urlscan.io logo urlscan.io
SecurityTrails logo

forno320.deliveryvip.app Open in urlscan Pro
137.66.28.116  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://forno320.deliveryvip.app/
Effective URL: https://forno320.deliveryvip.app/menu
Submission: On August 06 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 26 HTTP transactions. The main IP is 137.66.28.116, located in United States and belongs to FLY, US. The main domain is forno320.deliveryvip.app.
TLS certificate: Issued by E5 on August 2nd 2024. Valid for: 3 months.
This is the only time forno320.deliveryvip.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    137.66.28.116 (United States)

ASN40509 (FLY, US)
forno320.deliveryvip.app
2    2600:9000:2761:f000:11:4350:c9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.deliveryvip.com.br
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2600:9000:211e:8a00:19:790d:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
storage.deliveryvip.com.br
1    2606:4700::6811:f8cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
11 deliveryvip.com.br
assets.deliveryvip.com.br
storage.deliveryvip.com.br
703 KB
8 deliveryvip.app
forno320.deliveryvip.app
26 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
74 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1314
5 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
49 KB
26 8
Domain Requested by
9 storage.deliveryvip.com.br forno320.deliveryvip.app
8 forno320.deliveryvip.app 1 redirects assets.deliveryvip.com.br
2 www.facebook.com forno320.deliveryvip.app
2 connect.facebook.net forno320.deliveryvip.app
connect.facebook.net
2 assets.deliveryvip.com.br forno320.deliveryvip.app
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com assets.deliveryvip.com.br
1 unpkg.com assets.deliveryvip.com.br
1 www.googletagmanager.com forno320.deliveryvip.app
26 9

This site contains no links.

Subject Issuer Validity Valid
forno320.deliveryvip.app
E5		 2024-08-02 -
2024-10-31		 3 months crt.sh
assets.deliveryvip.com.br
Amazon RSA 2048 M02		 2024-05-25 -
2025-06-22		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
storage.deliveryvip.com.br
Amazon RSA 2048 M02		 2024-03-30 -
2025-04-27		 a year crt.sh
unpkg.com
WE1		 2024-07-28 -
2024-10-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-16 -
2024-08-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://forno320.deliveryvip.app/menu
Frame ID: 3C1B7E193543DA3A3BBAF17D212971DA
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Delivery | Forno 320

Page URL History Show full URLs

  1. https://forno320.deliveryvip.app/ HTTP 302
    https://forno320.deliveryvip.app/menu Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
  • <[^>]+[^\w-]x-data[^\w-][^<]+
Overall confidence: 100%
Detected patterns
  • <[^>]+data-controller
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

26
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

908 kB
Transfer

3579 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forno320.deliveryvip.app/ HTTP 302
    https://forno320.deliveryvip.app/menu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request menu
forno320.deliveryvip.app/
Redirect Chain
  • https://forno320.deliveryvip.app/
  • https://forno320.deliveryvip.app/menu
83 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forno320.deliveryvip.app/menu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.66.28.116 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Caddy cloudflare /
Resource Hash
c17689b9e1e5819d6b4404f1f8c86521eaa2ce70c45e6c8b0b04f425b1edf792
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000
apx-hit
true
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8af20ce44f73aab0-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 06 Aug 2024 21:16:51 GMT
link
<https://assets.deliveryvip.com.br/assets/merchant-1f87d8f293381fa45c794b0e7f2f0ba47907ca31.css>; rel=preload; as=style; nopush
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JYg0QGVz7Zi%2BZ2WarAtQp%2BsqYrHkNakIizPyMKugFleDVHvrmedeW7Qw6Yfoc%2BA6B2gRfNnLrUvOW9pUusfAeyzaJ2MF6idlWYROI2uu5jCZFDFLtSRhB%2FxD2EEVjiyF79R0l8FyKBj2jtNc1tdcS%2FFpFOmruQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
Caddy cloudflare
sozu-id
01J4MRT2HEF23FS6SK5WKEMHXE
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding, Origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-request-id
822d9c89-cdd0-424e-be15-250f0a55931c
