urlscan.io logo urlscan.io
SecurityTrails logo

allya.com.br Open in urlscan Pro
100.25.7.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.rdsv1.net/ls/click?upn=DpBgwkrMTDgV74bQ6ISrvFkgO14kf2kTiEJsjbpZHxuRo6aR1YiDthp9olOrYFaVqHmpr0l2OqS9zDrwA9T...
Effective URL: https://allya.com.br/entrar?cl=true
Submission: On March 30 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 2 countries across 22 domains to perform 104 HTTP transactions. The main IP is 100.25.7.99, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is allya.com.br.
TLS certificate: Issued by Amazon on July 23rd 2021. Valid for: a year.
This is the only time allya.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:205... 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
8 2600:9000:205... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 3.5.8.158 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 205.234.175.175 23352 (SERVERCEN...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 65.9.66.123 16509 (AMAZON-02)
2 142.250.185.66 15169 (GOOGLE)
4 2a03:2880:f01... 32934 (FACEBOOK)
2 108.157.4.86 16509 (AMAZON-02)
5 2a03:2880:f12... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
1 3.95.4.183 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 143.204.215.95 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 99.86.7.67 16509 (AMAZON-02)
8 99.86.7.54 16509 (AMAZON-02)
2 75.2.88.188 16509 (AMAZON-02)
33 100.25.7.99 14618 (AMAZON-AES)
1 2a00:1450:400... ()
1 54.73.183.234 ()
104 26
1    2600:9000:2057:a00:15:a17c:2c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
t.rdsv1.net
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
allyaapp.page.link
8    2600:9000:2057:7c00:11:2c62:7a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
admin.allya.com.br
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
www.google-analytics.com
3    3.5.8.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3.us-east-1.amazonaws.com
allya-images.s3.us-east-1.amazonaws.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
3    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    205.234.175.175 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
cdn.ckeditor.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    65.9.66.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-123.fra56.r.cloudfront.net
static.hotjar.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    108.157.4.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-86.dus51.r.cloudfront.net
script.hotjar.com
5    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    3.95.4.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-4-183.compute-1.amazonaws.com
backend.prd.allya.com.br
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    143.204.215.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-95.fra53.r.cloudfront.net
vars.hotjar.com
3    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    99.86.7.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-67.fra6.r.cloudfront.net
widget.intercom.io
8    99.86.7.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-54.fra6.r.cloudfront.net
js.intercomcdn.com
2    75.2.88.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
33    100.25.7.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-7-99.compute-1.amazonaws.com
allya.com.br
1    2a00:1450:400c:c01::9b (None, )

ASN- ()
stats.g.doubleclick.net
1    54.73.183.234 (None, )

ASN- ()
in.hotjar.com
Apex Domain
Subdomains		 Transfer
42 allya.com.br
admin.allya.com.br
backend.prd.allya.com.br
allya.com.br
8 MB
8 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2414
274 KB
7 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 624
script.hotjar.com — Cisco Umbrella Rank: 958
vars.hotjar.com — Cisco Umbrella Rank: 1008
in.hotjar.com
134 KB
5 gstatic.com
fonts.gstatic.com
58 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
652 B
5 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 357
fonts.googleapis.com — Cisco Umbrella Rank: 45
57 KB
4 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2404
api-iam.intercom.io — Cisco Umbrella Rank: 2819
5 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 136
227 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 7
675 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
stats.g.doubleclick.net
3 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 229
44 KB
3 amazonaws.com
allya-images.s3.us-east-1.amazonaws.com
173 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 105
30 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
151 KB
2 ckeditor.com
cdn.ckeditor.com — Cisco Umbrella Rank: 20659
209 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5640
548 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 694
11 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1445
38 KB
1 page.link
allyaapp.page.link
1 KB
1 rdsv1.net
t.rdsv1.net — Cisco Umbrella Rank: 257978
380 B
0 hotjar.io Failed
vc.hotjar.io Failed
104 22
Domain Requested by
33 allya.com.br admin.allya.com.br
allya.com.br
8 js.intercomcdn.com widget.intercom.io
js.intercomcdn.com
8 admin.allya.com.br admin.allya.com.br
5 fonts.gstatic.com fonts.googleapis.com
allya.com.br
5 www.facebook.com admin.allya.com.br
allya.com.br
4 connect.facebook.net admin.allya.com.br
connect.facebook.net
3 www.google.com admin.allya.com.br
allya.com.br
3 fonts.googleapis.com admin.allya.com.br
3 cdnjs.cloudflare.com admin.allya.com.br
allya.com.br
3 allya-images.s3.us-east-1.amazonaws.com admin.allya.com.br
2 www.google-analytics.com www.googletagmanager.com
admin.allya.com.br
2 api-iam.intercom.io js.intercomcdn.com
2 widget.intercom.io 2 redirects
2 vars.hotjar.com static.hotjar.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 script.hotjar.com static.hotjar.com
2 www.googleadservices.com www.googletagmanager.com
2 static.hotjar.com www.googletagmanager.com
2 www.googletagmanager.com admin.allya.com.br
allya.com.br
2 cdn.ckeditor.com admin.allya.com.br
2 maps.googleapis.com admin.allya.com.br
1 in.hotjar.com admin.allya.com.br
1 stats.g.doubleclick.net admin.allya.com.br
1 www.google.de admin.allya.com.br
allya.com.br
1 backend.prd.allya.com.br admin.allya.com.br
1 maxcdn.bootstrapcdn.com admin.allya.com.br
1 www.googleoptimize.com admin.allya.com.br
1 allyaapp.page.link 1 redirects
1 t.rdsv1.net 1 redirects
0 vc.hotjar.io Failed admin.allya.com.br
104 30

This site contains links to these domains. Also see Links.

Domain
privacidade.allya.com.br
Subject Issuer Validity Valid
allya.com.br
Amazon		 2021-07-23 -
2022-08-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
cdn.ckeditor.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-14 -
2023-04-14		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-06 -
2022-04-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.intercomcdn.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh
*.intercom.com
Amazon		 2022-03-16 -
2023-04-14		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://allya.com.br/entrar?cl=true
Frame ID: 01FCB41DC7A943F9D42FD19846E7FBA1
Requests: 94 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 96C68D72E7BF2C56A866221B3E29A975
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.4def396d.js
Frame ID: F0089804EF0996C9908AC3FC89EF98B0
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: DCD9D1FB50FE5B6F5B5ED85A7D2AFBC8
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.4def396d.js
Frame ID: 98AF5E3657922AC1AA67802F744DCC87
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Entrar | Allya – Faz seu salário render mais para alcançar seus objetivos

Page URL History Show full URLs

  1. https://t.rdsv1.net/ls/click?upn=DpBgwkrMTDgV74bQ6ISrvFkgO14kf2kTiEJsjbpZHxuRo6aR1YiDthp9olOrYFa... HTTP 302
    https://allyaapp.page.link/sortAmericanas-1Voucher-Pascoa?utm_campaign=20220329_-_campanha_de_pascoa_-_... HTTP 302
    https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_c... Page URL
  2. https://allya.com.br/entrar?cl=true Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

