191.252.156.111 Open in urlscan Pro
191.252.156.111 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://191.252.156.111:4435/
Submission Tags: @phish_report
Submission: On November 21 via api (November 21st 2024, 12:26:20 pm UTC) from FI — Scanned from FI

Summary HTTP 80 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 14 domains to perform 80 HTTP transactions. The main IP is 191.252.156.111, located in Brazil and belongs to Locaweb Servicos de Internet SA, BR. The main domain is 191.252.156.111.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 16th 2022. Valid for: a year.

This is the only time 191.252.156.111 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	191.252.156.111 191.252.156.111	27715 (Locaweb S...) (Locaweb Servicos de Internet SA)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
4	172.67.70.191 172.67.70.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	18.244.18.75 18.244.18.75	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3034::6815:1adf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
7	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
2	172.217.18.110 172.217.18.110	15169 (GOOGLE) (GOOGLE)
2	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
1	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9b	15169 (GOOGLE) (GOOGLE)
80	21

31 191.252.156.111 (Brazil)

ASN27715 (Locaweb Servicos de Internet SA, BR)
PTR: vpsw2340.publiccloud.com.br

191.252.156.111	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.70.191 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
disclaimer-api.goadopt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.244.18.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-75.fra56.r.cloudfront.net

cdn.addevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3034::6815:1adf (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	gstatic.com fonts.gstatic.com	109 KB
6	addevent.com cdn.addevent.com — Cisco Umbrella Rank: 33165	7 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	462 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2020 ka-f.fontawesome.com — Cisco Umbrella Rank: 6059	100 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182 stats.g.doubleclick.net — Cisco Umbrella Rank: 135	3 KB
4	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
4	youtube.com www.youtube.com — Cisco Umbrella Rank: 79
4	goadopt.io tag.goadopt.io — Cisco Umbrella Rank: 150115 disclaimer-api.goadopt.io — Cisco Umbrella Rank: 169762	219 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	64 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	214 B
2	google.fi www.google.fi — Cisco Umbrella Rank: 41557	562 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	77 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
0	Failed function sub() { [native code] }. Failed
80	14

	Domain	Requested by
7	fonts.gstatic.com	fonts.googleapis.com
6	cdn.addevent.com	191.252.156.111
5	www.googletagmanager.com	191.252.156.111 www.googletagmanager.com www.google-analytics.com
4	www.google-analytics.com	1 redirects www.googletagmanager.com 191.252.156.111 www.google-analytics.com
4	www.youtube.com	191.252.156.111
4	ka-f.fontawesome.com	kit.fontawesome.com 191.252.156.111
3	disclaimer-api.goadopt.io	191.252.156.111
2	www.facebook.com	191.252.156.111
2	www.google.fi	191.252.156.111
2	td.doubleclick.net	www.googletagmanager.com
2	connect.facebook.net	191.252.156.111 connect.facebook.net
2	www.google.com	www.googletagmanager.com 191.252.156.111
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	tag.goadopt.io	191.252.156.111
1	fonts.googleapis.com	191.252.156.111
1	kit.fontawesome.com	191.252.156.111
0	191.252.156.111 Failed	191.252.156.111
80	19

This site contains links to these domains. Also see Links.

Domain
www.addevent.com
wa.me
www.instagram.com
apps.apple.com
play.google.com
avenue.us
profissaoinvestidor.com.br
www.youtube.com
fundamentei.com
goadopt.io
hub.goadopt.io
dash.goadopt.io

Subject Issuer	Validity	Valid
erikaprecifica.com.br AlphaSSL CA - SHA256 - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
goadopt.io WE1	`2024-11-20` - `2025-02-18`	3 months	crt.sh
*.addevent.com Amazon RSA 2048 M03	`2024-06-28` - `2025-07-26`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ka-f.fontawesome.com WE1	`2024-10-27` - `2025-01-25`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-30` - `2024-11-28`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.fi WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://191.252.156.111:4435/
Frame ID: 57DDB0C85701F5BEA0F80655D303E6CA
Requests: 72 HTTP requests in this frame

Frame: https://www.youtube.com/embed/CxuzWyh0ecY
Frame ID: 2B5850B9D99BB85B63DE71921D2D98CF
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/18Vgp18xK58
Frame ID: 0C26938ED1C7778D40EB8165267542CB
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/CxuzWyh0ecY
Frame ID: E87CD4E3795E7C2F84B5C535D5B1ADA9
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/18Vgp18xK58
Frame ID: F504171BB1E93ED21AAADBC28BDB800A
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2F191.252.156.111%3A4435
Frame ID: EC7C792763C06A9E07E09B12461DCDA3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/474224517?random=1732191971821&cv=11&fst=1732191971821&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v884874140z8832648255za201zb832648255&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2F191.252.156.111%3A4435%2F&hn=www.googleadservices.com&frm=0&tiba=myProfit&npa=0&pscdl=noapi&auid=2021047978.1732191971&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: B88DFE7D4E045B4406C1E20C465CDD9E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-BLMTDM6H5P&gacid=1320231642.1732191972&gtm=45je4bk0v9135212688za200&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=572137657
Frame ID: 19021E814417BEB4B86165D398A0A996
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

myProfit

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

Page Statistics

80
Requests

59 %
HTTPS

45 %
IPv6

14
Domains

19
Subdomains

21
IPs

4
Countries

6223 kB
Transfer

10654 kB
Size

14
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addevent.com/event/ZO15542773+apple