x-runtime
0.076396
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000
apx-hit
true
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8af20ce32e4eaab0-YYZ
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 06 Aug 2024 21:16:51 GMT
location
https://forno320.deliveryvip.app/menu
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VhYIao4GMPMEMlPLrYRL%2BRNWfmKduO9QrVrIXiJuC9dBWC1C%2BEj37i1ZfaXpiu5ntsGpBxQeJVuI0pSTaNEyj2ev0C1B%2FQiEcxAtTB2f%2FiElRV0FaciA9aTOLCXoX5AGz193lbKdye6zcHiEIcuyK5tPT8%2Byew%3D%3D"}],"group":"cf-nel","max_age":604800}
server
Caddy cloudflare
sozu-id
01J4MRSZQ2JSEQ1A028G0S6EP7
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding, Origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-request-id
4b3de485-ed1e-4e70-b011-bb6643e762fd
x-runtime
0.023219
x-xss-protection
0
merchant-1f87d8f293381fa45c794b0e7f2f0ba47907ca31.css
assets.deliveryvip.com.br/assets/ 		134 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.deliveryvip.com.br/assets/merchant-1f87d8f293381fa45c794b0e7f2f0ba47907ca31.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:f000:11:4350:c9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc091896a0e5a3962da1a5298a91502977e8a1be6a7d663ea1b6ad056d1707fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 18:22:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 67697a0060e2336f6ffa8579d528820e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
age
2429641
x-cache
Hit from cloudfront
last-modified
Tue, 09 Jul 2024 18:04:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zoFH6YTx%2FhnRUKWFJ1kur9Thg%2F9ABylDnNb7S7lcafgUq7dfpKbzmmBp9kBvYk7ktpzK5Oub56jqWjiZmGmaKuK%2BD2aszVU9TJNL%2BQxBWy05ZwzKG6Fw17DUVuq0hTgX3XItngfxXWNZLFPxs4CegmBBGUFZEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, s-maxage=31536000, max-age=15552000
sozu-id
01J2CBNXQQT0E3JC42W0AMF7YF
cf-ray
8a0a577d5de79f36-FRA
apx-hit
true
x-amz-cf-id
_5Nq-qupBo-4l6EtL-DyuMWP3H6sISISQFkKRn4kH95b0nB-_kcdTg==
expires
Wed, 09 Jul 2025 18:10:14 +0000
js
www.googletagmanager.com/gtag/ 		127 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=googlecaramelo
Requested by
Host: forno320.deliveryvip.app
URL: https://forno320.deliveryvip.app/menu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
37f277aafcd78bad38a78ca60ec3b18609f2de4d75b327235d88a0c9d56ad01a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 21:16:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49540
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Aug 2024 21:16:51 GMT
merchant-30ab069a47fac0fea47d384cd0addda9805386a8.js
assets.deliveryvip.com.br/assets/ 		3 MB
520 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.deliveryvip.com.br/assets/merchant-30ab069a47fac0fea47d384cd0addda9805386a8.js
Requested by
Host: forno320.deliveryvip.app
URL: https://forno320.deliveryvip.app/menu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:f000:11:4350:c9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
917b2616feb94ae7cdcebdb1ec6a9ee7277e3e276965a9dd7539069d8e42ec9a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 14 May 2024 13:58:12 GMT
content-encoding
gzip
via
1.1 67697a0060e2336f6ffa8579d528820e.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
BYPASS
x-amz-cf-pop
FRA60-P8
age
7283919
x-cache
Hit from cloudfront
last-modified
Tue, 14 May 2024 13:55:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rvNYc3%2FOnQESP9QSy%2FolgHTvxOeAU2vlSJoX6x9exD%2FN5VtGczQaAtU7oNtXAyTGG1UIPDs0ZVjAkxLYi5Ye7bS2ziKycaW39hq2e9PpPongwH2l3%2FCFCCH4WdfD90a50EAxUklBHzg%2FOSd6IYNDuxSSmy%2FNSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, s-maxage=31536000, max-age=15552000
sozu-id
01HXVP2STWNGYHD201W63SHW34
cf-ray
883b66d5a82c2c33-FRA
apx-hit
true
x-amz-cf-id
MGz5LYkX5t2_dld8J_g91MolCs9Qt-bCs53qTN_nrQjsNTxOPC6qog==
expires
Wed, 14 May 2025 13:56:53 +0000
NmJoZGk1aWN1
storage.deliveryvip.com.br/-C1FuCoAGnfrQJV0qx15YHbjtB8YKBima69vGP0VS5c/s:0:320/Z3M6Ly9kZWxpdmVy/eXZpcC9nNTMydmxi/amZ6bG5pZWswZjl6/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.deliveryvip.com.br/-C1FuCoAGnfrQJV0qx15YHbjtB8YKBima69vGP0VS5c/s:0:320/Z3M6Ly9kZWxpdmVy/eXZpcC9nNTMydmxi/amZ6bG5pZWswZjl6/NmJoZGk1aWN1
Requested by
Host: forno320.deliveryvip.app
URL: https://forno320.deliveryvip.app/menu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8a00:19:790d:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgproxy /
Resource Hash