104
Requests

95 %
HTTPS

57 %
IPv6

22
Domains

30
Subdomains

26
IPs

2
Countries

9978 kB
Transfer

13252 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.rdsv1.net/ls/click?upn=DpBgwkrMTDgV74bQ6ISrvFkgO14kf2kTiEJsjbpZHxuRo6aR1YiDthp9olOrYFaVqHmpr0l2OqS9zDrwA9TJiM3UbRLkv-2BJ-2BmJk7f6G9BTBQWth6Jdk-2FCXSX2JweTlZi9pG43W8VNzTfdx86Vh0vrhOAeVAIzdvkt-2BgbEEH9o0OrhYjVNDTTXwYS7NyEWFRYtEtuy-2FpMHUAn-2BEOxw4g7L-2FQ5mVdzCbNU7gp3EozIXV-2F6Hr1fLzormCDWIhsdwaS8-ZBS_MKhzyortyT3Zlyvj8PRAFpDtuyYMzrE9MFYJsh6SPTZuxQkTGzmShfOnk3ri1OTlCZVSWrY0cH0TMM-2B61MEqEz6RNkrf2Z3nmgqpqgl5iQqMmjhqU7LqIGXyzw14-2Bfds1Wpq3r62vRInut1mrRR3qEukq4ZyBSE49Fx-2BSPU3Gi94xZfQ-2BbHfU9-2BF7vkYbr7WNRXdUlvMi-2BzdVQ814JfogZmv1aKt6gCZZfZvcqUtRLeVne1rACKyMdw-2F4UHtZ5CGLy8TXpZYeyG7izN0hrg488aD6M2GCWCHHoE1BSVSF1tJx-2FxSnfaP2BQJbCWnu5dUxbVhm3OHTaqw6dPC1KH6j1QhWCAc-2Bw1L2Ely59VmiVt8lsxrbcvA9TJdqYn818KIjDwEjZ2bqiW1SFfPsF84GYDfL5FPHGub6Ng5QPe1zkqB07kwef18R8n29aACZsQ-2F5280IZKWHnYqCTJlz7OJb0m1DtIIAztAb7rjxbyzCUWHlPZMlBW2ove-2FZjOh1seYFamOY-2BIUVA3-2BwHEoooN16M7vcrcut6ez-2F-2BAaL66ptlUk25ACO2-2BowxdsOHlERbbuHu30r-2BzafX8QjQxcvkb-2BVfWm5IqF8zrJtrpbr2P5cQ4pFhdhWaclybQCzFa-2Fck-2FJdLx81jg-2FqUvgpllr2ke7EYjtNzZozR2yteahGwtc2gPCAILxryU4qO3-2BdZml9kBf89mbkniyosjqvnBQolzPuz85qUx23SmTHLW1EBq3qTg-3D HTTP 302
    https://allyaapp.page.link/sortAmericanas-1Voucher-Pascoa?utm_campaign=20220329_-_campanha_de_pascoa_-_nao_ativos_-_sorteio_-_posicao_a&utm_medium=email&utm_source=RD+Station HTTP 302
    https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e Page URL
  2. https://allya.com.br/entrar?cl=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://t.rdsv1.net/ls/click?upn=DpBgwkrMTDgV74bQ6ISrvFkgO14kf2kTiEJsjbpZHxuRo6aR1YiDthp9olOrYFaVqHmpr0l2OqS9zDrwA9TJiM3UbRLkv-2BJ-2BmJk7f6G9BTBQWth6Jdk-2FCXSX2JweTlZi9pG43W8VNzTfdx86Vh0vrhOAeVAIzdvkt-2BgbEEH9o0OrhYjVNDTTXwYS7NyEWFRYtEtuy-2FpMHUAn-2BEOxw4g7L-2FQ5mVdzCbNU7gp3EozIXV-2F6Hr1fLzormCDWIhsdwaS8-ZBS_MKhzyortyT3Zlyvj8PRAFpDtuyYMzrE9MFYJsh6SPTZuxQkTGzmShfOnk3ri1OTlCZVSWrY0cH0TMM-2B61MEqEz6RNkrf2Z3nmgqpqgl5iQqMmjhqU7LqIGXyzw14-2Bfds1Wpq3r62vRInut1mrRR3qEukq4ZyBSE49Fx-2BSPU3Gi94xZfQ-2BbHfU9-2BF7vkYbr7WNRXdUlvMi-2BzdVQ814JfogZmv1aKt6gCZZfZvcqUtRLeVne1rACKyMdw-2F4UHtZ5CGLy8TXpZYeyG7izN0hrg488aD6M2GCWCHHoE1BSVSF1tJx-2FxSnfaP2BQJbCWnu5dUxbVhm3OHTaqw6dPC1KH6j1QhWCAc-2Bw1L2Ely59VmiVt8lsxrbcvA9TJdqYn818KIjDwEjZ2bqiW1SFfPsF84GYDfL5FPHGub6Ng5QPe1zkqB07kwef18R8n29aACZsQ-2F5280IZKWHnYqCTJlz7OJb0m1DtIIAztAb7rjxbyzCUWHlPZMlBW2ove-2FZjOh1seYFamOY-2BIUVA3-2BwHEoooN16M7vcrcut6ez-2F-2BAaL66ptlUk25ACO2-2BowxdsOHlERbbuHu30r-2BzafX8QjQxcvkb-2BVfWm5IqF8zrJtrpbr2P5cQ4pFhdhWaclybQCzFa-2Fck-2FJdLx81jg-2FqUvgpllr2ke7EYjtNzZozR2yteahGwtc2gPCAILxryU4qO3-2BdZml9kBf89mbkniyosjqvnBQolzPuz85qUx23SmTHLW1EBq3qTg-3D HTTP 302
  • https://allyaapp.page.link/sortAmericanas-1Voucher-Pascoa?utm_campaign=20220329_-_campanha_de_pascoa_-_nao_ativos_-_sorteio_-_posicao_a&utm_medium=email&utm_source=RD+Station HTTP 302
  • https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Request Chain 37
  • https://widget.intercom.io/widget/yb62gvp9 HTTP 302
  • https://js.intercomcdn.com/shim.latest.js
Request Chain 97
  • https://widget.intercom.io/widget/yb62gvp9 HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

104 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
oferta29blackfriday2021
admin.allya.com.br/parceiro/
Redirect Chain
  • https://t.rdsv1.net/ls/click?upn=DpBgwkrMTDgV74bQ6ISrvFkgO14kf2kTiEJsjbpZHxuRo6aR1YiDthp9olOrYFaVqHmpr0l2OqS9zDrwA9TJiM3UbRLkv-2BJ-2BmJk7f6G9BTBQWth6Jdk-2FCXSX2JweTlZi9pG43W8VNzTfdx86Vh0vrhOAeVAIzd...
  • https://allyaapp.page.link/sortAmericanas-1Voucher-Pascoa?utm_campaign=20220329_-_campanha_de_pascoa_-_nao_ativos_-_sorteio_-_posicao_a&utm_medium=email&utm_source=RD+Station
  • https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parce...
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:11:2c62:7a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f830b7ba8379f8edfdcec06ea3b6fc98185fb9530c7f3ede100cfbc906c1d4d