Search URL Search Domain Scan URL

URL: https://www.addevent.com/event/ZO15542773+google

Search URL Search Domain Scan URL

URL: https://www.addevent.com/event/ZO15542773+office365

Search URL Search Domain Scan URL

URL: https://www.addevent.com/event/ZO15542773+outlook

Search URL Search Domain Scan URL

URL: https://www.addevent.com/event/ZO15542773+outlookcom

Search URL Search Domain Scan URL

URL: https://www.addevent.com/event/ZO15542773+yahoo

Search URL Search Domain Scan URL

URL: https://wa.me/5511970625616?text=Ol%C3%A1%2C%20Poderia%20me%20ajudar%20com%20a%20seguinte%20d%C3%BAvida%3F&mode=prospect
Title: Dúvidas?

Search URL Search Domain Scan URL

URL: https://www.instagram.com/myprofitweb/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/br/app/myprofit/id1528398229

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.myprofit&hl=pt_BR

Search URL Search Domain Scan URL

URL: https://www.instagram.com/_robertolee/

Search URL Search Domain Scan URL

URL: https://avenue.us/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mauriciobellinelo/

Search URL Search Domain Scan URL

URL: https://profissaoinvestidor.com.br/commodities/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fundamentei/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/EduardoCavalcantiFundamentei

Search URL Search Domain Scan URL

URL: https://fundamentei.com/

Search URL Search Domain Scan URL

URL: https://wa.me/5511970625616?text=Ol%C3%A1%2C%20Poderia%20me%20ajudar%20com%20a%20seguinte%20d%C3%BAvida%3F
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://goadopt.io/en/porque-aviso/?utm_content=main&utm_medium=cookie_banner_web&utm_source=cookie_banner_cd1a6c75-9505-48e6-b0ce-6f7da615f826
Title: AdOpt

Search URL Search Domain Scan URL

URL: https://hub.goadopt.io/document/cafd18ea-2604-420f-9140-7ef6fb1332d8
Title: Tietosuojakäytäntö

Search URL Search Domain Scan URL

URL: https://hub.goadopt.io/document/f0b6991c-e5f8-44e0-8dc4-0d7ae5c052c9
Title: Käyttöehdot

Search URL Search Domain Scan URL

URL: https://dash.goadopt.io/opt-out?websiteId=cd1a6c75-9505-48e6-b0ce-6f7da615f826&id=70770044-6622-4bbd-ade3-3c5c19aff1d5&visitorId=f00d6bc4-f25f-487e-8b04-554c36aed065
Title: Jättäytyä syrjään

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://www.google-analytics.com/g/collect?v=2&tid=G-YVHQTHNQ4Y&gtm=45je4bk0v869197395z8832648255za200zb832648255&_p=1732191968286&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1320231642.1732191972&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732191972&sct=1&seg=0&dl=https%3A%2F%2F191.252.156.111%2F&dt=myProfit&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=8430 HTTP 302
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1320231642.1732191972&dbk=15949996028138698117&dma=0&en=page_view&gtm=45je4bk0v869197395z8832648255za200zb832648255&npa=0&tid=G-YVHQTHNQ4Y&dl=https%3A%2F%2F191.252.156.111%3F

80 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
191.252.156.111/ 51 KB
12 KB 4597ms
2968ms Document
text/html 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

61cb59336bda774805f76cc6db308ccabfb29d988f0e130f1313afbc67759eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: private
content-encoding: gzip
content-length: 12484
content-type: text/html; charset=utf-8
date: Thu, 21 Nov 2024 12:25:41 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000;includeSubDomains; preload
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
H2 200 3ts2ksMwXvKRuG480KNifJ2_JNM.js Show response
191.252.156.111/js/ 5 KB
2 KB 260ms
256ms Script
application/javascript 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/js/3ts2ksMwXvKRuG480KNifJ2_JNM.js

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

5558d13fe6fce455ba6de887c995ef75c0b0d7ccd2b3be9b689873c1aad1075c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

x-frame-options: DENY
strict-transport-security: max-age=31536000;includeSubDomains; preload
content-encoding: gzip
etag: "06ce7ee9392d61:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1913
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:41 GMT
content-type: application/javascript
last-modified: Thu, 24 Sep 2020 16:58:32 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 29d6306f94.js Show response
kit.fontawesome.com/ 13 KB
5 KB 296ms
205ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/29d6306f94.js
Requested by: Host: 191.252.156.111
URL: https://191.252.156.111:4435/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3f6bff0e601f0e121167ad1b349f8dbd16d2ec3a88cce4f70ac10d3b485ed74

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://191.252.156.111:4435
Referer: https://191.252.156.111:4435/