ac30d0d56aefcbe1e8726f629af1d085d5a0c2e6621b4f0b64354b03548909ef
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Tue, 06 Aug 2024 21:16:53 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server
imgproxy
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public
content-disposition
inline; filename="g532vlbjfzlniek0f9z6bhdi5icu.jpg"
sozu-id
01J4MRTK4Q9X1XEFB08X7S1PAN
content-length
42131
x-amz-cf-id
nUFSMd1YCc6v65cX2yDwAr87st6Hl8r7gi9zLaA8VWy8Up88Tt9p5g==
x-request-id
K3QfiRN1dpJ0qAOHU59uM
leaflet.css
unpkg.com/leaflet@1.9.2/dist/ 		14 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/leaflet@1.9.2/dist/leaflet.css
Requested by
Host: assets.deliveryvip.com.br
URL: https://assets.deliveryvip.com.br/assets/merchant-1f87d8f293381fa45c794b0e7f2f0ba47907ca31.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00fb35804db16f78b2cda963b682d8b0dc72ff961d60898fc89dfd41274cf5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.deliveryvip.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 21:16:51 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
12621322
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWM6AKMYS8B7QMKW8VT44WN-fra
server
cloudflare
etag
"394e-JmBU1EUyPEZPKcQsXRn5T6OkSlk"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8af20ce70c63904e-FRA
css2
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: assets.deliveryvip.com.br
URL: https://assets.deliveryvip.com.br/assets/merchant-1f87d8f293381fa45c794b0e7f2f0ba47907ca31.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb121c45f498cba0f88de6e2235d95cf3307bb9ed5376f6a793b8253a520592f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://assets.deliveryvip.com.br/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 06 Aug 2024 21:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 06 Aug 2024 21:08:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Aug 2024 21:16:51 GMT
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://forno320.deliveryvip.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 23:45:40 GMT
x-content-type-options
nosniff
age
77471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48444
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Aug 2025 23:45:40 GMT
bjVuY2N3ams5
storage.deliveryvip.com.br/7RmEF6aWlSSn_TZ7ZrHK6FIGtSEbqssKdzVlBICPPz4/s:160:160/Z3M6Ly9kZWxpdmVy/eXZpcC8yMHJ2Z2Q2/NGFiaTVtNnVxZGlv/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.deliveryvip.com.br/7RmEF6aWlSSn_TZ7ZrHK6FIGtSEbqssKdzVlBICPPz4/s:160:160/Z3M6Ly9kZWxpdmVy/eXZpcC8yMHJ2Z2Q2/NGFiaTVtNnVxZGlv/bjVuY2N3ams5
Requested by
Host: forno320.deliveryvip.app
URL: https://forno320.deliveryvip.app/menu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8a00:19:790d:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgproxy /
Resource Hash
6fb45bff7f4d330afe856b8cc526813f1584c425b85453a25544debbc19c71d3
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Tue, 06 Aug 2024 21:16:53 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server
imgproxy
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=604800, public
content-disposition
inline; filename="20rvgd64abi5m6uqdion5nccwjk9.png"
sozu-id
01J4MRTKBX15DC280GQR03BARY
content-length
23255
x-amz-cf-id
-KDv7Yv_GQH2Op2mzvHwS5ZYD2Hy9ZeGSIdVBdIoMwtxmMBd5dFsXQ==
x-request-id
-t3fVv5mTKqwpohzCnYXn
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: forno320.deliveryvip.app
URL: https://forno320.deliveryvip.app/menu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Aug 2024 21:16:51 GMT
document-policy
force-load-at-top
x-fb-server-load
38
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
6lT2cMEPN8I8ueBD5lerr2IifhGJuSfeR3gKhczl1gNSdskbJfZHFW4Xy5Iphb1RoSNNCfzhGhm9EQZx1nX9ug==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
smarts
forno320.deliveryvip.app/stores/discounts/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://forno320.deliveryvip.app/stores/discounts/smarts
Requested by
Host: assets.deliveryvip.com.br
URL: https://assets.deliveryvip.com.br/assets/merchant-30ab069a47fac0fea47d384cd0addda9805386a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.66.28.116 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Caddy, cloudflare /
Resource Hash
aa2e5d4b1ff73bc2bdfcd1b665b8b026bfa20d7766800e09f05124a4056f296f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept
text/html, application/xhtml+xml
Referer
https://forno320.deliveryvip.app/menu
turbo-frame