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
480
content-length
4084
content-type
text/html
date
Wed, 30 Mar 2022 14:12:01 GMT
etag
"d425e5b5f9829b68e3890d0afc92c4aa"
last-modified
Thu, 17 Mar 2022 19:20:18 GMT
server
AmazonS3
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-cf-id
5xooESDUqT2XDAbYyTkIfihlGaCgP8RclT7b1aZxouoSWcxypmqwow==
x-amz-cf-pop
FRA6-C1
x-amz-version-id
GlIMZUFsdYzE2T4VGiz0o4jiqO76HaIs
x-cache
Error from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
script-src 'report-sample' 'nonce-cMzxL/lORH3s0qPxB9q2yg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-cMzxL/lORH3s0qPxB9q2yg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
content-type
application/binary
cross-origin-opener-policy
unsafe-none; report-to="DurableDeepLinkUi"
cross-origin-resource-policy
same-site
date
Wed, 30 Mar 2022 14:12:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
pragma
no-cache
report-to
{"group":"DurableDeepLinkUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/DurableDeepLinkUi/external"}]}
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
optimize.js
www.googleoptimize.com/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-K9Z9M56
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b95313944eb4ed4e731e9043093a22cc7639886d17e51bb316326d437c9c2c48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:01 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38281
x-xss-protection
0
expires
Wed, 30 Mar 2022 14:12:01 GMT
bootstrap.min.css
allya-images.s3.us-east-1.amazonaws.com/i/libs/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://allya-images.s3.us-east-1.amazonaws.com/i/libs/bootstrap.min.css
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.8.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3.us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 14:12:03 GMT
Last-Modified
Thu, 02 Sep 2021 10:30:27 GMT
Server
AmazonS3
x-amz-request-id
V94S4DKF83PBD2FF
ETag
"ec3bb52a00e176a7181d454dffaea219"
Content-Type
text/css
x-amz-version-id
V6oRakC8jlnWCI7Hpr8SN8XWSJGteSSY
Accept-Ranges
bytes
Content-Length
121200
x-amz-id-2
2lYyf3JttgTpK6meme6UrWFjepxsbV75wVjfs+bAbvcy5+YTmljcVAvRTMFTqU754V3SGRR89WYfmARR8FTBCQ==
bootstrap-theme.min.css
allya-images.s3.us-east-1.amazonaws.com/i/libs/ 		23 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://allya-images.s3.us-east-1.amazonaws.com/i/libs/bootstrap-theme.min.css
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.8.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3.us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 14:12:03 GMT
Last-Modified
Thu, 02 Sep 2021 10:30:30 GMT
Server
AmazonS3
x-amz-request-id
V94YFS58PXB3WT8G
ETag
"ab6b02efeaf178e0247b9504051472fb"
Content-Type
text/css
x-amz-version-id
d6VQgc1O2rpOKOS6wN8Xomc003TCNaDK
Accept-Ranges
bytes
Content-Length
23409
x-amz-id-2
0JWe25BVgOP9X4k4YYB7z5QL37gI8i7reYRtKrLDuGpeQyOhv5qVEaRwukWXWeZM84IzxLWHA7zrXxPXsxcRCQ==
font-awesome.min.css
allya-images.s3.us-east-1.amazonaws.com/i/libs/ 		30 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://allya-images.s3.us-east-1.amazonaws.com/i/libs/font-awesome.min.css
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.8.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3.us-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 14:12:03 GMT
Last-Modified
Thu, 02 Sep 2021 10:30:29 GMT
Server
AmazonS3
x-amz-request-id
V94VAPA83BTEAGA2
ETag
"269550530cc127b6aa5a35925a7de6ce"
Content-Type
text/css
x-amz-version-id
v4xOwQkh6xDB9dYK3UkD0OsH1AFKi8mX
Accept-Ranges
bytes
Content-Length
31000
x-amz-id-2
HnT/DdEKtrrVNUnTWuZ7N2fAstdaVYttknJl1tWMbhcKLBbElLMv3JR40jE9il3QeD0vuTiU/Xy0IgD+E6qp/g==
styles.43400c3e1a36d15dc132.css
admin.allya.com.br/ 		230 KB
231 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://admin.allya.com.br/styles.43400c3e1a36d15dc132.css
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:11:2c62:7a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e73ba1b890bb9c26cc4a6be69e3189263e22c1add9fa4773a644365867a231fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
FXHXmtA5m2dPS2EdAUgvAp6TAsDnh4AG
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
last-modified
Thu, 17 Mar 2022 19:20:18 GMT
server
AmazonS3
age
6259
etag
"706be3c2eaacac10c77e54b4cda8b53a"
x-cache
Hit from cloudfront
content-type
text/css
date
Wed, 30 Mar 2022 14:12:01 GMT
x-amz-cf-pop
FRA6-C1
content-length
235499
x-amz-cf-id
8IBzgP6S0J5UaQ7ciP8s7j0z6Uig3MLPnWdm6MBVtAGyQXxoufkmWQ==
logo_allya.gif
admin.allya.com.br/assets/icon/ 		167 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://admin.allya.com.br/assets/icon/logo_allya.gif
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:11:2c62:7a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb46283379ed4798012e54e9f6c7e729f0518469795ec33f5ed58d6929756c0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
t_xrVVwa10RT5MBYwfe3RBcK1M86HWlI
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
last-modified
Thu, 17 Mar 2022 19:20:17 GMT
server
AmazonS3
age
479
etag
"a792c5c85965679be47bf8b20780456e"
x-cache
Hit from cloudfront
content-type
image/gif
date
Wed, 30 Mar 2022 14:12:01 GMT
x-amz-cf-pop
FRA6-C1
content-length
171195
x-amz-cf-id
ZDwP6cw1TVsgJYQj3wci9QS0FV_QcToQB48SenvtIMG_C-JvQ8KDtg==
js
maps.googleapis.com/maps/api/ 		165 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyC1W67X6lTuNDpjP-4JqdSu6570k95LSmg&libraries=places&language=br
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
37800efc7412f42c28d078ccec90dc3e54a0da449406c92ca01ec2d72ab7a9b1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:01 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=25
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55208
x-xss-protection
0
expires
Wed, 30 Mar 2022 14:42:01 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
504697
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27198
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1514f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qt4%2BkuC%2B086fn6YVrarQEUlMbo5ku5QzbhOWGfsNmOSSX3sv2ZKNJNjbRbcsdD3%2FqfOpJmKbjpJ4jhxiAdOU2ydLQsUO24XHVwHdkeg%2FnyJETdddcorBSSU8S4GmCZwRmBSvMoTMgyFbjX4nJrzCJ%2Bfs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f4170151ff090d6-FRA
expires
Mon, 20 Mar 2023 14:12:01 GMT
ckeditor.js
cdn.ckeditor.com/4.13.1/full/ 		701 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ckeditor.com/4.13.1/full/ckeditor.js
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
69f45defbd5b9c2e828a9bced0e31b6ba634a783d0d4e67b8470e7471c9d585e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cf3
H
cf4ttl
604800.000
x-cf1
28810:fA.cdg1:co:1644406769:cacheB.cdg1-01:M
content-length
212938
x-xss-protection
1; mode=block
x-cf-tsc
1648590157
x-cf2
H
x-frame-options
sameorigin
last-modified
Mon, 09 Dec 2019 12:30:24 GMT
server
CFS 0215
x-cff
B
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800, public
cf4age
6725
accept-ranges
bytes
expires
Tue, 05 Apr 2022 19:50:31 GMT
plugin.js
cdn.ckeditor.com/4.13.1/full-all/plugins/divarea/ 		618 B
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ckeditor.com/4.13.1/full-all/plugins/divarea/plugin.js
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
a12529682c90b74833f056038a4a30f33886a81cbffe53584b72c0e849af4f87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cf3
H
cf4ttl
604800.000
x-cf1
28810:fA.cdg1:co:1644406769:cacheB.cdg1-01:M
content-length
429
x-xss-protection
1; mode=block
x-cf-tsc
1648649521
x-cf2
M
x-frame-options
sameorigin
last-modified
Mon, 09 Dec 2019 12:11:13 GMT
server
CFS 0215
x-cff
B
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800, public
cf4age
7055
accept-ranges
bytes
x-cf-rand
4.033
expires
Tue, 05 Apr 2022 18:50:16 GMT
cropper.js
cdnjs.cloudflare.com/ajax/libs/cropper/3.1.3/ 		85 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cropper/3.1.3/cropper.js
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d81c95f790f61abd4324921ff3e9a36013fe92222a617b14f227b455ce29af
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
41757
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15578
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-1528d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6zG%2FKY9f%2FuiuZrGgwtyC8DSSVjsSrnyjqdHsQCdWbHpDOiXAAiGVv6sTeySrEjIfkLTHohHVRcQkIocZUd7GoEwVN55TxkGv0TA0LyIau9jP6CRNwcbxl1QhmN9ZXqVzZ7LGCb0iGJpaz%2FycvkhwixK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f4170151ff990d6-FRA
expires
Mon, 20 Mar 2023 14:12:01 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://admin.allya.com.br/
Origin
https://admin.allya.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
863
age
168098
cdn-cachedat
03/10/2022 17:25:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"5869c96cc8f19086aee625d670d741f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e343d7151d53a961543a01dda41ab632
cf-ray
6f4170151f199a1e-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
runtime.80ab492fe3d778817936.js
admin.allya.com.br/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.allya.com.br/runtime.80ab492fe3d778817936.js
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:11:2c62:7a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb3d5f2600910179bef8b0709214b7c721ea66e92ebb35bc282264beb2631eaf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
COXY2_SADldjtUarnCOzkQ7PO0ESGJY8
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
last-modified
Thu, 17 Mar 2022 19:20:18 GMT
server
AmazonS3
age
479
etag
"cd1ce3e306bf57f272364d1cc0249d6e"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Wed, 30 Mar 2022 14:12:01 GMT
x-amz-cf-pop
FRA6-C1
content-length
1440
x-amz-cf-id
QeWeJnrkuYshjerSP_O37gONcpa9ZiGwFNyX_36MK1iDuy1JGNA12A==
polyfills.d9dbb0903c41e987a9f8.js
admin.allya.com.br/ 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.allya.com.br/polyfills.d9dbb0903c41e987a9f8.js
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:11:2c62:7a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62ef151e5e8360afdaa48ca5a5fa56c85fb5e8bfc2917dacba14b94b61731557