Response headers

access-control-max-age: 3000
x-request-id: GAn7avLMoywHn9NpGV3B
cache-control: max-age=60, public, stale-while-revalidate=30
content-encoding: gzip
cf-cache-status: MISS
access-control-allow-methods: GET, OPTIONS
cf-ray: 8e60aa9a59254e0f-HEL
access-control-allow-origin: *
date: Thu, 21 Nov 2024 12:26:08 GMT
content-type: text/javascript
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
server: cloudflare
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 200ms
69ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,300italic,700%7CPoppins:400,500,700

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b1e4a0bc4f02e261768b0d69feedccbe8a4d1705dee92569b3446825668aa22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 12:26:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 12:26:08 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 12:26:08 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 fonts.css
191.252.156.111/css/ 120 KB
25 KB 506ms
503ms Stylesheet
text/css 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/css/fonts.css

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

57444381b95c95c9120ca4db23fcec7a6c8b5b219c8b72923f5eb6c09ffc911d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

x-frame-options: DENY
strict-transport-security: max-age=31536000;includeSubDomains; preload
content-encoding: gzip
etag: "0924e2e6d92d61:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 25236
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:41 GMT
content-type: text/css
last-modified: Thu, 24 Sep 2020 12:21:08 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 bootstrap.css
191.252.156.111/css/ 131 KB
29 KB 507ms
505ms Stylesheet
text/css 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/css/bootstrap.css

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f3d4549f657c699519f9494551b9ea377eed633a4f6ebee7d79317b05d066308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

x-frame-options: DENY
strict-transport-security: max-age=31536000;includeSubDomains; preload
content-encoding: gzip
etag: "0924e2e6d92d61:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 29282
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:41 GMT
content-type: text/css
last-modified: Thu, 24 Sep 2020 12:21:08 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 style.css
191.252.156.111/css/ 1 MB
243 KB 734ms
732ms Stylesheet
text/css 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/css/style.css

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f09824992a7b90d71f65b900fe55c46594000cd34e73c825c3407643955524eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

x-frame-options: DENY
strict-transport-security: max-age=31536000;includeSubDomains; preload
content-encoding: gzip
etag: "07eab8ca735d91:0"
x-content-type-options: nosniff
accept-ranges: bytes
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:41 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 19:09:32 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H3 200 injector.js Show response
tag.goadopt.io/ 425 KB
139 KB 1963ms
1892ms Script
text/javascript 172.67.70.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.goadopt.io/injector.js?website_code=70770044-6622-4bbd-ade3-3c5c19aff1d5
Requested by: Host: 191.252.156.111
URL: https://191.252.156.111:4435/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.70.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3795f6ef7d8125fd55f239062b99386307ca6659fc4257bb80445c02a90257af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8TX9C5Af%2BGiZP6BPWRDAm2YvddHqsAQNzSp8Nw8T%2Byghp7tZTTc3plpIdcbOiNbmK65fyG%2FM88UsGQQn%2BFTzQxz6vVYxbX0hk%2FVxS%2B9CKSdlPY5GmMjuEkqokKWOIlZm"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47345&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4271&recv_bytes=4430&delivery_rate=383&cwnd=12000&unsent_bytes=0&cid=3309b97fc7adc6aa&ts=1896&x=1", cfHdrFlush;dur=0
date: Thu, 21 Nov 2024 12:26:10 GMT
content-type: text/javascript; charset=utf-8
vary: Origin, Accept-Encoding
last-modified: Thu, 21 Nov 2024 12:26:09 GMT
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:
cf-ray: 8e60aa9a4efbbf34-WAW
access-control-allow-origin: *
x-powered-by: Express
server: cloudflare

GET
H2 200 banner.css
191.252.156.111/css/ 1 KB
870 B 249ms
248ms Stylesheet
text/css 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/css/banner.css

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c8cadd0d8ec0be16beb3a44b0a083fde92caafe0dbe622a3f3d653cb6db80847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

x-frame-options: DENY
strict-transport-security: max-age=31536000;includeSubDomains; preload
content-encoding: gzip
etag: "077848895f7d81:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 773
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:41 GMT
content-type: text/css
last-modified: Sun, 13 Nov 2022 19:24:22 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 logo-default-237x91.png
191.252.156.111/images/ 10 KB
10 KB 267ms
266ms Image
image/png 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://191.252.156.111:4435/images/logo-default-237x91.png

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

797c3d6758b73564a52689d466480219a73cbfe11df2918a3c4bb7ce5b82a1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "0ea5280fc61d81:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 10466
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:41 GMT
content-type: image/png
last-modified: Sat, 07 May 2022 10:23:32 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H2 200 logo-inverse-237x91.png
191.252.156.111/images/ 6 KB
6 KB 268ms
267ms Image
image/png 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://191.252.156.111:4435/images/logo-inverse-237x91.png?v=20210715

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

32c789aae2719019f62909b01fd6f1a87672c0841f3556ced6245b2215fdea49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "0fbdcacbbfad61:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 6452
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:41 GMT
content-type: image/png
last-modified: Thu, 04 Feb 2021 06:05:02 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H2 200 icon-emd-share-apple-t1.png
cdn.addevent.com/libs/imgs/ 736 B
1 KB 190ms
57ms Image
image/png 18.244.18.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.addevent.com/libs/imgs/icon-emd-share-apple-t1.png