discount_banner_notifier
x-turbo-request-id
95326e28-72b4-4dd8-bdc6-c92adbe833cc
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 21:16:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=63072000; includeSubDomains
alt-svc
h3=":443"; ma=2592000
x-xss-protection
0
x-request-id
d8ff5bf2-07a8-4eb0-b4d1-5d7e169a6aae
x-runtime
0.058601
referrer-policy
strict-origin-when-cross-origin
server
Caddy, cloudflare
vary
Accept, Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jw%2FdYCHctNIVX78h%2Bq29AWj6ctUEpcinaRRfgdsD%2FeuTdEYovw%2B7Jz5gTMIHiOA5qKnTJaPc%2FGaWrO8WKmE02gz%2FOsXGrfy2I0fv8pvbm%2FFKfcdd4nVpbWQWr70ZUE17AWDT6HLo4VmvY4fek9Yjl9YrLrXkIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=0, private, must-revalidate
sozu-id
01J4MRT3PYDBY271MY3AKZAMBQ
cf-ray
8af20ce88b9eaab0-YYZ
apx-hit
true
highlights
forno320.deliveryvip.app/stores/products/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://forno320.deliveryvip.app/stores/products/highlights
Requested by
Host: assets.deliveryvip.com.br
URL: https://assets.deliveryvip.com.br/assets/merchant-30ab069a47fac0fea47d384cd0addda9805386a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.66.28.116 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Caddy, cloudflare /
Resource Hash
0515123096eee96c4c521b6143fdbf04339584696feeb17e595148bc20c5497e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept
text/html, application/xhtml+xml
Referer
https://forno320.deliveryvip.app/menu
turbo-frame
product_highlight_list
x-turbo-request-id
70d17712-da66-436c-b9a6-918a9e2cd501
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 21:16:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=63072000; includeSubDomains
alt-svc
h3=":443"; ma=2592000
x-xss-protection
0
x-request-id
6a16e66a-8188-4f23-887f-ca562c5285e5
x-runtime
0.021182
referrer-policy
strict-origin-when-cross-origin
server
Caddy, cloudflare
vary
Accept, Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rvDGjeFZHgymA0Q0vva0o9QhPWFZMpJkc3b0MauRzLez8RV77ZQxHTfs9WWsBpfvHnyzuwbbnzsQ%2FhU4xHw%2F1S4y0KK7b3ptpIBOE63mQUHuiFH8yRHBPutVqjQcd1FQJ6mYEKKT%2BY%2B9M1x3KyserxQIQqpHTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=0, private, must-revalidate
sozu-id
01J4MRT2XERGW2HQ0VJX605W19
cf-ray
8af20ce88ba5aab0-YYZ
apx-hit
true
categories.turbo_stream
forno320.deliveryvip.app/stores/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://forno320.deliveryvip.app/stores/categories.turbo_stream
Requested by
Host: assets.deliveryvip.com.br
URL: https://assets.deliveryvip.com.br/assets/merchant-30ab069a47fac0fea47d384cd0addda9805386a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.66.28.116 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Caddy, cloudflare /
Resource Hash
2ffbaef48da85f76d5b0e66a0527284c72a6414b0629c93e6e98d43b4cdbb491
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept
text/html, application/xhtml+xml
Referer
https://forno320.deliveryvip.app/menu
turbo-frame
category_list
x-turbo-request-id
11462838-bac1-46a6-80cc-c0010507a7ee
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 21:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=63072000; includeSubDomains
alt-svc
h3=":443"; ma=2592000
x-xss-protection
0
x-request-id
40b97f89-d933-46d1-b406-3a88c5229fff
x-runtime
0.285724
referrer-policy
strict-origin-when-cross-origin
server
Caddy, cloudflare
etag
W/"2ffbaef48da85f76d5b0e66a0527284c"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1mkjPFStQ5%2FYIZiDJbGEUJOkSw2sipcf84I06XjvOURey7u2hyRQNtKFdFU8MDBKJLy11nNid6S4FfDuSjcoiMUO44sH7Ch00gsg1P%2B1KTj1p78EeapWIZ1QqEC7oqCusGlTPaR9X201kC1eJ37q7asw3i2fNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/vnd.turbo-stream.html; charset=utf-8
cache-control
max-age=0, private, must-revalidate
sozu-id
01J4MRTGG8H9JDZRK089JMCP0V
cf-ray
8af20ce88ba8aab0-YYZ
apx-hit
true
309410007243108
connect.facebook.net/signals/config/ 		70 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/309410007243108?v=2.9.164&r=stable&domain=forno320.deliveryvip.app&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fb928e3fa659cea346fa382666b08e990ba06cf5ad680d57f683bec22da06dea
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 06 Aug 2024 21:16:52 GMT
document-policy
force-load-at-top
x-fb-server-load
28
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=65, mss=1297, tbw=64421, tp=-1, tpl=-1, uplat=197, ullat=0
pragma
public
x-fb-debug