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
GK5sAVVGzKTObVS6_4zDszsBJmL9IVey
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
last-modified
Thu, 17 Mar 2022 19:20:18 GMT
server
AmazonS3
age
6259
etag
"566c33fcd3c2bf7c26de508041b6daa5"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Wed, 30 Mar 2022 14:12:01 GMT
x-amz-cf-pop
FRA6-C1
content-length
41905
x-amz-cf-id
V_cQ_qFM-rpwJhYmrtl150QW-sJTche0DrQTf30bA3S8me1sP7Cm3A==
scripts.9a2d9d0798bb569bd775.js
admin.allya.com.br/ 		74 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.allya.com.br/scripts.9a2d9d0798bb569bd775.js
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:11:2c62:7a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
587e779c445acf504e90401d44ca643fa3b4f8ef0666b988764165f51da667e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
JwgXMkrIHy8UmE0Vf.JhH3XXwbYkbuYg
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
last-modified
Thu, 17 Mar 2022 19:20:18 GMT
server
AmazonS3
age
1014
etag
"e5ab744db037610c12979a66ac410edf"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Wed, 30 Mar 2022 14:12:01 GMT
x-amz-cf-pop
FRA6-C1
content-length
75513
x-amz-cf-id
Khim0Fq_UXygBC4Qr59NRNRA1cmglFljjW23lee6kUj58V5If6SZtQ==
main.538115b5af0a3d6cf973.js
admin.allya.com.br/ 		6 MB
6 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://admin.allya.com.br/main.538115b5af0a3d6cf973.js
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:11:2c62:7a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9ab61ff110c8d65db5a7843cf7cdfa3beb47266230cd250eee7b307c1d22c44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
NKkvQwlHDX9kV334ciFP26aR28zAPIq2
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
last-modified
Thu, 17 Mar 2022 19:20:18 GMT
server
AmazonS3
age
1013
etag
"db54b2c598e10ab8a75989e54fd9c475"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Wed, 30 Mar 2022 14:12:01 GMT
x-amz-cf-pop
FRA6-C1
content-length
6471546
x-amz-cf-id
WBMujbBv8yp5Ot9CA2IqcLXItm_C7VZYuD3MlkUjpx9QWx4r7fJy_Q==
gtm.js
www.googletagmanager.com/ 		211 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-593V3FV
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f888b44f0a9c95e54746c2dd16237db16747c4f3247b243e6847de3f8e64b8d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73288
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Mar 2022 14:12:01 GMT
css
fonts.googleapis.com/ 		3 KB
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/styles.43400c3e1a36d15dc132.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d486a8e6af9a15ad009e9b489157d0af1cb90a45d0f23f7d7d3e9601bf7e79b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 12:25:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 30 Mar 2022 14:12:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Mar 2022 14:12:01 GMT
css
fonts.googleapis.com/ 		8 KB
787 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,900
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/styles.43400c3e1a36d15dc132.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
348911bf910507c101d13d5c936cd42532b3c87a95bf4b21e3e5525750405cc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 12:44:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 30 Mar 2022 14:12:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Mar 2022 14:12:01 GMT
css
fonts.googleapis.com/ 		4 KB
590 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Biryani:300,400,700,900
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/styles.43400c3e1a36d15dc132.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1fbdaff1fadb96e5852483ce59a3470daa9db50b9173c8f00c12a0cba3678d8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 14:12:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 30 Mar 2022 14:12:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Mar 2022 14:12:01 GMT
hotjar-1754802.js
static.hotjar.com/c/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1754802.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-593V3FV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-123.fra56.r.cloudfront.net
Software
/
Resource Hash
baee53d57216fcd25d49651450531a60f5215ae4b5d62ef71ad5a9d9ccc00954
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:11:57 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
4
etag
W/d522435e9406625f02605125dca3cf10
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
E0glaGH3ezX7vMs60VPTX_zKVW2PtT9BPM5cTP1O7_zzVb5T3kM0Sw==
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-593V3FV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14883
x-xss-protection
0
server
cafe
etag
14534967036905587165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 14:12:03 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26320
x-xss-protection
0
pragma
public
x-fb-debug
lInebEhKl4E3P5/BsZBwFIq1X3rENcFpyqb5sY/unRhixnrZAkPJHp0AvHCd/eDnhYGd2ZGRsbGJaT4gVGf5nw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 30 Mar 2022 14:12:01 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.7d3f952308caf42c2b67.js
script.hotjar.com/ 		236 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1754802.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-86.dus51.r.cloudfront.net
Software
/
Resource Hash
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 09:02:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1746595
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63048
access-control-allow-origin
*
last-modified
Thu, 10 Mar 2022 09:01:33 GMT
etag
"2f5d47da7be4d107a04726029158797c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
JDasw331YdwKM13ulovcbaENb5pM4D1G2SGkSdOImgYgNKfLTXT5rg==
773785943191431
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/773785943191431?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab2dd1be6bf037bc1665671ffa76c41749bbdafc40b77c6e93d1ade22715983e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
9PpMM9e0PlHhhuXo5zjhjdilVVbSTFaJpyfT4jQHidgVq3Hlmzvzmsa/smZ4QxBum10CgDAUMU1c8FQNZUrzqA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 30 Mar 2022 14:12:01 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=773785943191431&ev=PageView&dl=https%3A%2F%2Fadmin.allya.com.br%2Fparceiro%2Foferta29blackfriday2021%3Futm_source%3Drdstation%26utm_medium%3Demail%26utm_campaign%3Dcampanha%3Apascoa%26utm_term%3Dlogo%3Asorteio-americanas-1-voucher-de-200%2C00%26utm_content%3Dparceiro%3Asorteio-americanas-1-voucher-de-200%2C00%3Fdeeplink%253Dallya%3A%2F%2Festablishment%3Fid%253D619569ebc4cdac001a6aa80e&rl=&if=false&ts=1648649521895&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.2.1648649521894.1541447391&it=1648649521751&coo=false&rqm=GET
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 30 Mar 2022 14:12:01 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://admin.allya.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 19:30:55 GMT
x-content-type-options
nosniff
age
585667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 19:30:55 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://admin.allya.com.br
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
en.json
admin.allya.com.br/assets/i18n/ 		24 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://admin.allya.com.br/assets/i18n/en.json
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7c00:11:2c62:7a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fe582c7d5c54f61be417fdce6530f09662298668e2b6334252bda401932f656

Request headers

Accept
application/json, text/plain, */*
Referer
https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-version-id
qriIcFsHi.lSBoPJ8ZSyrwBxPHqvL5Sy
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
last-modified
Thu, 17 Mar 2022 19:20:17 GMT
server
AmazonS3
age
1008
etag
"3bc73915d9d02909fea678b5ed823903"
x-cache
Hit from cloudfront
content-type
application/json
date
Wed, 30 Mar 2022 14:12:03 GMT
x-amz-cf-pop
FRA6-C1
content-length
24553
x-amz-cf-id
hV-69PTQoD2EyJVOT1M5gjLZOGhd5Z-mZvcjBn7o-ARKmrjiYJwCaA==
me
backend.prd.allya.com.br/api/customers/ 		1 KB
888 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://backend.prd.allya.com.br/api/customers/me
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.4.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-4-183.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://admin.allya.com.br/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
istio-envoy
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://admin.allya.com.br
access-control-allow-credentials
true
x-envoy-upstream-service-time
1534
strict-transport-security
max-age=0; includeSubDomains
vary
Origin, Accept-Encoding
x-xss-protection
0
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=773785943191431&ev=PageView&dl=https%3A%2F%2Fadmin.allya.com.br%2F&rl=&if=false&ts=1648649523628&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.2.1648649521894.1541447391&it=1648649521751&coo=false&rqm=GET
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 30 Mar 2022 14:12:03 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=773785943191431&ev=Microdata&dl=https%3A%2F%2Fadmin.allya.com.br%2F&rl=&if=false&ts=1648649523675&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Allya%20%E2%80%93%20Faz%20seu%20sal%C3%A1rio%20render%20mais%20para%20alcan%C3%A7ar%20seus%20objetivos%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=2&o=30&fbp=fb.2.1648649521894.1541447391&it=1648649521751&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 30 Mar 2022 14:12:03 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/741668715/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/741668715/?random=1648649523683&cv=9&fst=1648649523683&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fadmin.allya.com.br%2F&tiba=Allya%20%E2%80%93%20Faz%20seu%20sal%C3%A1rio%20render%20mais%20para%20alcan%C3%A7ar%20seus%20objetivos&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5a9430e2e9a2a24e80b0541d68f1781a75f9f3f74c57a15f97e35b6a3223496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 14:12:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1057
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame 96C6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1754802.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-95.fra53.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
4684797
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 04 Feb 2022 08:52:06 GMT
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
vary
Accept-Encoding
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amz-cf-id
lwr0Qx9g6x6kYro4lxfu1gzX9NSKpbXThOGcyi5knx0z4z8Xl-2dxQ==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-robots-tag
none
/
www.google.com/pagead/1p-user-list/741668715/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/741668715/?random=1648649523683&cv=9&fst=1648648800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&frm=0&url=https%3A%2F%2Fadmin.allya.com.br%2F&tiba=Allya%20%E2%80%93%20Faz%20seu%20sal%C3%A1rio%20render%20mais%20para%20alcan%C3%A7ar%20seus%20objetivos&async=1&fmt=3&is_vtc=1&random=2081806819&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 14:12:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/741668715/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/741668715/?random=1648649523683&cv=9&fst=1648648800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&frm=0&url=https%3A%2F%2Fadmin.allya.com.br%2F&tiba=Allya%20%E2%80%93%20Faz%20seu%20sal%C3%A1rio%20render%20mais%20para%20alcan%C3%A7ar%20seus%20objetivos&async=1&fmt=3&is_vtc=1&random=2081806819&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 14:12:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/yb62gvp9
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
99.86.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
730d10b1e2c6e4c2ec33accb70ae141dd56673d895b6a9963c59aa681f2fe3cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 30 Mar 2022 14:12:00 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 12:36:58 GMT
server
AmazonS3
age
4
etag
"1646526596e46a7339d97d8f341f7bb6"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
6063
x-amz-cf-id
Iqausjl42UvWkbytfnxn7QYzpzlbDSmFW3oeLVWlit2suT8OJ2Fk7A==