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-75.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d559d628e51869ae826255859390fe7338d4feaf9eff96fb315e3466090e8f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

etag: "cea5364b120a2fa6a8a7b3c49db94ffc"
age: 4885437
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: r9Fu8IHHNpUqTY_D4dFddQMqQQ5KMW0c89Gd8Gr9CBsYtPKixBB-eQ==
date: Wed, 25 Sep 2024 23:22:11 GMT
content-type: image/png
last-modified: Fri, 10 Dec 2021 15:55:45 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; preload
cache-control: max-age=8380800, public, must-revalidate
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 736
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P11
server: AmazonS3

GET
H2 200 icon-emd-share-google-t1.png
cdn.addevent.com/libs/imgs/ 1 KB
2 KB 190ms
57ms Image
image/png 18.244.18.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.addevent.com/libs/imgs/icon-emd-share-google-t1.png

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-75.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bd37e68658c4caf0b1f6319552270dbaaa326e76d6e93168be61e44ab99ec5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

etag: "15483c627fac9fc0d1648d3864e83e50"
age: 1214620
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: p1w32Fk4q0r4Wesvz2TX4SsfOLoaPZHQOwkUCLFijo_8umgpOEgBzw==
date: Thu, 07 Nov 2024 11:02:29 GMT
content-type: image/png
last-modified: Fri, 10 Dec 2021 15:55:45 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; preload
cache-control: max-age=8380800, public, must-revalidate
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1073
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P11
server: AmazonS3

GET
H2 200 icon-emd-share-office365-t1.png
cdn.addevent.com/libs/imgs/ 769 B
1 KB 57ms
55ms Image
image/png 18.244.18.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.addevent.com/libs/imgs/icon-emd-share-office365-t1.png

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-75.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

49fc051603ce6ca3f6ed919138d56d55bd21a2021287d9a2b499047ee475372a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

etag: "0861c7e4765b0eae2ce9a32f37fd6c6d"
age: 1254969
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Eu5ZvfZmpM3ZcT3Pm82NGbnGsXKxy4W1EqBsTdo1-bkBcPLc7mkwTw==
date: Wed, 06 Nov 2024 23:50:00 GMT
content-type: image/png
last-modified: Fri, 10 Dec 2021 15:55:46 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; preload
cache-control: max-age=8380800, public, must-revalidate
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ee56c180ebc0f0d7092e692f115e2808.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 769
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P11
server: AmazonS3

GET
H3 200 icon-emd-share-outlook-t1.png
cdn.addevent.com/libs/imgs/ 614 B
1001 B 62ms
58ms Image
image/png 18.244.18.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.addevent.com/libs/imgs/icon-emd-share-outlook-t1.png

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.244.18.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-75.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

897c4df32b7e67c6c5709dc7b235f5f3e64d6f9c7e95e0b847e969c6f4192c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

etag: "ceaa1418d7cb4836b7b6b0b7acafc714"
age: 5560223
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ydxxj4vKYjSQkx37DB-gsj-SFlWS1DJV2Vgu_GKHTcVnakb6Yw9tMA==
date: Wed, 18 Sep 2024 03:55:48 GMT
content-type: image/png
vary: Origin
last-modified: Fri, 10 Dec 2021 15:55:47 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; preload
cache-control: max-age=8380800, public, must-revalidate
referrer-policy: strict-origin-when-cross-origin
via: 1.1 49c384ab63de091c5f4d1534f8845d0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 614
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P11
server: AmazonS3

GET
H3 200 icon-emd-share-outlookcom-t1.png
cdn.addevent.com/libs/imgs/ 599 B
983 B 61ms
57ms Image
image/png 18.244.18.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.addevent.com/libs/imgs/icon-emd-share-outlookcom-t1.png

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.244.18.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-75.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c56515cae3f87f06aad6097cf51eed4718c0c226c4c35c0e99cdf374ac860431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

etag: "0ac6eab21a5d04a57b795d2de5190bf7"
age: 1268109
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 1mIG4rtg3p_X3191Fg1i0_ZVE3r6Fc-_d6rsuf4NL2__CT6g1tD53g==
date: Wed, 06 Nov 2024 20:11:02 GMT
content-type: image/png
vary: Origin
last-modified: Fri, 10 Dec 2021 15:55:47 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; preload
cache-control: max-age=8380800, public, must-revalidate
referrer-policy: strict-origin-when-cross-origin
via: 1.1 49c384ab63de091c5f4d1534f8845d0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 599
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P11
server: AmazonS3

GET
H3 200 icon-emd-share-yahoo-t1.png
cdn.addevent.com/libs/imgs/ 642 B
1 KB 61ms
58ms Image
image/png 18.244.18.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.addevent.com/libs/imgs/icon-emd-share-yahoo-t1.png

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

QUIC, , AES_128_GCM

Server

18.244.18.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-75.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

