media.gazetadopovo.com.br Open in urlscan Pro
2600:9000:2120:8400:1f:3000:7b80:93a1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.transformacaoincrivel.com.br.euescolhomudar.com.br/ Page URL
2. https://media.gazetadopovo.com.br/vozes/2015/08/pegadinha-do-malandro-b64b73d4.jpg Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response www.transformacaoincrivel.com.br.euescolhomudar.com.br/	2 KB 1 KB	349ms 21ms	Document text/html	158.69.12.96 OVH
General Check archive.org Show headers Download Go to Full URL https://www.transformacaoincrivel.com.br.euescolhomudar.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.69.12.96 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip96.ip-158-69-12.net Software LiteSpeed / Resource Hash f3db3c1c557ca34f280334842f8d27737db8fa85296358e32268a3d80a135c70 Security Headers Name Value Content-Security-Policy frame-ancestors 'none'; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 999 content-security-policy frame-ancestors 'none'; content-type text/html date Fri, 17 Jun 2022 06:31:18 GMT last-modified Fri, 17 Jun 2022 05:02:48 GMT server LiteSpeed strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding,User-Agent x-content-type-options nosniff x-frame-options DENY x-xss-protection 1; mode=block
GET H2	200	s.css www.transformacaoincrivel.com.br.euescolhomudar.com.br/css/	5 KB 2 KB	308ms 307ms	Stylesheet text/css	158.69.12.96 OVH
General Check archive.org Show headers Download Go to Full URL https://www.transformacaoincrivel.com.br.euescolhomudar.com.br/css/s.css Requested by Host: www.transformacaoincrivel.com.br.euescolhomudar.com.br URL: https://www.transformacaoincrivel.com.br.euescolhomudar.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.69.12.96 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip96.ip-158-69-12.net Software LiteSpeed / Resource Hash e10d63d0af6b3682a52039d6cf1ad3909cbd06ecd06793b51888c7decebc8e85 Security Headers Name Value Content-Security-Policy frame-ancestors 'none'; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.transformacaoincrivel.com.br.euescolhomudar.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Fri, 17 Jun 2022 06:31:18 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 17 Jun 2022 05:02:48 GMT server LiteSpeed x-frame-options DENY content-type text/css cache-control public, max-age=604800 content-security-policy frame-ancestors 'none'; strict-transport-security max-age=63072000; includeSubDomains; preload accept-ranges bytes vary Accept-Encoding,User-Agent content-length 1461 x-xss-protection 1; mode=block expires Fri, 24 Jun 2022 06:31:18 GMT
GET H2	200	e.js Show response www.transformacaoincrivel.com.br.euescolhomudar.com.br/js/	38 KB 14 KB	308ms 308ms	Script application/javascript	158.69.12.96 OVH
General Check archive.org Show headers Download Go to Full URL https://www.transformacaoincrivel.com.br.euescolhomudar.com.br/js/e.js Requested by Host: www.transformacaoincrivel.com.br.euescolhomudar.com.br URL: https://www.transformacaoincrivel.com.br.euescolhomudar.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 158.69.12.96 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip96.ip-158-69-12.net Software LiteSpeed / Resource Hash 0fc4befee701413e5f2cd9a6bd26440394699427939be6c0a47c5e8cbc88ad39 Security Headers Name Value Content-Security-Policy frame-ancestors 'none'; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.transformacaoincrivel.com.br.euescolhomudar.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Fri, 17 Jun 2022 06:31:18 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 17 Jun 2022 05:02:48 GMT server LiteSpeed x-frame-options DENY content-type application/javascript cache-control public, max-age=604800 content-security-policy frame-ancestors 'none'; strict-transport-security max-age=63072000; includeSubDomains; preload accept-ranges bytes vary Accept-Encoding,User-Agent content-length 13780 x-xss-protection 1; mode=block expires Fri, 24 Jun 2022 06:31:18 GMT
GET H2	200	css2 fonts.googleapis.com/	8 KB 1 KB	120ms 48ms	Stylesheet text/css	2607:f8b0:4006:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&display=swap Requested by Host: www.transformacaoincrivel.com.br.euescolhomudar.com.br URL: https://www.transformacaoincrivel.com.br.euescolhomudar.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200a Mullica Hill, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6205f9a961ba46bccd20076522a7b95569d6a23fd02a4d54c8c03f3bc23a8d6c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.transformacaoincrivel.com.br.euescolhomudar.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 17 Jun 2022 04:51:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 17 Jun 2022 06:31:18 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 17 Jun 2022 06:31:18 GMT
GET H2	200	V7clpaJu2yc Show response www.youtube.com/embed/ Frame D8CA	64 KB 28 KB	194ms 93ms	Document text/html	2607:f8b0:4006:80c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/V7clpaJu2yc Requested by Host: www.transformacaoincrivel.com.br.euescolhomudar.com.br URL: https://www.transformacaoincrivel.com.br.euescolhomudar.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::200e Mullica Hill, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cce0420c0d94302098c00f13d29586a662113a3dc0264284596204d5f621222e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.transformacaoincrivel.com.br.euescolhomudar.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 critical-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" date Fri, 17 Jun 2022 06:31:18 GMT expires Mon, 01 Jan 1990 00:00:00 GMT p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H3	200	www-player.css www.youtube.com/s/player/f05de49d/ Frame D8CA	338 KB 46 KB	100ms 32ms	Stylesheet text/css	2607:f8b0:4006:80c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/f05de49d/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/V7clpaJu2yc Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80c::200e Mullica Hill, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/V7clpaJu2yc User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 16 Jun 2022 16:41:00 GMT content-encoding br x-content-type-options nosniff age 49818 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47576 x-xss-protection 0 last-modified Thu, 16 Jun 2022 00:19:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 16 Jun 2023 16:41:00 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame D8CA	15 KB 16 KB	145ms 32ms	Font font/woff2	2607:f8b0:4006:816::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/V7clpaJu2yc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 11:41:34 GMT x-content-type-options nosniff age 240584 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 14 Jun 2023 11:41:34 GMT