Redirect headers

date
Mon, 28 Mar 2022 15:30:57 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server
AmazonS3
age
168067
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
__KadowS5qi_Re7xP5VtU3Phryx2ML10zTxo7n4FriQUafW0NyMQPA==
frame-modern.4def396d.js
js.intercomcdn.com/ Frame F008 		306 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.4def396d.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/yb62gvp9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c0cec81f65602677e87e50aae2d57d6f5b5ff0d01ca33f774884f22ddaaad7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 30 Mar 2022 12:37:01 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 12:35:47 GMT
server
AmazonS3
age
5703
etag
"154ffd75d8654da2d19a736284bb2043"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
83446
x-amz-cf-id
zrDstpNA-I-ZuxXMJup9ZbqpEAj0zQtKOu_YHN3Kg014SRbRa7M66w==
vendor-modern.64c31b0b.js
js.intercomcdn.com/ Frame F008 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.64c31b0b.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/yb62gvp9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a23bcfb08426125f3f053292dbc4302322ef6df450f0c38544f951f327b0c63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 30 Mar 2022 13:40:50 GMT
content-encoding
gzip
last-modified
Tue, 29 Mar 2022 15:18:30 GMT
server
AmazonS3
age
1874
etag
"8bd66465868d5750823c7f8c52f9d622"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
42632
x-amz-cf-id
FyEIE25cYmzI2VQE1kwB1nhyDVbPUr-e5JH6Yko3QiAhuff88TRNUQ==
ping
api-iam.intercom.io/messenger/web/ Frame F008 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.4def396d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
31d2aa2d040fcb072c89c753fe04236df4110fdca02cba08f5326c6ec55b6e51
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 30 Mar 2022 14:12:04 GMT
content-encoding
gzip
x-ami-version
ami-07ecc2130003546fb
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept,Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
0006h22vc4ttrigekon0
x-runtime
0.313461
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"31d2aa2d040fcb072c89c753fe04236d"
x-ratelimit-remaining
13323
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://admin.allya.com.br
x-intercom-version
03b66a74766a7b87124c9c17b2c731ee08b98307
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1648649530
x-ratelimit-limit
13333
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
locale-pt-BR-json-modern.35ebcbd1.js
js.intercomcdn.com/ Frame F008 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/locale-pt-BR-json-modern.35ebcbd1.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.4def396d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fa274643f653e632ff2dd70329e2d681414fc1351232cc798bb402ce3499068