h7pcb1Z6K9BcJO1PutUJ9aUvqPQdafN6gR9ZUhTh0Lf8cte0Dd/wk49n19Osl0PFwCeFhQPhfCHWkMkOt8sLSA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=309410007243108&ev=PageView&dl=https%3A%2F%2Fforno320.deliveryvip.app%2Fmenu&rl=&if=false&ts=1722979012306&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722979012304.462151651471716898&cs_est=true&ler=empty&cdl=API_unavailable&it=1722979012040&coo=false&rqm=GET
Requested by
Host: forno320.deliveryvip.app
URL: https://forno320.deliveryvip.app/menu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2812, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 06 Aug 2024 21:16:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=309410007243108&ev=PageView&dl=https%3A%2F%2Fforno320.deliveryvip.app%2Fmenu&rl=&if=false&ts=1722979012306&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1722979012304.462151651471716898&cs_est=true&ler=empty&cdl=API_unavailable&it=1722979012040&coo=false&rqm=FGET
Requested by
Host: forno320.deliveryvip.app
URL: https://forno320.deliveryvip.app/menu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 06 Aug 2024 21:16:52 GMT
document-policy
force-load-at-top
x-fb-server-load
23
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400138508520709656", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1297, tbw=3130, tp=-1, tpl=-1, uplat=238, ullat=0
pragma
no-cache
x-fb-debug
ucDfdUmQkw1TwolULZuTOH20Rk+Tn8s9C5n1TpLXBLUU7qBZ9aX+6SjsVn+BHKCfyfABis1/rjIXhhTr+QmDYQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400138508520709656"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
products.turbo_stream
forno320.deliveryvip.app/stores/categories/3943d31a-6f8d-4752-b674-d3f1c055abbb/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://forno320.deliveryvip.app/stores/categories/3943d31a-6f8d-4752-b674-d3f1c055abbb/products.turbo_stream
Requested by
Host: assets.deliveryvip.com.br
URL: https://assets.deliveryvip.com.br/assets/merchant-30ab069a47fac0fea47d384cd0addda9805386a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.66.28.116 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Caddy, cloudflare /
Resource Hash
15d935bde05db5b4efa779d88302e8a4161ce6511a951fe793ec588c8f4808d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept
text/html, application/xhtml+xml
Referer
https://forno320.deliveryvip.app/menu
turbo-frame
product_list_store_category_3943d31a-6f8d-4752-b674-d3f1c055abbb
x-turbo-request-id
6e98a4bc-6c78-4043-a775-2214044239b6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 21:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=63072000; includeSubDomains
alt-svc
h3=":443"; ma=2592000
x-xss-protection
0
x-request-id
abf5ba8c-937c-4845-8533-fc7457afe566
x-runtime
0.030691
referrer-policy
strict-origin-when-cross-origin
server
Caddy, cloudflare
etag
W/"15d935bde05db5b4efa779d88302e8a4"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rnwCvo%2FX6ihP7c0JGAF0RWlSzz6ABYbpFRI4J%2BfD2sarFTzkN885E4VwFTLCZirGr2g1fVDcDLTpagZvR0NquLPBH6ZW7HR0xZL5hgnj7UVyrAoNY%2BKkyYHye9nhNRRN41m4Alrk6rvI7Z2b52Dh6Ze0FZld3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/vnd.turbo-stream.html; charset=utf-8
cache-control
max-age=0, private, must-revalidate
sozu-id
01J4MRT7MCEMAFANKGK41A62HP
cf-ray
8af20ceb7f26aab0-YYZ
apx-hit
true
products.turbo_stream
forno320.deliveryvip.app/stores/categories/ccae350a-cc53-4cb5-8c68-62b2866b2710/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://forno320.deliveryvip.app/stores/categories/ccae350a-cc53-4cb5-8c68-62b2866b2710/products.turbo_stream
Requested by
Host: assets.deliveryvip.com.br
URL: https://assets.deliveryvip.com.br/assets/merchant-30ab069a47fac0fea47d384cd0addda9805386a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.66.28.116 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Caddy, cloudflare /
Resource Hash
acc01737479aa2ca13ff0ee2cc542eb5a692bd03bb4e40f7e19deacc2371bc55
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept
text/html, application/xhtml+xml
Referer
https://forno320.deliveryvip.app/menu
turbo-frame
product_list_store_category_ccae350a-cc53-4cb5-8c68-62b2866b2710
x-turbo-request-id
82aa19cb-91d5-49ea-98c1-b8adb4b196a7
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 21:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=63072000; includeSubDomains
alt-svc
h3=":443"; ma=2592000
x-xss-protection
0
x-request-id
2a072c98-8acd-471d-ac3a-705c17922b19