22d12fea88a54308c894e32a95b9276f292d2360fd89e95a446454fa6bb22352

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

etag: "35fcc15c4208cfcdc1776579b770db8d"
age: 3140432
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: sUuk5hZeeaJOG3dXblnZjLwHivcby9fb3Z2IBEaPP-336Sv9LE5sDg==
date: Wed, 16 Oct 2024 04:05:39 GMT
content-type: image/png
vary: Origin
last-modified: Fri, 10 Dec 2021 15:55:48 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; preload
cache-control: max-age=8380800, public, must-revalidate
referrer-policy: strict-origin-when-cross-origin
via: 1.1 49c384ab63de091c5f4d1534f8845d0c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 642
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P11
server: AmazonS3

GET
H2 200 768px-Instagram_icon.png
191.252.156.111/images/ 10 KB
10 KB 263ms
259ms Image
image/png 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://191.252.156.111:4435/images/768px-Instagram_icon.png

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c065dd3ee5764b10016223c3452b7963b4bb2c6548a5fd8be54bd21356375ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "0ceababbbfad61:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 10418
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: image/png
last-modified: Thu, 04 Feb 2021 06:05:00 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H2 200 lion.png
191.252.156.111/images/ 13 KB
13 KB 264ms
260ms Image
image/png 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://191.252.156.111:4435/images/lion.png

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a66849bf592a22efdaf5919d5682f60c887228ae0484b6f25e63fdab18187613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "0412313fcdd71:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 13403
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: image/png
last-modified: Fri, 29 Oct 2021 21:51:06 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H2 200 usa.png
191.252.156.111/images/ 5 KB
6 KB 249ms
245ms Image
image/png 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://191.252.156.111:4435/images/usa.png

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ee35cc797cd0cf7ce669d5bb7594badc7fa65c4bae38752236ec4b034422881f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "0be2af110cdd71:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 5571
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: image/png
last-modified: Fri, 29 Oct 2021 22:04:28 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H2 200 AppleStore.svg
191.252.156.111/images/ 12 KB
12 KB 263ms
260ms Image
image/svg+xml 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://191.252.156.111:4435/images/AppleStore.svg

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

008c9f15d89a376122fc01af01a27681dc757017be6175fe09322aa5905ffaac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "0ceababbbfad61:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 12395
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: image/svg+xml
last-modified: Thu, 04 Feb 2021 06:05:00 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H2 200 GoogleStore.svg
191.252.156.111/images/ 19 KB
19 KB 269ms
266ms Image
image/svg+xml 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://191.252.156.111:4435/images/GoogleStore.svg

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

934fef79d58789ebede9058f0c51189b620518a8924ccb3159734d825a45c283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "0fbdcacbbfad61:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 19211
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: image/svg+xml
last-modified: Thu, 04 Feb 2021 06:05:02 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H2 200 eduardo.jpeg
191.252.156.111/images/ 41 KB
41 KB 267ms
264ms Image
image/jpeg 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://191.252.156.111:4435/images/eduardo.jpeg

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0c12de4d555c4ad97cd0ef3409af2fcdbcd959a12b577a82de2cccb406f1639e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "0f4478e63cbd71:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 41592
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: image/jpeg
last-modified: Wed, 27 Oct 2021 18:50:48 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H2 200 lee.jpg
191.252.156.111/images/ 51 KB
51 KB 262ms
259ms Image
image/jpeg 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://191.252.156.111:4435/images/lee.jpg

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

159b381ac60c01dbbc9a1208783c6564cbe4a3c6cf6bb7c210f5e446f1046443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "0f4478e63cbd71:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 51857
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: image/jpeg
last-modified: Wed, 27 Oct 2021 18:50:48 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H2 200 mauricio.jpg
191.252.156.111/images/ 52 KB
53 KB 271ms
268ms Image
image/jpeg 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://191.252.156.111:4435/images/mauricio.jpg

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

940536434151fa9d438221daeb92b6857bc06ce500ac72d8d433e55236570f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "03588796bcad71:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 53759
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: image/jpeg
last-modified: Tue, 26 Oct 2021 13:14:58 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H2 200 core.min.js Show response
191.252.156.111/js/ 1 MB
425 KB 536ms
534ms Script
application/javascript 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/js/core.min.js

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1a4955b1415f9513d341f8779f528a47faf68c95c75873594e81047edbdf98f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

x-frame-options: DENY
strict-transport-security: max-age=31536000;includeSubDomains; preload
content-encoding: gzip
etag: "070febcfa58d91:0"
x-content-type-options: nosniff
accept-ranges: bytes
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:41 GMT
content-type: application/javascript
last-modified: Fri, 17 Mar 2023 18:03:12 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 script.js Show response
191.252.156.111/js/ 80 KB
26 KB 953ms
953ms Script
application/javascript 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/js/script.js?v=20230314

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

aff449f7c5a8475b5d6cbef1f55fbacf576d88ccabb084c3bfd8a4d176595b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

x-frame-options: DENY
strict-transport-security: max-age=31536000;includeSubDomains; preload
content-encoding: gzip
etag: "04dd3cd3bb2d61:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 26360
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:41 GMT
content-type: application/javascript
last-modified: Tue, 03 Nov 2020 23:48:18 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 select2.min.js Show response
191.252.156.111/js/ 65 KB
25 KB 270ms
253ms Script
application/javascript 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/js/select2.min.js