GET H3	200	www-embed-player.js www.youtube.com/s/player/f05de49d/www-embed-player.vflset/ Frame D8CA	304 KB 94 KB	110ms 66ms	Script text/javascript	2607:f8b0:4006:80c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/f05de49d/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/V7clpaJu2yc Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80c::200e Mullica Hill, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/V7clpaJu2yc User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 16 Jun 2022 16:41:00 GMT content-encoding br x-content-type-options nosniff age 49818 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 96086 x-xss-protection 0 last-modified Thu, 16 Jun 2022 00:19:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 16 Jun 2023 16:41:00 GMT
GET H3	200	base.js www.youtube.com/s/player/f05de49d/player_ias.vflset/en_US/ Frame D8CA	2 MB 533 KB	126ms 82ms	Script text/javascript	2607:f8b0:4006:80c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/f05de49d/player_ias.vflset/en_US/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/V7clpaJu2yc Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80c::200e Mullica Hill, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/V7clpaJu2yc User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 16 Jun 2022 16:41:00 GMT content-encoding br x-content-type-options nosniff age 49818 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 545875 x-xss-protection 0 last-modified Thu, 16 Jun 2022 00:19:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 16 Jun 2023 16:41:00 GMT
GET H3	200	fetch-polyfill.js www.youtube.com/s/player/f05de49d/fetch-polyfill.vflset/ Frame D8CA	9 KB 3 KB	123ms 80ms	Script text/javascript	2607:f8b0:4006:80c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/f05de49d/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/V7clpaJu2yc Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80c::200e Mullica Hill, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/V7clpaJu2yc User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 16 Jun 2022 16:41:00 GMT content-encoding br x-content-type-options nosniff age 49818 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2786 x-xss-protection 0 last-modified Thu, 16 Jun 2022 00:19:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 16 Jun 2023 16:41:00 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v24/	30 KB 30 KB	166ms 128ms	Font font/woff2	2607:f8b0:4006:816::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.transformacaoincrivel.com.br.euescolhomudar.com.br accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 14 Jun 2022 15:42:32 GMT x-content-type-options nosniff age 226126 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30876 x-xss-protection 0 last-modified Tue, 26 Apr 2022 14:37:35 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 14 Jun 2023 15:42:32 GMT
GET H2	200	Primary Request pegadinha-do-malandro-b64b73d4.jpg Show response media.gazetadopovo.com.br/vozes/2015/08/	38 KB 38 KB	386ms 107ms	Document image/jpeg	2600:9000:2120:8400:1f:3000:7b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://media.gazetadopovo.com.br/vozes/2015/08/pegadinha-do-malandro-b64b73d4.jpg Requested by Host: www.transformacaoincrivel.com.br.euescolhomudar.com.br URL: https://www.transformacaoincrivel.com.br.euescolhomudar.com.br/js/e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2120:8400:1f:3000:7b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d540a86b380c32e5d038f104df69ef413ff3c2e85e9933942baff700df33aaf3 Request headers Referer https://www.transformacaoincrivel.com.br.euescolhomudar.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes cache-control max-age=31536000 content-encoding gzip content-length 38550 content-type image/jpeg date Fri, 17 Jun 2022 06:31:20 GMT etag "6c1ec8cd24451565cf391c5f299827bc" last-modified Wed, 15 May 2019 23:23:41 GMT server AmazonS3 via 1.1 7eb1986bc2b6151cfcbcefbaa656508a.cloudfront.net (CloudFront) x-amz-cf-id PIl6hBiYfB4rRe-YPcjwRghA1lodLiY2sCmRe54F9tqo_9KbkyVznA== x-amz-cf-pop EWR52-C4 x-cache Miss from cloudfront
GET		id googleads.g.doubleclick.net/pagead/ Frame D8CA Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	0 0
GET		ad_status.js static.doubleclick.net/instream/ Frame D8CA	0 0
OPTIONS H2	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	112ms 39ms	Preflight text/html	2607:f8b0:4006:820::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::200a Mullica Hill, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Fri, 17 Jun 2022 06:31:19 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST		Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D8CA	0 0
GET H3	200	remote.js www.youtube.com/s/player/f05de49d/player_ias.vflset/en_US/ Frame D8CA	119 KB 37 KB	32ms 32ms	Script text/javascript	2607:f8b0:4006:80c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/f05de49d/player_ias.vflset/en_US/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/f05de49d/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80c::200e Mullica Hill, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/V7clpaJu2yc User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 16 Jun 2022 16:41:36 GMT content-encoding br x-content-type-options nosniff age 49783 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37639 x-xss-protection 0 last-modified Thu, 16 Jun 2022 00:19:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 16 Jun 2023 16:41:36 GMT
GET		gQt_qDfCWbGRlNom57uZGe0k_4GTpRI8j9Yg-UWPXqA.js www.google.com/js/th/ Frame D8CA	0 0
GET H3	200	embed.js www.youtube.com/s/player/f05de49d/player_ias.vflset/en_US/ Frame D8CA	23 KB 0	33ms 33ms	Script text/javascript	2607:f8b0:4006:80c::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/f05de49d/player_ias.vflset/en_US/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/f05de49d/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80c::200e Mullica Hill, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.youtube.com/embed/V7clpaJu2yc User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 16 Jun 2022 16:41:01 GMT content-encoding br x-content-type-options nosniff age 49818 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8054 x-xss-protection 0 last-modified Thu, 16 Jun 2022 00:19:15 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 16 Jun 2023 16:41:01 GMT
GET DATA	200 OK	truncated / Frame D8CA	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Content-Type image/png
GET		zRr4m6VAnOD3BGoNUgTHcI7JFxq4FtrS-O2u9WaZ9ISUhPXi-pjkdS7GUe03CTJ_-nrR7yg2lA=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ Frame D8CA	0 0
GET		sddefault.webp i.ytimg.com/vi_webp/V7clpaJu2yc/ Frame D8CA	0 0
GET		cast_sender.js www.gstatic.com/cv/js/sender/v1/ Frame D8CA	0 0
POST		atr www.youtube.com/api/stats/ Frame D8CA	0 0
POST		log_event www.youtube.com/youtubei/v1/ Frame D8CA	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