x-runtime
0.028585
referrer-policy
strict-origin-when-cross-origin
server
Caddy, cloudflare
etag
W/"acc01737479aa2ca13ff0ee2cc542eb5"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3eUme%2BrBShtK3zqwaLot4Rg%2BbCXsJBqa8eUGso9hDcmUK73wPKZx%2F4hSoIrn7vkj%2BPT39eYe3g4%2F2t5daONEplogHjTtrOBptz7u6uMwxEk7XR4kEtvoanz6Ey1C7iJnPIn0kBeW06h2NbWoVUx1bOQvMGbUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/vnd.turbo-stream.html; charset=utf-8
cache-control
max-age=0, private, must-revalidate
sozu-id
01J4MRTFSQ36GPMX0HEADNW6ZA
cf-ray
8af20ceb7f27aab0-YYZ
apx-hit
true
products.turbo_stream
forno320.deliveryvip.app/stores/categories/1a30d852-bbc6-4166-8534-687bd1f24f06/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://forno320.deliveryvip.app/stores/categories/1a30d852-bbc6-4166-8534-687bd1f24f06/products.turbo_stream
Requested by
Host: assets.deliveryvip.com.br
URL: https://assets.deliveryvip.com.br/assets/merchant-30ab069a47fac0fea47d384cd0addda9805386a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
137.66.28.116 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Caddy, cloudflare /
Resource Hash
961d87ffb15dd3b91657d206878996dc07f444c5b19b1e7ef4c8897f64bdfa0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept
text/html, application/xhtml+xml
Referer
https://forno320.deliveryvip.app/menu
turbo-frame
product_list_store_category_1a30d852-bbc6-4166-8534-687bd1f24f06
x-turbo-request-id
d44c8923-102e-4022-92dd-e29063419ab6
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 21:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=63072000; includeSubDomains
alt-svc
h3=":443"; ma=2592000
x-xss-protection
0
x-request-id
35dfd457-a4b5-433c-91e0-0d914ebbe471
x-runtime
0.027181
referrer-policy
strict-origin-when-cross-origin
server
Caddy, cloudflare
etag
W/"961d87ffb15dd3b91657d206878996dc"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vz0E7gc68X8Dkd6u%2FItuyWOpR75UqdJJzJyCy41KDbLSVazrAv0JAqskmXo0JLgLjRB1ERz7u5D%2FYU1eiUGmmLsw2XlZ2oYVR95d7Hw8zoNHrEznClvDhzWXrQ0sGIlT2jY7%2BiUwBN8h2Ziy10t41Y4hwkbYig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/vnd.turbo-stream.html; charset=utf-8
cache-control
max-age=0, private, must-revalidate
sozu-id
01J4MRTG8F7WQPQCFA5J115HYA
cf-ray
8af20ceb7f28aab0-YYZ
apx-hit
true
NGtpYXZrOHRx
storage.deliveryvip.com.br/Tnh-RoUUsMaXktusblNj99NUZd77r5jKJBc4RrKhLCc/h:256/Z3M6Ly9kZWxpdmVy/eXZpcC9hNno3ZDBw/bjI4ajAyYzB4NDFr/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.deliveryvip.com.br/Tnh-RoUUsMaXktusblNj99NUZd77r5jKJBc4RrKhLCc/h:256/Z3M6Ly9kZWxpdmVy/eXZpcC9hNno3ZDBw/bjI4ajAyYzB4NDFr/NGtpYXZrOHRx
Requested by
Host: forno320.deliveryvip.app
URL: https://forno320.deliveryvip.app/menu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8a00:19:790d:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgproxy /
Resource Hash
a0d91c879f66a2f877607b01b1f2a193d6fdf41c41ac4c53bb160e93722bf6e6
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Tue, 06 Aug 2024 21:16:54 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server
imgproxy
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public
content-disposition
inline; filename="a6z7d0pn28j02c0x41k4kiavk8tq.jpg"
sozu-id
01J4MRTM43ZV1ES8K13468KA59
content-length
5356
x-amz-cf-id
2oAoqsnfDPhpHd8jQrhUsz-yth787ChnVOv29LIt3B5qGqqmVc9aTA==
x-request-id
7PlVAA2jibl0YsI0tHwva
dnZ0cDk1eTgx
storage.deliveryvip.com.br/w3SEovrDZnMEoLdkehug5bobGw13ctQ5lY-gkbTfH_c/h:256/Z3M6Ly9kZWxpdmVy/eXZpcC83ZmYxenow/eHZwZXR3dWMyZzR3/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.deliveryvip.com.br/w3SEovrDZnMEoLdkehug5bobGw13ctQ5lY-gkbTfH_c/h:256/Z3M6Ly9kZWxpdmVy/eXZpcC83ZmYxenow/eHZwZXR3dWMyZzR3/dnZ0cDk1eTgx
Requested by
Host: forno320.deliveryvip.app
URL: https://forno320.deliveryvip.app/menu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8a00:19:790d:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgproxy /
Resource Hash
4841d71a35129c722450dfd596703bc71ee4fa59203f525f23241ddaf8205d15
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Tue, 06 Aug 2024 21:16:53 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server
imgproxy
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public
content-disposition
inline; filename="7ff1zz0xvpetwuc2g4wvvtp95y81.jpg"
sozu-id
01J4MRTM2JAVTM2H0SFSS34FZD
content-length
4427
x-amz-cf-id
GeEk5SwwK4RTJ-3vTScUPF__AnXuX9pMCMvJ2LWVGWx56oTAu9Pptg==
x-request-id
fQdDaRnPE8XuHwFP-xcOr
