTExM2ViNDA0Y2JmYWVlOTdhMmRmZDgwN2EwNiIsImNpZCI6IjE2NTk1NjA3MjM3NTMzODQ3MjYyOTA5MjcwOTIzMDAiLCJiaWQiOiIxNjU5NTYwNzIzNzUzMzg0NzI2MjkwOTI3MDkyMzAwIiwicGFnZXZpZXdfaWQiOiJQVjk5cm8zczlycnhhbDZlM2x0YjMiLCJ0cmFjZV9pZCI6IkxUMG50YmgwaHJiMDhxbDZlM2x0dDUifQ==&previous=https%3A%2F%2Fpay.hotmart.com%2Fpay%2Ffunnel%3Fkey%3DUSL-54329-134085-265f281166f61b427f9206ece42f9d2e%26launcherCode%26checkoutMode%3D0%26bid%3D1659560720498&sid=00f01113eb404cbfaee97a2dfd807a06&cid=1659560723753384726290927092300&bid=1659560723753384726290927092300&locationHref=https%3A%2F%2Fcheckout.hotmart.com%2Ferror
Requested by: Host: checkout.hotmart.com
URL: https://checkout.hotmart.com/prod/2022.07.08-1/static/vendors~app.db34fc3376f24df49d55.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.95.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-95-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://checkout.hotmart.com/error
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://checkout.hotmart.com
date: Wed, 03 Aug 2022 21:05:23 GMT
content-length: 0
content-type: application/json

GET
H2 200 id.gif
identification.hotmart.com/ Frame E93D 43 B
161 B 102ms
102ms Image
image/gif 54.243.29.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://identification.hotmart.com/id.gif?cid=1659560723753384726290927092300&bid=1659560723753384726290927092300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.29.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-29-87.compute-1.amazonaws.com
Software: WildFly/9 / Undertow/1
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://checkout.hotmart.com/error
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 21:05:23 GMT
cache-control: no-cache
server: WildFly/9
x-powered-by: Undertow/1
content-length: 43
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: checkout.hotmart.com
URL: https://checkout.hotmart.com/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
67bdbed.contato.site/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: pu2frszorapo1w0tboindyph
.contato.site/	1970-01-20 07:08:56	Name: _gcl_au Value: 1.1.799097837.1659560720
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: shUOY6FlRGs
.youtube.com/	1970-01-20 09:18:32	Name: VISITOR_INFO1_LIVE Value: Rx0r6N-WNOw
.contato.site/	1970-01-20 07:08:56	Name: _fbp Value: fb.1.1659560719996.1557541593
67bdbed.contato.site/	1970-01-20 14:35:20	Name: llbrMachine_655168 Value: 21052224=21052224
.doubleclick.net/	1970-01-20 14:20:56	Name: IDE Value: AHWqTUmzdb3-fPLlC9bZIZ0sKMCXu9kQv4mKvkJzkOFnk2T0GX1Rnu7HqoDRMl3B
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: d9ef52688b90fee4
api-checkout-vue.hotmart.com/	1970-01-20 05:09:25	Name: AWSALBCORS Value: S2SMyiAg1y6nO0qgMwtIcvpGEzVWp0ITc1lTXAP1XwVwhptPZR2qQFvcAooRnBANQ+aKVpI/PVcAG1LktBpVnhY8RWRNsRRNrGUczrly2LPWYdXz313+TWlcZTeA
.hotmart.com/	1970-01-20 14:35:20	Name: hotid Value: eyJzaWQiOiIwMGYwMTExM2ViNDA0Y2JmYWVlOTdhMmRmZDgwN2EwNiIsImNpZCI6IjE2NTk1NjA3MjM3NTMzODQ3MjYyOTA5MjcwOTIzMDAiLCJiaWQiOiIxNjU5NTYwNzIzNzUzMzg0NzI2MjkwOTI3MDkyMzAwIn0=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://67bdbed.contato.site/(Line 137) Message: Allow attribute will take precedence over 'allowfullscreen'.
other	warning	URL: https://pay.hotmart.com/pay/funnel?key=USL-54329-134085-265f281166f61b427f9206ece42f9d2e&launcherCode&checkoutMode=0&bid=1659560720498(Line 14) Message: Allow attribute will take precedence over 'allowpaymentrequest'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