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

81f2fe899f2fd8289fb54f6f4a683547243054ee7eab0f5b803a9f756ed1752a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

x-frame-options: DENY
strict-transport-security: max-age=31536000;includeSubDomains; preload
content-encoding: gzip
etag: "070febcfa58d91:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 25245
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: application/javascript
last-modified: Fri, 17 Mar 2023 18:03:12 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 pt-BR.js Show response
191.252.156.111/js/ 855 B
652 B 248ms
243ms Script
application/javascript 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/js/pt-BR.js

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d09e2a38ae526a1ea49b747ac45cc5eab3f1c2b5dfa3d30066a9b978620f97d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

x-frame-options: DENY
strict-transport-security: max-age=31536000;includeSubDomains; preload
content-encoding: gzip
etag: "070febcfa58d91:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 606
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: application/javascript
last-modified: Fri, 17 Mar 2023 18:03:12 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 utils.js Show response
191.252.156.111/js/ 65 KB
20 KB 255ms
255ms Script
application/javascript 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/js/utils.js?v=20230314

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a8f8b0ad8ce93c1169b38f33b43a1027c5511540962e8530e27dab536fff5247

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

x-frame-options: DENY
strict-transport-security: max-age=31536000;includeSubDomains; preload
content-encoding: gzip
etag: "029111ac259d91:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 20470
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: application/javascript
last-modified: Sat, 18 Mar 2023 17:50:18 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 bannerexit.js Show response
191.252.156.111/js/pages/ 2 KB
896 B 268ms
268ms Script
application/javascript 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/js/pages/bannerexit.js?v=20230314

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f0caa0c5609b3a9428f532b08c2d4ef6eacbcd91cfab4a4398b94cb8c4776813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

x-frame-options: DENY
strict-transport-security: max-age=31536000;includeSubDomains; preload
content-encoding: gzip
etag: "070febcfa58d91:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 850
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: application/javascript
last-modified: Fri, 17 Mar 2023 18:03:12 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 home.js Show response
191.252.156.111/js/pages/ 3 KB
1 KB 268ms
263ms Script
application/javascript 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/js/pages/home.js?v=20230314

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3cbb5b1d5c27f4fb79e3aa5fb947c27bcc44418e6dd6a9a9280245ca2ef6c727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

x-frame-options: DENY
strict-transport-security: max-age=31536000;includeSubDomains; preload
content-encoding: gzip
etag: "070febcfa58d91:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1384
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: application/javascript
last-modified: Fri, 17 Mar 2023 18:03:12 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 320 KB
110 KB 218ms
82ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TGKN4LZ

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1338429285ec880feb7374752fa5bf370be5b77cea1e2930c67824ca58088cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 21 Nov 2024 12:26:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 12:26:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 21 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 111875
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 183ms
57ms Fetch
text/css 2606:4700:3034::6815:1adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=29d6306f94
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/29d6306f94.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: MISS
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zrKQ9tftXf%2BHFhsxwUmRgbXt%2BNGkfAcE8iLvdsOcdbEEhHxcER%2FeAPPceqWQZPmawqIU3gUzNHbcvyhn8jmw2qM1pIf4tHWhPuLbZl0RhiEu2AEbahEJkH5W%2By3%2FwZyEWn3y2F0RpIE1p1JakAV4ATcoMg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: njJdXUpyOC8AE9qdcTvoHUFpczMXfAwTtrdJzPa3uVgrD_uSXUn8ng==
date: Thu, 21 Nov 2024 12:26:08 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Accept-Encoding
access-control-allow-headers: fa-kit-token
server-timing: cfL4;desc="?proto=TCP&rtt=41868&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3994&recv_bytes=2438&delivery_rate=96483&cwnd=252&unsent_bytes=0&cid=7f5e4860ac18f6ca&ts=70&x=0"
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
cf-ray: 8e60aa9c795c7131-OSL
access-control-allow-origin: *
x-amz-cf-pop: OSL50-C1
server: cloudflare

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 184ms
59ms Fetch
text/css 2606:4700:3034::6815:1adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=29d6306f94
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/29d6306f94.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: MISS
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UNyjlQJDTAYK7w1X6LgmEIGD0EhwLXFKA%2FcuN3U4m8sQKV220SshFWZSi%2BPP00ehHSGRw4XNFjNbai4k3UuThAB5NHEZAtUSarDNrC%2FA74hnn7Q9x%2BzbYcxd1W07sC8CkXJ8pie7FncHchHgLWgF4LKlww%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Ekfavzzxuyc8wkUTUZRDfcV37-W0G0VjeGYD7Z9wqY1FGNlBI6Gwuw==
date: Thu, 21 Nov 2024 12:26:08 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Accept-Encoding
access-control-allow-headers: fa-kit-token
server-timing: cfL4;desc="?proto=TCP&rtt=41868&sent=21&recv=12&lost=0&retrans=0&sent_bytes=18021&recv_bytes=2438&delivery_rate=96483&cwnd=252&unsent_bytes=0&cid=7f5e4860ac18f6ca&ts=71&x=0"
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
cf-ray: 8e60aa9c79597131-OSL
access-control-allow-origin: *
x-amz-cf-pop: OSL50-C1
server: cloudflare