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 30 Mar 2022 13:19:08 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 08:34:58 GMT
server
AmazonS3
age
3266
etag
"822c5d6d4187c4a48638222c67a761a8"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
6248
x-amz-cf-id
HkmiYZ29IR4gfEm5r5RJh7MePPf5KnMIC2yA2qTtGClVskygS5fTAw==
Primary Request entrar
allya.com.br/ 		45 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/entrar?cl=true
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/main.538115b5af0a3d6cf973.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
32c6b204d65086cfdeeebb76b531944ab250ca53b89a330039df96ec05faca09
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.allya.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
content-type
text/html; charset=utf-8
date
Wed, 30 Mar 2022 14:12:06 GMT
etag
"b350-411ak/kg7pFXBEPzZJblUgAAZb8"
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
referrer-policy
same-origin
server
istio-envoy
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
53
x-frame-options
DENY
x-xss-protection
1; mode=block
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
504818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
382
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-50a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtIhHszbvcZ3bNoCAj4HaVRQZ%2FILyGBRVR8IiDdw%2FdS4DbfbaKxl%2FDv0DQp%2FV%2FvKv5v1Mo30nclmdroceHQQK0Sdf%2FM1qQSJH99ms9CzH4ieESVOf6ceV15s9u0H2ScO2HuZozaBVGyZ3lncPfNn1KHI"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f4170332e496983-FRA
expires
Mon, 20 Mar 2023 14:12:06 GMT
webpack-7b81223ac41da79fda52.js
allya.com.br/_next/static/chunks/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/webpack-7b81223ac41da79fda52.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
66b1f90dca7b3d760643043146b93f643fd72bdb663190cf46c57818114f3cba
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"8c2-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
framework-671952e1d5978969fc00.js
allya.com.br/_next/static/chunks/ 		128 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/framework-671952e1d5978969fc00.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
33827781eca745a783703a96a8640ea499e31ec7618124a85eed30240441371a
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
20
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"1ffe6-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
main-62f0f7b68f8978e2fb8a.js
allya.com.br/_next/static/chunks/ 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/main-62f0f7b68f8978e2fb8a.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
8ffe817f3139c637f27d07ccdb3bf312991c6fd3587f4d398fc45a4d0e5da927
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
32
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"125dd-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
_app-774b1f943b30bd87a16b.js
allya.com.br/_next/static/chunks/pages/ 		210 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/pages/_app-774b1f943b30bd87a16b.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
df023cc22ca0bc0feaa8727fc1872ff10338b6df3225b09ea056d3990cce0595
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
31
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"34972-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
c8eae200-0fab9aa114befb74b995.js
allya.com.br/_next/static/chunks/ 		622 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/c8eae200-0fab9aa114befb74b995.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
0e4c6a7e7c2064f2c5c3e99d90b0fe83a693bc6772c14815241d1050b45e34d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
27
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
622
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"26e-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
59b4e022-b2bcc04235958a6ce42e.js
allya.com.br/_next/static/chunks/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/59b4e022-b2bcc04235958a6ce42e.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
2d412f2051d75be196e4245793f0a854d033ad30e7e16bf4a43c2ae6a947abae
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
26
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"927-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
065a3ddb-e6e2112c5c835c7ce701.js
allya.com.br/_next/static/chunks/ 		818 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/065a3ddb-e6e2112c5c835c7ce701.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e8203338ca3d839c6eee828a2fea7a0ebb50d5788cce3b49b8f1decd537349b8
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
19
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
818
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"332-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
e1efa4cc-9315b8f8f8ff1662c5a1.js
allya.com.br/_next/static/chunks/ 		522 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/e1efa4cc-9315b8f8f8ff1662c5a1.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
6c8f07f2ac98a58855ec27c5bb3a40b027394636d29c693ae20a978cbc7cab7b
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
23
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
522
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"20a-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
f36c6662-bb7ad5546a4afa020313.js
allya.com.br/_next/static/chunks/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/f36c6662-bb7ad5546a4afa020313.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
647d7d2a4e36e29c0e4b090ece4bbde2fc4635a2eb1b50f0a0a3cd6ac21b8aa0
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
23
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"6f2-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
479-d6a420fd10546e3ee8b1.js
allya.com.br/_next/static/chunks/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/479-d6a420fd10546e3ee8b1.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
27c8b5dd21680212abb39eadf77bed39b9bcf552745e02b41adbfb4e724f6f57
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
26
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"6bf4-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
904-1810cc425e2dd69b64cf.js
allya.com.br/_next/static/chunks/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/904-1810cc425e2dd69b64cf.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
b8e501f847dd607c6e51e0b8d44aae30e091914df87ea5c87763e34596a98e4e
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
7
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"13870-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
795-4890fc5c1fa1307fc730.js
allya.com.br/_next/static/chunks/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/795-4890fc5c1fa1307fc730.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
5bd779594dd9cddcbd391e29345d09c4c39bbf497e90f6b1a083c4113fea5487
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
12
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"71d5-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
entrar-d3083fa89023c98407e4.js
allya.com.br/_next/static/chunks/pages/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/pages/entrar-d3083fa89023c98407e4.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
814edf69721d687f6df30db77113e2d5163ae004562cffe3e6a11010c7fa3a75
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
10
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"3bfe-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
_buildManifest.js
allya.com.br/_next/static/eO17ZNhiAAfKYZ5xYj8oX/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/eO17ZNhiAAfKYZ5xYj8oX/_buildManifest.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
807dd145703e984d90d6c6c2eb6f04b9804499ab142c4fcf8cb5a770471b0999
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
12
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"b31-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
_ssgManifest.js
allya.com.br/_next/static/eO17ZNhiAAfKYZ5xYj8oX/ 		77 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/eO17ZNhiAAfKYZ5xYj8oX/_ssgManifest.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
11
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
77
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"4d-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
logo.18b3cef19d2f4f14b99bf1aa0d0c6786.svg
allya.com.br/_next/static/image/_/_/libs/ui/assets/imgs/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allya.com.br/_next/static/image/_/_/libs/ui/assets/imgs/logo.18b3cef19d2f4f14b99bf1aa0d0c6786.svg
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
9bbde8de3b984257567972a6ae4d9dbf28eae12d4f91a0845a6f25c949187ccd
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
12
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"b8d-17fc1221a40"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		258 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NLHQ9B2
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
065e32b928751e3e79ac13aa9076bf14a92c4f5a28e0f1cf2867c332a5fd7d0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81105
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Mar 2022 14:12:06 GMT
bg-download-app.988baa5d96509d312160ea90bddc0890.png
allya.com.br/_next/static/image/_/_/libs/ui/assets/imgs/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allya.com.br/_next/static/image/_/_/libs/ui/assets/imgs/bg-download-app.988baa5d96509d312160ea90bddc0890.png
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
5a6900223d0029bc250220075598994cf2fb4f4292af809f22f9af8270274325
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
12
content-length
1383945
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"151e09-17fc1221a40"
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/png
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
bg-vector.7970acef5f55c312185bbf9204d6b5d9.svg
allya.com.br/_next/static/image/_/_/libs/ui/assets/imgs/ 		957 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allya.com.br/_next/static/image/_/_/libs/ui/assets/imgs/bg-vector.7970acef5f55c312185bbf9204d6b5d9.svg
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
950ce9f725e52aeaf01af9666a16d6d0c487cf4e9340aab47155951c99b2b9df
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
6
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
957
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"3bd-17fc1221a40"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
bg-vector-2.73ff8893c4a96a8c678deadffbdaaf6d.svg
allya.com.br/_next/static/image/_/_/libs/ui/assets/imgs/ 		961 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allya.com.br/_next/static/image/_/_/libs/ui/assets/imgs/bg-vector-2.73ff8893c4a96a8c678deadffbdaaf6d.svg
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
22fe80a6734d63622a6f788fcb5f4cbf634a4ba62f945aa4f98d204022ac5c3e
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:06 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
10
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
961
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"3c1-17fc1221a40"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://allya.com.br/
Origin
https://allya.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 19:30:54 GMT
x-content-type-options
nosniff
age
585672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:11:09 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 19:30:54 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://allya.com.br/
Origin
https://allya.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 19:30:54 GMT
x-content-type-options
nosniff
age
585672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:11:23 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 19:30:54 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v29/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a986c26c40febdfac5074b57a925fe2d7b901e75b7bcad4a19a5cbe3987b51bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://allya.com.br/
Origin
https://allya.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 20:12:20 GMT
x-content-type-options
nosniff
age
64786
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11032
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 29 Mar 2023 20:12:20 GMT
c8eae200-0fab9aa114befb74b995.js
allya.com.br/_next/static/chunks/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/c8eae200-0fab9aa114befb74b995.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/_next/static/chunks/main-62f0f7b68f8978e2fb8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
5
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
622
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"26e-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
59b4e022-b2bcc04235958a6ce42e.js
allya.com.br/_next/static/chunks/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/59b4e022-b2bcc04235958a6ce42e.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/_next/static/chunks/main-62f0f7b68f8978e2fb8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
4
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"927-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
065a3ddb-e6e2112c5c835c7ce701.js
allya.com.br/_next/static/chunks/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/065a3ddb-e6e2112c5c835c7ce701.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/_next/static/chunks/main-62f0f7b68f8978e2fb8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
4
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
818
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"332-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
e1efa4cc-9315b8f8f8ff1662c5a1.js
allya.com.br/_next/static/chunks/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/e1efa4cc-9315b8f8f8ff1662c5a1.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/_next/static/chunks/main-62f0f7b68f8978e2fb8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
14
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
522
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"20a-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
f36c6662-bb7ad5546a4afa020313.js
allya.com.br/_next/static/chunks/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/f36c6662-bb7ad5546a4afa020313.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/_next/static/chunks/main-62f0f7b68f8978e2fb8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
7
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"6f2-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
9814d858-30d8d7c84f8ff2d00ca5.js
allya.com.br/_next/static/chunks/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/9814d858-30d8d7c84f8ff2d00ca5.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/_next/static/chunks/main-62f0f7b68f8978e2fb8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
10
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
407
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"197-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
479-d6a420fd10546e3ee8b1.js
allya.com.br/_next/static/chunks/ 		0
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/479-d6a420fd10546e3ee8b1.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/_next/static/chunks/main-62f0f7b68f8978e2fb8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
9
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"6bf4-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
52-79ea959573544f4dd73a.js
allya.com.br/_next/static/chunks/ 		0
21 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/52-79ea959573544f4dd73a.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/_next/static/chunks/main-62f0f7b68f8978e2fb8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
7
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"12c40-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
795-4890fc5c1fa1307fc730.js
allya.com.br/_next/static/chunks/ 		0
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/795-4890fc5c1fa1307fc730.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/_next/static/chunks/main-62f0f7b68f8978e2fb8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
13
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"71d5-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
index-08973ee86a34fce31783.js
allya.com.br/_next/static/chunks/pages/ 		0
14 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/pages/index-08973ee86a34fce31783.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/_next/static/chunks/main-62f0f7b68f8978e2fb8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
13
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"ddd4-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLHQ9B2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
441
date
Wed, 30 Mar 2022 14:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 30 Mar 2022 16:04:46 GMT
hotjar-1754802.js
static.hotjar.com/c/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1754802.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLHQ9B2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-123.fra56.r.cloudfront.net
Software
/
Resource Hash
baee53d57216fcd25d49651450531a60f5215ae4b5d62ef71ad5a9d9ccc00954
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:11:57 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
10
etag
W/d522435e9406625f02605125dca3cf10
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
9HP42N1hlJgg85x5O0tUvKQzafYpIRz080WkD8DljG5Cp0l9TE9kfw==
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLHQ9B2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14883
x-xss-protection
0
server
cafe
etag
14534967036905587165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 14:12:07 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26320
x-xss-protection
0
pragma
public
x-fb-debug
lInebEhKl4E3P5/BsZBwFIq1X3rENcFpyqb5sY/unRhixnrZAkPJHp0AvHCd/eDnhYGd2ZGRsbGJaT4gVGf5nw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 30 Mar 2022 14:12:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://allya.com.br/
Origin
https://allya.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 19:30:44 GMT
x-content-type-options
nosniff
age
585683
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:13:08 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 19:30:44 GMT
modules.7d3f952308caf42c2b67.js
script.hotjar.com/ 		236 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1754802.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-86.dus51.r.cloudfront.net
Software
/
Resource Hash
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 09:02:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1746601
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63048
access-control-allow-origin
*
last-modified
Thu, 10 Mar 2022 09:01:33 GMT
etag
"2f5d47da7be4d107a04726029158797c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 f47fcc9b2aa47ced36c40c318e6f006a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
8WoOvN2xcA5DLhhgSVPMtpPkVh9fq708mZR_htvV9VvEYj698NQPgA==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=980809622&t=pageview&_s=1&dl=https%3A%2F%2Fallya.com.br%2Fentrar%3Fcl%3Dtrue&dr=https%3A%2F%2Fadmin.allya.com.br%2F&ul=en-us&de=UTF-8&dt=Entrar%20%7C%20Allya%20%E2%80%93%20Faz%20seu%20sal%C3%A1rio%20render%20mais%20para%20alcan%C3%A7ar%20seus%20objetivos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1719948973&gjid=2054289996&cid=1997998830.1648649527&tid=UA-54795836-2&_gid=107767326.1648649527&_r=1&gtm=2wg3n1NLHQ9B2&cd10=deslogado&cd13=1&z=525188678
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 14:12:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://allya.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
773785943191431
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/773785943191431?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab2dd1be6bf037bc1665671ffa76c41749bbdafc40b77c6e93d1ade22715983e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89143
x-xss-protection
0
pragma
public
x-fb-debug
9PpMM9e0PlHhhuXo5zjhjdilVVbSTFaJpyfT4jQHidgVq3Hlmzvzmsa/smZ4QxBum10CgDAUMU1c8FQNZUrzqA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 30 Mar 2022 14:12:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame DCD9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1754802.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-95.fra53.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
4684801
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 04 Feb 2022 08:52:06 GMT
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
vary
Accept-Encoding
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amz-cf-id
tFJ0cAZRh5s6a15eGyfpZ0cU0vfhlPymuhBMugJXzWlrQdsaXvC72A==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-robots-tag
none
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54795836-2&cid=1997998830.1648649527&jid=1719948973&gjid=2054289996&_gid=107767326.1648649527&_u=YEBAAEAAAAAAAC~&z=990511952
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c01::9b -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 30 Mar 2022 14:12:07 GMT
content-type
text/plain
access-control-allow-origin
https://allya.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/741668715/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/741668715/?random=1648649527194&cv=9&fst=1648649527194&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fallya.com.br%2Fentrar%3Fcl%3Dtrue&ref=https%3A%2F%2Fadmin.allya.com.br%2F&tiba=Entrar%20%7C%20Allya%20%E2%80%93%20Faz%20seu%20sal%C3%A1rio%20render%20mais%20para%20alcan%C3%A7ar%20seus%20objetivos&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9482f570892f9f90d65b694a736f8f462e9ff7ebafef8a8d7b048fbfb7a60f6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 14:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1087
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=773785943191431&ev=PageView&dl=https%3A%2F%2Fallya.com.br%2Fentrar%3Fcl%3Dtrue&rl=https%3A%2F%2Fadmin.allya.com.br%2F&if=false&ts=1648649527252&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.2.1648649527251.926381492&it=1648649527136&coo=false&rqm=GET
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 30 Mar 2022 14:12:07 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54795836-2&cid=1997998830.1648649527&jid=1719948973&_u=YEBAAEAAAAAAAC~&z=2033590640
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 14:12:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
visit-data
in.hotjar.com/api/v2/client/sites/1754802/ 		147 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1754802/visit-data?sv=7
Requested by
Host: admin.allya.com.br
URL: https://admin.allya.com.br/parceiro/oferta29blackfriday2021?utm_source=rdstation&utm_medium=email&utm_campaign=campanha:pascoa&utm_term=logo:sorteio-americanas-1-voucher-de-200,00&utm_content=parceiro:sorteio-americanas-1-voucher-de-200,00?deeplink%3Dallya://establishment?id%3D619569ebc4cdac001a6aa80e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.183.234 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
1754802
vc.hotjar.io/sessions/ 		0
0
/
www.google.com/pagead/1p-user-list/741668715/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/741668715/?random=1648649527194&cv=9&fst=1648648800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&frm=0&url=https%3A%2F%2Fallya.com.br%2Fentrar%3Fcl%3Dtrue&ref=https%3A%2F%2Fadmin.allya.com.br%2F&tiba=Entrar%20%7C%20Allya%20%E2%80%93%20Faz%20seu%20sal%C3%A1rio%20render%20mais%20para%20alcan%C3%A7ar%20seus%20objetivos&async=1&fmt=3&is_vtc=1&random=3340227375&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: allya.com.br
URL: https://allya.com.br/entrar?cl=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 14:12:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/741668715/ 		0
0
9814d858-30d8d7c84f8ff2d00ca5.js
allya.com.br/_next/static/chunks/ 		407 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/9814d858-30d8d7c84f8ff2d00ca5.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/_next/static/chunks/main-62f0f7b68f8978e2fb8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
4520ad1777a3a2a335d11a86d1ab3295f2624edd39c7286f87c400dcb62ba2eb
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-length
407
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"197-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
52-79ea959573544f4dd73a.js
allya.com.br/_next/static/chunks/ 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/52-79ea959573544f4dd73a.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/_next/static/chunks/main-62f0f7b68f8978e2fb8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
874b749ead564d4959ac92ed9c7d1ca6363ca31c2ce9baab53d4379cbb09cac1
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
4
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"12c40-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
index-08973ee86a34fce31783.js
allya.com.br/_next/static/chunks/pages/ 		55 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://allya.com.br/_next/static/chunks/pages/index-08973ee86a34fce31783.js
Requested by
Host: allya.com.br
URL: https://allya.com.br/_next/static/chunks/main-62f0f7b68f8978e2fb8a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.7.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-7-99.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
c612463c58d853ff22668ed82fba214b98656c2061bdeeb6bb8465547546c070
Security Headers
Name Value
Content-Security-Policy default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://allya.com.br/entrar?cl=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
4
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 25 Mar 2022 12:51:52 GMT
server
istio-envoy
x-frame-options
DENY
etag
W/"ddd4-17fc1221a40"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
feature-policy
microphone 'none'; accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; gyroscope 'none'; layout-animations 'none'; magnetometer 'none'; midi 'none'
content-security-policy
default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud;
accept-ranges
bytes
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/yb62gvp9
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
99.86.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
730d10b1e2c6e4c2ec33accb70ae141dd56673d895b6a9963c59aa681f2fe3cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 30 Mar 2022 14:12:00 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 12:36:58 GMT
server
AmazonS3
age
8
etag
"1646526596e46a7339d97d8f341f7bb6"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
6063
x-amz-cf-id
Dv-OsIg_sSI0rLb2vk0E10RC2Y0VioC4fjj6HnH59WbrN5ehhZzKDw==