67bdbed.contato.site
api-checkout-vue.hotmart.com
api-pixel.hotmart.com
app-hotpay-checkout.hotmart.com
bam.nr-data.net
beepluginaddons.contato.io
blob.contato.io
cdn.sift.com
checkout.hotmart.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
identification.hotmart.com
jnn-pa.googleapis.com
js-agent.newrelic.com
launcher.hotmart.com
o49094.ingest.sentry.io
pay.hotmart.com
static.doubleclick.net
tracking-api.hotmart.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
checkout.hotmart.com
100.25.227.44
108.138.17.14
142.250.185.130
151.101.130.137
162.247.241.14
173.212.200.60
18.66.139.102
2600:9000:2491:1c00:11:8a69:2580:93a1
2a00:1450:4001:801::2002
2a00:1450:4001:803::2004
2a00:1450:4001:806::2003
2a00:1450:4001:806::2006
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200e
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2016
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2003
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3120::c
2a06:98c1:3121::3
3.218.163.189
34.120.195.249
34.235.215.69
34.96.67.224
52.72.95.161
54.243.29.87
007670fa3826298211f49cd594a5f21514c86d48d278ea5409e588650b2c54cc
04bdb255e2871ca1171769fbda1e3e126198aeeca8c1ddc12ebe0ff5ca0fa9c0
0e78b8cde09dbe0fc473f87bc77ec30ccc56780398d8676cf93c4aaec432257f
0fa53d52940fab5baf6072f86341d3f81883934bbd2cc2ea81974c086abc0a8d
0fb99fcb2ae8b89b3893078d22f6437bbd20b91661ff99f1097a4445b19ef77e
1069c38b095a4823295c0011808c91d65de976b811f7f0b8b3a70b5e000e3d2b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10d9fc055c75792845cb1a2e393e1f7fc030d160e54735917852f5134ff1d087
11349bbeb74a511209e8df33663f85807fa5feb1994ebc0a9fa5a5fa74622b60
123f250ac9708a2185166f2e55e009cd2ad10d8aa90ce5ec8f8e251a903b8387
1372e99784f1a09da0cfe05bdaf2eb4dc4cae8e68b37bc5ae5780636331f32b1
1690d9be98a0d0eae94c70bac71dbe9a8ba67fd946fb4f5ef3245d2c09253c27
1c44a492c715925b0b046346f47dce205287096d67787508ecd38855a6312913
1ed00caaebbb92047bb31254208054d2e282a4ae0da48d6d6aee0be6853ee5ad
22abb44ac609885ebd5ed2f512451085dc43e8457e9a2cfdf8bd86dd82073258
22bb88fa79d1f5c02938de4d9d7e1ae91936864954a2f9a38587fdf258580439
246ec45d67d6d0ec3dd4b293e0863b56a73b41f1fc53be07e38b5776effeee6e
2623028b608ddfeee51b931f3b9e12237167c360ad64d7f069b65055f9feaeea
3074482f080f493eb1e4d71ac238c60446c581a78d5ebc157d0292c978b76ecf
30d8043f640e8f3493172a40ab7a2e77ecec653ea7dce0d3c17482f9346ddcf3
3ae11f913ee39154f91e31b1931c30b2dd4a3c3e6c532d86a54274a62c7de608
3c4848fb8a26b84ce37a9be83bf3a545d8b87a26f7734c7683a3666f899b1cd9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41bd5607d502db38af2ef90665b2c9718178cc80c33306ea9567b9fd921fc1a0
42e3910cb1dfa992cae10d041d44e530cf63bf27eab0ddb0da41a5cf335301c2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
478e50cbd887bc65fec370d7ee96150d93564536f5de72fd5f23ed5d2bd0ddf2
47e751617145385d8653615fe4ce8bf4a23446bc9102db82c288f4cf29a6ab06
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
53f4cc30a0cdd34d16dfda9a1e410b541dd08c7711fc2a763045b812ba65150c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c38958f90f8b9162e42ad092c01faa25cff623c49ac2c3db4f0c6b8625c7736
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
673962d8308658ff3ed4c302e3228b00812911563abd88119372bcf03bc0bdf3
67c81c9019d5869d38ff1fed8e7c88f011a6421fb347654675e4f402c989cc96
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69d2753bd38881490f866b8bb3d4c142a88dd5bd7f25b4033bc44723d3c2bcc6