googleads.g.doubleclick.net

URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Domain

static.doubleclick.net

URL

https://static.doubleclick.net/instream/ad_status.js

Domain

jnn-pa.googleapis.com

URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Domain

www.google.com

URL

https://www.google.com/js/th/gQt_qDfCWbGRlNom57uZGe0k_4GTpRI8j9Yg-UWPXqA.js

Domain

yt3.ggpht.com

URL

https://yt3.ggpht.com/zRr4m6VAnOD3BGoNUgTHcI7JFxq4FtrS-O2u9WaZ9ISUhPXi-pjkdS7GUe03CTJ_-nrR7yg2lA=s68-c-k-c0x00ffffff-no-rj

Domain

i.ytimg.com

URL

https://i.ytimg.com/vi_webp/V7clpaJu2yc/sddefault.webp

Domain

www.gstatic.com

URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Domain

www.youtube.com

URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=4cZQLe3GG0GzdeLo&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fwww.transformacaoincrivel.com.br.euescolhomudar.com.br%2F&lact=115&cl=455226768&mos=0&volume=100&cbr=Chrome&cbrver=102.0.5005.115&c=WEB_EMBEDDED_PLAYER&cver=1.20220615.02.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=en_US&cr=CA&len=1053&fexp=23748147%2C23940247%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24134697%2C24135310%2C24135692%2C24167177%2C24169501%2C24199710%2C24220088%2C24233066&muted=0&docid=V7clpaJu2yc

Domain

www.youtube.com

URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 66RxvGlKpL8
			.youtube.com/	1970-01-20 08:09:59	Name: VISITOR_INFO1_LIVE Value: wQ2bVWXZ6bQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none';
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
media.gazetadopovo.com.br
static.doubleclick.net
www.google.com
www.gstatic.com
www.transformacaoincrivel.com.br.euescolhomudar.com.br
www.youtube.com
yt3.ggpht.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
158.69.12.96
2600:9000:2120:8400:1f:3000:7b80:93a1
2607:f8b0:4006:80c::200e
2607:f8b0:4006:816::2003
2607:f8b0:4006:820::200a
2607:f8b0:4006:824::200a
0fc4befee701413e5f2cd9a6bd26440394699427939be6c0a47c5e8cbc88ad39
6205f9a961ba46bccd20076522a7b95569d6a23fd02a4d54c8c03f3bc23a8d6c
cce0420c0d94302098c00f13d29586a662113a3dc0264284596204d5f621222e
d540a86b380c32e5d038f104df69ef413ff3c2e85e9933942baff700df33aaf3
e10d63d0af6b3682a52039d6cf1ad3909cbd06ecd06793b51888c7decebc8e85
f3db3c1c557ca34f280334842f8d27737db8fa85296358e32268a3d80a135c70