Redirect headers

date
Mon, 28 Mar 2022 15:30:57 GMT
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server
AmazonS3
age
168071
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
3PQfWGnd7adzC7G0R7hG9YhUDtK9xLCbBPglX-AcQ4f-gztsFKyBxw==
frame-modern.4def396d.js
js.intercomcdn.com/ Frame 98AF 		306 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.4def396d.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/yb62gvp9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c0cec81f65602677e87e50aae2d57d6f5b5ff0d01ca33f774884f22ddaaad7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 30 Mar 2022 12:37:01 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 12:35:47 GMT
server
AmazonS3
age
5707
etag
"154ffd75d8654da2d19a736284bb2043"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
83446
x-amz-cf-id
D2T34WDlSp-k_n3WvP7j_EZwvr-RjBEh2Gsmbk66xTMWmQeERrwGbQ==
vendor-modern.64c31b0b.js
js.intercomcdn.com/ Frame 98AF 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.64c31b0b.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/yb62gvp9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a23bcfb08426125f3f053292dbc4302322ef6df450f0c38544f951f327b0c63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 30 Mar 2022 13:40:50 GMT
content-encoding
gzip
last-modified
Tue, 29 Mar 2022 15:18:30 GMT
server
AmazonS3
age
1878
etag
"8bd66465868d5750823c7f8c52f9d622"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
42632
x-amz-cf-id
1UReHJk7Et5G_qnKbtOImoMoM6ispb56E2ek5GlsDylyVV9sA3MbuA==
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=773785943191431&ev=Microdata&dl=https%3A%2F%2Fallya.com.br%2Fentrar%3Fcl%3Dtrue&rl=https%3A%2F%2Fadmin.allya.com.br%2F&if=false&ts=1648649527757&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Entrar%20%7C%20Allya%20%E2%80%93%20Faz%20seu%20sal%C3%A1rio%20render%20mais%20para%20alcan%C3%A7ar%20seus%20objetivos%22%2C%22meta%3Adescription%22%3A%22A%20Allya%20ajuda%20o%20sal%C3%A1rio%20dos%20seus%20colaboradores%20a%20render%20mais%2C%20conectando-os%20a%20estabelecimentos%20relevantes%2C%20benef%C3%ADcios%20e%20vantagens%20financeiras%2C%20tudo%20de%20forma%20personalizada%20em%20uma%20s%C3%B3%20plataforma.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Alocale%22%3A%22pt%22%2C%22og%3Asite_name%22%3A%22Allya%20%E2%80%93%20Faz%20seu%20sal%C3%A1rio%20render%20mais%20para%20alcan%C3%A7ar%20seus%20objetivos%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.2.1648649527251.926381492&it=1648649527136&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:12:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 30 Mar 2022 14:12:07 GMT
ping
api-iam.intercom.io/messenger/web/ Frame 98AF 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.4def396d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e05f16aa2ef755fefe7168313125087454f43f2cf30a75f4056658fce43369fa
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 30 Mar 2022 14:12:08 GMT
content-encoding
gzip
x-ami-version
ami-07ecc2130003546fb
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept,Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
000714cuvf6tg5fvkre0
x-runtime
0.344972
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"e05f16aa2ef755fefe71683131250874"
x-ratelimit-remaining
13316
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://allya.com.br
x-intercom-version
03b66a74766a7b87124c9c17b2c731ee08b98307
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1648649530
x-ratelimit-limit
13333
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
locale-pt-BR-json-modern.35ebcbd1.js
js.intercomcdn.com/ Frame 98AF 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/locale-pt-BR-json-modern.35ebcbd1.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.4def396d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fa274643f653e632ff2dd70329e2d681414fc1351232cc798bb402ce3499068

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 30 Mar 2022 13:19:08 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 08:34:58 GMT
server
AmazonS3
age
3270
etag
"822c5d6d4187c4a48638222c67a761a8"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
6248
x-amz-cf-id
r2lpuriEdPSipFRwUoZSCMEc-6JP6cNrZmre-Y6Pd_zVyfleko7WDA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54795836-2&cid=1997998830.1648649527&jid=1719948973&_u=YEBAAEAAAAAAAC~&z=2033590640
Domain
vc.hotjar.io
URL
https://vc.hotjar.io/sessions/1754802?s=0.25&r=0.13978617725755527
Domain
www.google.de
URL
https://www.google.de/pagead/1p-user-list/741668715/?random=1648649527194&cv=9&fst=1648648800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&frm=0&url=https%3A%2F%2Fallya.com.br%2Fentrar%3Fcl%3Dtrue&ref=https%3A%2F%2Fadmin.allya.com.br%2F&tiba=Entrar%20%7C%20Allya%20%E2%80%93%20Faz%20seu%20sal%C3%A1rio%20render%20mais%20para%20alcan%C3%A7ar%20seus%20objetivos&async=1&fmt=3&is_vtc=1&random=3340227375&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| dataLayer object| webpackChunk_N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next undefined| _N_E object| __BUILD_MANIFEST object| __SSG_MANIFEST object| google_tag_manager function| postscribe object| google_tag_manager_external object| GTMUtils object| intercomSettings function| Intercom object| google_tag_data function| sendEvent string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq function| onYouTubeIframeAPIReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

14 Cookies

Domain/Path Name / Value
admin.allya.com.br/ Name: _hjIncludedInSessionSample
Value: 0
allya.com.br/ Name: _ga
Value: "17a15dc8ff87708e"
.allya.com.br/ Name: _gcl_au
Value: 1.1.698064828.1648649527
.allya.com.br/ Name: _ga
Value: GA1.3.1997998830.1648649527
.allya.com.br/ Name: _gid
Value: GA1.3.107767326.1648649527
.allya.com.br/ Name: _gat_UA-54795836-2
Value: 1
.allya.com.br/ Name: _fbp
Value: fb.2.1648649527251.926381492
.allya.com.br/ Name: _hjSessionUser_1754802
Value: eyJpZCI6ImFiMDk2NWNmLTVhNDktNTQwZi05N2UwLTFiMDg5MTk3Y2M4NyIsImNyZWF0ZWQiOjE2NDg2NDk1MjcxNTQsImV4aXN0aW5nIjpmYWxzZX0=
.allya.com.br/ Name: _hjFirstSeen
Value: 1
allya.com.br/ Name: _hjIncludedInSessionSample
Value: 0
.allya.com.br/ Name: _hjSession_1754802
Value: eyJpZCI6IjhjZThkZDE4LWQwYjEtNDE0My04NjY2LWM4YWIwNTkzNGExNSIsImNyZWF0ZWQiOjE2NDg2NDk1MjcyNjQsImluU2FtcGxlIjpmYWxzZX0=
allya.com.br/ Name: _hjIncludedInPageviewSample
Value: 1
.allya.com.br/ Name: _hjAbsoluteSessionInProgress
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmTlrgC6UQ_SdJJFKAZxnkVLGMiUZtBq4Sdi5RbhhwdRQYhtl2YSxvNCcyr