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 184ms
59ms Fetch
text/css 2606:4700:3034::6815:1adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=29d6306f94
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/29d6306f94.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

access-control-max-age: 3000
content-encoding: gzip
cf-cache-status: MISS
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BKJbbmK%2BOwz0FdDAY0sEgQhK2s5yMrhpWJgIqyBJsHWfsydFU4nXP87YcJ323joA5T9xV4z2wcQ7j9%2F%2BTx%2BWA5MSNkqkNnrHkQNFz749ArvjVmNudA%2FJKnZU8STnmgAslY%2FOkiNArNlRPwIVytsn5Oyl6g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: x6_P8irTFMhLcfin-dq0QCZjEGdGJdl3ce_sGq6GXwp-E-iRRSEFvg==
date: Thu, 21 Nov 2024 12:26:08 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Accept-Encoding
access-control-allow-headers: fa-kit-token
server-timing: cfL4;desc="?proto=TCP&rtt=41868&sent=25&recv=12&lost=0&retrans=0&sent_bytes=22960&recv_bytes=2438&delivery_rate=96483&cwnd=252&unsent_bytes=0&cid=7f5e4860ac18f6ca&ts=72&x=0"
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
cf-ray: 8e60aa9c795d7131-OSL
access-control-allow-origin: *
x-amz-cf-pop: OSL50-C1
server: cloudflare

GET
H2 200 CxuzWyh0ecY
www.youtube.com/embed/ Frame 2B58 0
0 374ms
235ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/CxuzWyh0ecY

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://191.252.156.111:4435/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 12:26:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fi for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 18Vgp18xK58
www.youtube.com/embed/ Frame 0C26 0
0 369ms
233ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/18Vgp18xK58

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://191.252.156.111:4435/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 12:26:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=fi for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bg-main.png
191.252.156.111/images/ 4 MB
4 MB 259ms
258ms Image
image/png 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://191.252.156.111:4435/images/bg-main.png

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7d8175160f5c7011d74bf0e179b5202bcec80233e7da829cbc9d48baa20723b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/css/style.css

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "05e637a8ed91:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 3796285
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: image/png
last-modified: Mon, 12 Dec 2022 09:02:36 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 298ms
194ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,300italic,700%7CPoppins:400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://191.252.156.111:4435
Referer: https://fonts.googleapis.com/

Response headers

age: 218948
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 23:37:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 23:37:02 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H2 200 fontawesome-webfont.woff2
191.252.156.111/fonts/ 75 KB
75 KB 1444ms
1413ms Font
application/font-woff2 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/css/fonts.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://191.252.156.111:4435
Referer: https://191.252.156.111:4435/css/fonts.css

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "0924e2e6d92d61:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 77160
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: application/font-woff2
last-modified: Thu, 24 Sep 2020 12:21:08 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 295ms
191ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,300italic,700%7CPoppins:400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://191.252.156.111:4435
Referer: https://fonts.googleapis.com/

Response headers

age: 197999
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 05:26:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 05:26:11 GMT
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7816
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 299ms
195ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,300italic,700%7CPoppins:400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://191.252.156.111:4435
Referer: https://fonts.googleapis.com/

Response headers

age: 172865
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 12:25:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 12:25:05 GMT
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 296ms
193ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,300italic,700%7CPoppins:400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://191.252.156.111:4435
Referer: https://fonts.googleapis.com/

Response headers

age: 74712
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 15:40:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 15:40:58 GMT
last-modified: Tue, 02 May 2023 15:08:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23236
x-xss-protection: 0
server: sffe

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 183ms
79ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,300italic,700%7CPoppins:400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://191.252.156.111:4435
Referer: https://fonts.googleapis.com/

Response headers

age: 75716
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 15:24:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 15:24:14 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H2 200 materialdesignicons-webfont.woff2
191.252.156.111/fonts/ 78 KB
78 KB 1420ms
1412ms Font
application/font-woff2 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/fonts/materialdesignicons-webfont.woff2?v=5.0.45

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/css/fonts.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

56ca131e02e335cbc5604cf53451ad97f160b33a46bba0b0b8f41578de9715c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://191.252.156.111:4435
Referer: https://191.252.156.111:4435/css/fonts.css

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "0924e2e6d92d61:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 79756
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: application/font-woff2
last-modified: Thu, 24 Sep 2020 12:21:08 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 273ms
192ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,300italic,700%7CPoppins:400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://191.252.156.111:4435
Referer: https://fonts.googleapis.com/

Response headers

age: 78398
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 14:39:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 14:39:32 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 75 KB
76 KB 59ms
53ms Font
font/woff2 2606:4700:3034::6815:1adf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by: Host: 191.252.156.111
URL: https://191.252.156.111:4435/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://191.252.156.111:4435
Referer: https://191.252.156.111:4435/