6eebe4ea659753428c2c6dffebb32b427c5b0601ee1b74369564924c621834b3
6eec341c9c241a1081597ada35bc20370b48a3ef4ba97fc4d59fb7d37302a1f0
710054a12e705436eac00b5b7ed86ad30d6c7e4dbaaf697cd17a2034d273cf86
730458e207108233af8e957278708556f83f3ea6288c700da49a410d5ada78f8
76c7ccf7b6af926d8f6a6f9d4384bfdf0df9a033f84f9663af3a8c112cfafda9
7739ee04eda0ed5835b84ecf78316876b8e176ebbc91de10653097f8e07c721d
7921df86278b7fa9be0cbd78d9990071763ec4e9e88aaff2c3d466723090b8ae
7927cfe38d2f8d56435f03a6a8d92c91c28ccad2575ce001eb4f1751afbf8a91
7de6075b9abb486f42eed502f29ee67de1adad093963390cce7cbfaaf4c0a4f5
7fec00617f7ad5d08bb39cde4d1ebe1ba7328f59ca280d6fb46045d2c8cff848
84a30e39d6e892175d046608e636fa9c5e1fad5c49f3870c9ee2b7f7739e20e5
8af5b01db369432e13c4fc7fd732a09338294d39668f7dd3d4c0c063db3a18be
8c3fba3915fbe9cbd21ca6ba73f60eecacec64eea13ea79c43e2e71f24641320
90a5d852e7b743833126df2dafc092d4a2a59fd1a4cceb98412eda984dc065a5
9191639e30fe9a1d3e0eefa3ea40cff3d9c36d3b2073937ef08b32bbfc201a6e
919460afb299301f4fbb6a2b7f5a6411aebe53e6ec38974212f8e313fafaefb1
97d2d7795d8696da8f15abfbc4ed528f5d97767966a23ad602f276c8d6680de9
9d2c4e47d312ed9081170f9d3726d3334c0ed97022b18012e199d9e5e0d0ebb4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23ecda3ca8dac7feded1178112667d25ca9c35ea4a1995f08750a800f20e6bd
a28335cae3d654bb49952a35054837be8992e4839cd6a209851ca8d41811d5b7
a35a51e32439cce8b4dd6734f65c18debec94ca81a30640b2ccaba988ce1639e
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
ad7be3af20b2c3024e17c4f95cff5c2bc9640edc2e30c7b8817e365efaf6f8eb
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec219f536359a751fa88d3db61f2fc25a94129fc1a14907002d377b06ad2b25
b03362a2560bd21e7c29f06bdd209fd2b0993e060501bd9d6edfb9499c3338c8
b0fca93c39ac9dc4efaffb794be523eed4aac08e4db28f7b29c39923dbcd6f45
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bf1ef92a444ea91fc649c7db189f3659ac24b4257590eabeb6cbf5cf6014f3f4
bf823aa356559ab5df1470efd2d72939bff320564780c767a0d17fc4487e9195
c4fce2d721281d04d13bb004901fc494d6aec000148c2c65dee49ae978af3514
c81d2873ebbd73607bba8121cc3b4105eed44afcbcf866f59147c5846a6d385b
d1ee5a40870a92a80899e4e0414a406c961a697a76117ad231a5acb7eeb4e7e2
d37bc64536e0a4d39dc311ded734f17bd0b90d1b34e7b38cd85e4e7d7cf39d5b
d59d5722db18f302ca5dcc89947e1d7bdb3a0123c6ca92aa9d3c931a0e5e574d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d84e24f07dad9ff17e4c7febaded1c50361f94e4e1a2e61dad9cf5620d815b34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f299abce566be4c1aa682df5b5fe1586dd594c88d95a947191a32210d65a03
e596e36b239dbf027cd2073cf58516273d99154b55d01760183294bac34c11a4
ec524f47beda7b12cf6265979fe5320d0ee82b6ed842a8aeef77a12faad4ef9f
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f26b2fb045235e7a9fe80f986a4dd5c53f18f18def1cb9ef03807cc1038ffaae

67bdbed.contato.site Open in urlscan Pro 173.212.200.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

103 Requests

89 %HTTPS

58 %IPv6

20 Domains

31 Subdomains

32 IPs

3 Countries

2815 kBTransfer

9772 kBSize

10 Cookies

0 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

67bdbed.contato.site Open in urlscan Pro
173.212.200.60 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

89 %
HTTPS

58 %
IPv6

20
Domains

31
Subdomains

32
IPs

3
Countries

2815 kB
Transfer

9772 kB
Size

10
Cookies

103 HTTP transactions
1 data transactions