7 Console Messages

Source Level URL
Text
network error URL: https://backend.prd.allya.com.br/api/customers/me
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security error URL: https://allya.com.br/entrar?cl=true
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54795836-2&cid=1997998830.1648649527&jid=1719948973&_u=YEBAAEAAAAAAAC~&z=2033590640' because it violates the following Content Security Policy directive: "default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security error (Line 1)
Message:
Refused to connect to 'https://vc.hotjar.io/sessions/1754802?s=0.25&r=0.13978617725755527' because it violates the following Content Security Policy directive: "default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://allya.com.br/entrar?cl=true
Message:
Refused to load the image 'https://www.google.de/pagead/1p-user-list/741668715/?random=1648649527194&cv=9&fst=1648648800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&frm=0&url=https%3A%2F%2Fallya.com.br%2Fentrar%3Fcl%3Dtrue&ref=https%3A%2F%2Fadmin.allya.com.br%2F&tiba=Entrar%20%7C%20Allya%20%E2%80%93%20Faz%20seu%20sal%C3%A1rio%20render%20mais%20para%20alcan%C3%A7ar%20seus%20objetivos&async=1&fmt=3&is_vtc=1&random=3340227375&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "default-src 'self' ws: data: 'unsafe-inline' 'unsafe-eval' cdnjs.cloudflare.com fonts.googleapis.com s3.amazonaws.com fonts.gstatic.com www.google-analytics.com www.googletagmanager.com *.hotjar.com www.googleadservices.com connect.facebook.net googleads.g.doubleclick.net www.facebook.com stats.g.doubleclick.net www.google.com *.hml.allya.com.br *.pre.allya.com.br *.allya.com.br play.google.com apps.apple.com *.prd.allya.com.br api.pagar.me bid.g.doubleclick.net rec.smartlook.com www.google.com.br *.intercom.io js.intercomcdn.com manager.eu.smartlook.cloud". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.allya.com.br
allya-images.s3.us-east-1.amazonaws.com
allya.com.br
allyaapp.page.link
api-iam.intercom.io
backend.prd.allya.com.br
cdn.ckeditor.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.hotjar.com
js.intercomcdn.com
maps.googleapis.com
maxcdn.bootstrapcdn.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
t.rdsv1.net
vars.hotjar.com
vc.hotjar.io
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
vc.hotjar.io
www.google.de
100.25.7.99
108.157.4.86
142.250.185.66
143.204.215.95
205.234.175.175
2600:9000:2057:7c00:11:2c62:7a40:93a1
2600:9000:2057:a00:15:a17c:2c40:93a1
2606:4700::6810:125e
2606:4700::6812:bcf
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2004
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c01::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.5.8.158
3.95.4.183
54.73.183.234
65.9.66.123
75.2.88.188
99.86.7.54
99.86.7.67
065e32b928751e3e79ac13aa9076bf14a92c4f5a28e0f1cf2867c332a5fd7d0b
0e4c6a7e7c2064f2c5c3e99d90b0fe83a693bc6772c14815241d1050b45e34d7
0fa274643f653e632ff2dd70329e2d681414fc1351232cc798bb402ce3499068
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a23bcfb08426125f3f053292dbc4302322ef6df450f0c38544f951f327b0c63
1fbdaff1fadb96e5852483ce59a3470daa9db50b9173c8f00c12a0cba3678d8b
22fe80a6734d63622a6f788fcb5f4cbf634a4ba62f945aa4f98d204022ac5c3e
27c8b5dd21680212abb39eadf77bed39b9bcf552745e02b41adbfb4e724f6f57
2d412f2051d75be196e4245793f0a854d033ad30e7e16bf4a43c2ae6a947abae
2fe582c7d5c54f61be417fdce6530f09662298668e2b6334252bda401932f656
31d2aa2d040fcb072c89c753fe04236df4110fdca02cba08f5326c6ec55b6e51
32c6b204d65086cfdeeebb76b531944ab250ca53b89a330039df96ec05faca09
33827781eca745a783703a96a8640ea499e31ec7618124a85eed30240441371a
348911bf910507c101d13d5c936cd42532b3c87a95bf4b21e3e5525750405cc2
37800efc7412f42c28d078ccec90dc3e54a0da449406c92ca01ec2d72ab7a9b1
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
4520ad1777a3a2a335d11a86d1ab3295f2624edd39c7286f87c400dcb62ba2eb
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
587e779c445acf504e90401d44ca643fa3b4f8ef0666b988764165f51da667e4
5a6900223d0029bc250220075598994cf2fb4f4292af809f22f9af8270274325
5bd779594dd9cddcbd391e29345d09c4c39bbf497e90f6b1a083c4113fea5487
62ef151e5e8360afdaa48ca5a5fa56c85fb5e8bfc2917dacba14b94b61731557
647d7d2a4e36e29c0e4b090ece4bbde2fc4635a2eb1b50f0a0a3cd6ac21b8aa0
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
66b1f90dca7b3d760643043146b93f643fd72bdb663190cf46c57818114f3cba
69f45defbd5b9c2e828a9bced0e31b6ba634a783d0d4e67b8470e7471c9d585e
6c8f07f2ac98a58855ec27c5bb3a40b027394636d29c693ae20a978cbc7cab7b
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
730d10b1e2c6e4c2ec33accb70ae141dd56673d895b6a9963c59aa681f2fe3cc
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f830b7ba8379f8edfdcec06ea3b6fc98185fb9530c7f3ede100cfbc906c1d4d
807dd145703e984d90d6c6c2eb6f04b9804499ab142c4fcf8cb5a770471b0999
814edf69721d687f6df30db77113e2d5163ae004562cffe3e6a11010c7fa3a75
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874b749ead564d4959ac92ed9c7d1ca6363ca31c2ce9baab53d4379cbb09cac1
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
8ffe817f3139c637f27d07ccdb3bf312991c6fd3587f4d398fc45a4d0e5da927
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9482f570892f9f90d65b694a736f8f462e9ff7ebafef8a8d7b048fbfb7a60f6e
950ce9f725e52aeaf01af9666a16d6d0c487cf4e9340aab47155951c99b2b9df
9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a
9bbde8de3b984257567972a6ae4d9dbf28eae12d4f91a0845a6f25c949187ccd
a12529682c90b74833f056038a4a30f33886a81cbffe53584b72c0e849af4f87
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a986c26c40febdfac5074b57a925fe2d7b901e75b7bcad4a19a5cbe3987b51bf
a9ab61ff110c8d65db5a7843cf7cdfa3beb47266230cd250eee7b307c1d22c44
ab2dd1be6bf037bc1665671ffa76c41749bbdafc40b77c6e93d1ade22715983e
b8e501f847dd607c6e51e0b8d44aae30e091914df87ea5c87763e34596a98e4e
b95313944eb4ed4e731e9043093a22cc7639886d17e51bb316326d437c9c2c48
baee53d57216fcd25d49651450531a60f5215ae4b5d62ef71ad5a9d9ccc00954
bb46283379ed4798012e54e9f6c7e729f0518469795ec33f5ed58d6929756c0a
c0c0cec81f65602677e87e50aae2d57d6f5b5ff0d01ca33f774884f22ddaaad7
c612463c58d853ff22668ed82fba214b98656c2061bdeeb6bb8465547546c070
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d486a8e6af9a15ad009e9b489157d0af1cb90a45d0f23f7d7d3e9601bf7e79b4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df023cc22ca0bc0feaa8727fc1872ff10338b6df3225b09ea056d3990cce0595
e05f16aa2ef755fefe7168313125087454f43f2cf30a75f4056658fce43369fa
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a9430e2e9a2a24e80b0541d68f1781a75f9f3f74c57a15f97e35b6a3223496
e73ba1b890bb9c26cc4a6be69e3189263e22c1add9fa4773a644365867a231fb
e8203338ca3d839c6eee828a2fea7a0ebb50d5788cce3b49b8f1decd537349b8
eb3d5f2600910179bef8b0709214b7c721ea66e92ebb35bc282264beb2631eaf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f888b44f0a9c95e54746c2dd16237db16747c4f3247b243e6847de3f8e64b8d0
f9d81c95f790f61abd4324921ff3e9a36013fe92222a617b14f227b455ce29af