cmRld3VsbWFl
storage.deliveryvip.com.br/3Isr1ffXpT2fPpAqBoJlDzgQxE8YPXqluhp4JiEjsVo/h:256/Z3M6Ly9kZWxpdmVy/eXZpcC82bXJmdjFy/YXkwa3N1ZGY4czcw/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.deliveryvip.com.br/3Isr1ffXpT2fPpAqBoJlDzgQxE8YPXqluhp4JiEjsVo/h:256/Z3M6Ly9kZWxpdmVy/eXZpcC82bXJmdjFy/YXkwa3N1ZGY4czcw/cmRld3VsbWFl
Requested by
Host: forno320.deliveryvip.app
URL: https://forno320.deliveryvip.app/menu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8a00:19:790d:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgproxy /
Resource Hash
79155e68d5ff69def53926aa4a33846c5a985b1e01f830ef76d066057be50737
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Tue, 06 Aug 2024 21:16:53 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server
imgproxy
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public
content-disposition
inline; filename="6mrfv1ray0ksudf8s70rdewulmae.jpg"
sozu-id
01J4MRTM52HVA1SZ070917N7RZ
content-length
20994
x-amz-cf-id
EhwPkhWVwIQtNXbdKdes_4rixF8c9E85geN37Xn8wZH3Yjvuc1v7xA==
x-request-id
9O1I7yYXvI31c9rPzc2_t
MThwcW9mNWNm
storage.deliveryvip.com.br/_MY3C7Xswa9NzpfB1HNXYcp8AjCHCTbffV4xiPOWL3w/h:256/Z3M6Ly9kZWxpdmVy/eXZpcC9scHN6YnFz/NW83bG0ycjJnNWh3/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.deliveryvip.com.br/_MY3C7Xswa9NzpfB1HNXYcp8AjCHCTbffV4xiPOWL3w/h:256/Z3M6Ly9kZWxpdmVy/eXZpcC9scHN6YnFz/NW83bG0ycjJnNWh3/MThwcW9mNWNm
Requested by
Host: forno320.deliveryvip.app
URL: https://forno320.deliveryvip.app/menu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8a00:19:790d:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgproxy /
Resource Hash
1f5ba434ddae624193befbafe7f6e04eec35e4d2fb089914644cbb027a8cf61f
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Tue, 06 Aug 2024 21:16:53 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server
imgproxy
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public
content-disposition
inline; filename="lpszbqs5o7lm2r2g5hw18pqof5cf.jpg"
sozu-id
01J4MRTM3PSY9277Y145339GC4
content-length
17228
x-amz-cf-id
7Cgx-lLKbe6qKakOMWfvu377-zFHGizAMU7SQUovAvh9TRZH1SifsA==
x-request-id
AMZh6sdO5MZ3ntooF060V
Z2l0djd6czBh
storage.deliveryvip.com.br/fxQQ-t0JTL98-mlumuqrSKRCDSWxDHc7aqk7yjsRBno/h:256/Z3M6Ly9kZWxpdmVy/eXZpcC80MXJjcGFt/cTg1NXNlbmJsZW5r/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.deliveryvip.com.br/fxQQ-t0JTL98-mlumuqrSKRCDSWxDHc7aqk7yjsRBno/h:256/Z3M6Ly9kZWxpdmVy/eXZpcC80MXJjcGFt/cTg1NXNlbmJsZW5r/Z2l0djd6czBh
Requested by
Host: forno320.deliveryvip.app
URL: https://forno320.deliveryvip.app/menu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8a00:19:790d:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgproxy /
Resource Hash
90112c4797e93185932bb28d7bc5b05fcb4384690984f747705918eca3a7b3c3
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Tue, 06 Aug 2024 21:16:53 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server
imgproxy
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public
content-disposition
inline; filename="41rcpamq855senblenkgitv7zs0a.jpg"
sozu-id
01J4MRTM34632JVF6PFJNPCBS9
content-length
21861
x-amz-cf-id
gWb6a7J6LhdByj_TsHeqWVuWcAXcRy9mN_jji5afG5Az-3JfiD1w0g==
x-request-id
2qhWt56KpcWqjm4yNkfWw
NWxlZm42dWJs
storage.deliveryvip.com.br/9KkPEwM9glXcnyjpMpW-ghruz47ZtZRUuUI6TaAjxYQ/h:256/Z3M6Ly9kZWxpdmVy/eXZpcC9oMHFvbXZk/dzhnZGZ3MXF2a2dt/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.deliveryvip.com.br/9KkPEwM9glXcnyjpMpW-ghruz47ZtZRUuUI6TaAjxYQ/h:256/Z3M6Ly9kZWxpdmVy/eXZpcC9oMHFvbXZk/dzhnZGZ3MXF2a2dt/NWxlZm42dWJs
Requested by
Host: forno320.deliveryvip.app
URL: https://forno320.deliveryvip.app/menu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8a00:19:790d:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgproxy /
Resource Hash
1a00b0ae4ffa542229b64b172441e7c21e6cec222a9463cf3614c090dabe5893
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Tue, 06 Aug 2024 21:16:53 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server
imgproxy
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, public
content-disposition
inline; filename="h0qomvdw8gdfw1qvkgm5lefn6ubl.jpg"
sozu-id
01J4MRTM35T5F5P6EGXSQG95SG
content-length
22630
x-amz-cf-id
lApBg9ho03Cx5lIs-mskfDd3PrGLsgBxMGE1Eg7WDrqjGqPCylmdDA==
x-request-id
h9as-A13bzawaJYe7lLVY
MjdzZDBxY3I5
storage.deliveryvip.com.br/8MZJz0Mi7LJevnF7BYubp68-QZ3P3BxGqrf8qiLbMXo/s:32:32/Z3M6Ly9kZWxpdmVy/eXZpcC9qNGt0Z3Ay/Zzh0OXU4cGR0d2Vz/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://storage.deliveryvip.com.br/8MZJz0Mi7LJevnF7BYubp68-QZ3P3BxGqrf8qiLbMXo/s:32:32/Z3M6Ly9kZWxpdmVy/eXZpcC9qNGt0Z3Ay/Zzh0OXU4cGR0d2Vz/MjdzZDBxY3I5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8a00:19:790d:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgproxy /
Resource Hash
f98e053dab39dbd7d448e2709d4a23d56664419976b91148c9abc871b2a42571
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://forno320.deliveryvip.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'
date
Tue, 06 Aug 2024 21:16:57 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server
imgproxy
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=604800, public
content-disposition
inline; filename="j4ktgp2g8t9u8pdtwes27sd0qcr9.png"
sozu-id
01J4MRTNFNR06HTXWNTB0V9PVC
content-length
2799
x-amz-cf-id
dzubY1Ul-KqsWVj4WWPEsLyfECXP3QgMLrSFKTicPt1RTJrloJBe3g==
x-request-id
fm6LlEgxiNcKym-E6qKsU

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| vapidPublicKey function| fbq function| _fbq object| Turbo object| Stimulus function| flatpickr function| Cleave function| IMask object| L object| Components object| Alpine

4 Cookies

Domain/Path Name / Value
forno320.deliveryvip.app/ Name: _deliveryvip_bag_id
Value: XK9lpwZLkQmc3dAHU0IeIgFXhG81vjP12NpPECyH7NtqawEYcJX5OGviEyUKNXVEAk5rXU8eFcIy5uRVzsfPwsjvUF6vIIJodsiD9bw5mwea%2BSYSFnwK9RwXqthUe%2F1TKUO4MRPEylufN76lcQs6GTWRyqcmhmAOOyvOhsJlmnvZvxP%2BtagxHQOzTlPoX8IqfQ%3D%3D--vsTx5hde9IQKBLKT--An0%2B%2BOKqiVWc5pRTs3tb4g%3D%3D
.deliveryvip.app/ Name: _fbp
Value: fb.1.1722979012304.462151651471716898
.deliveryvip.app/ Name: _deliveryvip_session
Value: wnzvXII9oz1e%2BAb8Zrzh0CaGykyo0oUxsulPl7kNX4LgcZyIPTjLGBGlgvJuRZbpYb2DdqlfLBmGXAqPUo0EajOrHgWihGJc8RsygS1OnM6m2bpgopMBHFmTlOmstXr%2BtbV4X7JBtLvBocwCSExMH6XpLa0Rh4T%2FmV%2FuZIMcFJdSqOK13lfB0wRbiUsNvUgzGROmYcr9UPWVv3hemu2WhT9kBk%2BjIniVBZJujGlNGOd5HkjRYQQAFv68vhJ8Tg7lT4dgzy4PfkHtsn4fnZf9iQLjLDrONIsG7%2FoDJ2gJRVyQL3r%2FfsGbRw4WoD6MzI8E%2BxZ2oeujUuhXYmGd5434T4%2FwuNoVzfVP4abWvlVm6VUrDbl38eEveaGlyas0AZieQyvtucRh%2Bp3BAO5gO6%2FtzSNxxX3tLbxBhQ1rwEaljavNMuvAiS1l%2BVVVv3Yc%2FzofVgG60LIHW8YUD5GTcNuShLvwySyvFAfOCIVTsuKvlclsawhDQBHBmlaEPr50BS077N0%3D--J%2BuwNXGgO7n2gy8q--SAdpuJEMNvZmdOBnbxEB5A%3D%3D
forno320.deliveryvip.app/ Name: X-Clever-Cloud-Sticky-Id
Value: um_k7mf9rvugoyrvoocfgq

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.deliveryvip.com.br
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forno320.deliveryvip.app
storage.deliveryvip.com.br
unpkg.com
www.facebook.com
www.googletagmanager.com
137.66.28.116
2600:9000:211e:8a00:19:790d:bd40:93a1
2600:9000:2761:f000:11:4350:c9c0:93a1
2606:4700::6811:f8cb
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:81c::200a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
0515123096eee96c4c521b6143fdbf04339584696feeb17e595148bc20c5497e
15d935bde05db5b4efa779d88302e8a4161ce6511a951fe793ec588c8f4808d7
1a00b0ae4ffa542229b64b172441e7c21e6cec222a9463cf3614c090dabe5893
1f5ba434ddae624193befbafe7f6e04eec35e4d2fb089914644cbb027a8cf61f
2ffbaef48da85f76d5b0e66a0527284c72a6414b0629c93e6e98d43b4cdbb491
37f277aafcd78bad38a78ca60ec3b18609f2de4d75b327235d88a0c9d56ad01a
4841d71a35129c722450dfd596703bc71ee4fa59203f525f23241ddaf8205d15
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
6fb45bff7f4d330afe856b8cc526813f1584c425b85453a25544debbc19c71d3
79155e68d5ff69def53926aa4a33846c5a985b1e01f830ef76d066057be50737
90112c4797e93185932bb28d7bc5b05fcb4384690984f747705918eca3a7b3c3
917b2616feb94ae7cdcebdb1ec6a9ee7277e3e276965a9dd7539069d8e42ec9a
961d87ffb15dd3b91657d206878996dc07f444c5b19b1e7ef4c8897f64bdfa0a
a0d91c879f66a2f877607b01b1f2a193d6fdf41c41ac4c53bb160e93722bf6e6
aa2e5d4b1ff73bc2bdfcd1b665b8b026bfa20d7766800e09f05124a4056f296f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac30d0d56aefcbe1e8726f629af1d085d5a0c2e6621b4f0b64354b03548909ef
acc01737479aa2ca13ff0ee2cc542eb5a692bd03bb4e40f7e19deacc2371bc55
b00fb35804db16f78b2cda963b682d8b0dc72ff961d60898fc89dfd41274cf5e
c17689b9e1e5819d6b4404f1f8c86521eaa2ce70c45e6c8b0b04f425b1edf792
cc091896a0e5a3962da1a5298a91502977e8a1be6a7d663ea1b6ad056d1707fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f98e053dab39dbd7d448e2709d4a23d56664419976b91148c9abc871b2a42571
fb121c45f498cba0f88de6e2235d95cf3307bb9ed5376f6a793b8253a520592f
fb928e3fa659cea346fa382666b08e990ba06cf5ad680d57f683bec22da06dea