Response headers

access-control-max-age: 3000
cf-cache-status: MISS
etag: "4f5ec865a8274ab291b6a42b5f70639e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cdbvyeiy9KZThJ3Iq3xajEej7re7HQUXvk%2BwgbaffrsrIt2CDN542h0rfx7wvRqNlADMy%2FYSFEM80FBl4d9fePipy1aH5phT71meSPQJw8oUqjdDA5b65snZT7wieaOfEgD4LXvkZ4Ak%2Bad%2BRbKWUECmQA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Tbh-gf3wJnRDHsJfehiZHhJ1HTAlU-Ob5xHx5F3b7e4DorQop3lMbw==
date: Thu, 21 Nov 2024 12:26:10 GMT
content-type: font/woff2
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
vary: Accept-Encoding
access-control-allow-headers: fa-kit-token
server-timing: cfL4;desc="?proto=TCP&rtt=42151&sent=30&recv=28&lost=0&retrans=0&sent_bytes=24400&recv_bytes=2567&delivery_rate=494802&cwnd=257&unsent_bytes=0&cid=7f5e4860ac18f6ca&ts=2203&x=0"
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
cf-ray: 8e60aaa9da5c7131-OSL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 76736
x-amz-cf-pop: OSL50-C1
server: cloudflare

GET
H2 200 bg-image-2.jpg
191.252.156.111/images/ 152 KB
153 KB 655ms
654ms Image
image/jpeg 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://191.252.156.111:4435/images/bg-image-2.jpg

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

bf13e2fefed77efd1ed94436df7ce5b24a0bc068bf32a29c3587928eb6a096f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "0ceababbbfad61:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 156132
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:42 GMT
content-type: image/jpeg
last-modified: Thu, 04 Feb 2021 06:05:00 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H3 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 17 KB
17 KB 139ms
116ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,300italic,700%7CPoppins:400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://191.252.156.111:4435
Referer: https://fonts.googleapis.com/

Response headers

age: 128288
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 00:48:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 00:48:03 GMT
last-modified: Tue, 02 May 2023 15:08:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17728
x-xss-protection: 0
server: sffe

GET
H2 200 eduardo.jpeg
191.252.156.111/images/ 41 KB
41 KB 2948ms
2919ms Image
image/jpeg 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://191.252.156.111:4435/images/eduardo.jpeg

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0c12de4d555c4ad97cd0ef3409af2fcdbcd959a12b577a82de2cccb406f1639e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "0f4478e63cbd71:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 41592
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:44 GMT
content-type: image/jpeg
last-modified: Wed, 27 Oct 2021 18:50:48 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H2 200 lee.jpg
191.252.156.111/images/ 51 KB
51 KB 2948ms
2919ms Image
image/jpeg 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://191.252.156.111:4435/images/lee.jpg

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

159b381ac60c01dbbc9a1208783c6564cbe4a3c6cf6bb7c210f5e446f1046443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "0f4478e63cbd71:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 51857
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:44 GMT
content-type: image/jpeg
last-modified: Wed, 27 Oct 2021 18:50:48 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET
H2 200 mauricio.jpg
191.252.156.111/images/ 52 KB
53 KB 3188ms
3159ms Image
image/jpeg 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://191.252.156.111:4435/images/mauricio.jpg

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

940536434151fa9d438221daeb92b6857bc06ce500ac72d8d433e55236570f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "03588796bcad71:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 53759
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:44 GMT
content-type: image/jpeg
last-modified: Tue, 26 Oct 2021 13:14:58 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

GET Home
191.252.156.111/API/ 0
0

GET
H3 200 CxuzWyh0ecY
www.youtube.com/embed/ Frame E87C 0
0 152ms
139ms Document
text/html 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/CxuzWyh0ecY

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/js/pages/home.js?v=20230314

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://191.252.156.111:4435/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 12:26:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 18Vgp18xK58
www.youtube.com/embed/ Frame F504 0
0 174ms
161ms Document
text/html 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/18Vgp18xK58

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/js/pages/home.js?v=20230314

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://191.252.156.111:4435/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 12:26:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect
www.google.com/ccm/ 0
0 316ms
80ms Ping
text/plain 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2F191.252.156.111%3A4435%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=10973679.1732191971&auid=2021047978.1732191971&npa=0&gtm=45He4bk0v832648255za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732191971495&tfd=7834&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGKN4LZ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 401 KB
130 KB 91ms
85ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YVHQTHNQ4Y&l=dataLayer&cx=c&gtm=45He4bk0v832648255za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGKN4LZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0c74daf35c03544905293661cf9a1e06a43a6071dda4ea6956c90cad464fe6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 21 Nov 2024 12:26:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 12:26:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 132686
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 297ms
77ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGKN4LZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

content-encoding: gzip
age: 6286
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 12:41:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 10:41:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 281 KB
97 KB 97ms
91ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-474224517&l=dataLayer&cx=c&gtm=45He4bk0v832648255za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGKN4LZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6bbe9a3cddf977d56086e65b57ccdfb1cb1cba178ffcde2c2f6811db2e0c4590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 21 Nov 2024 12:26:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 12:26:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 21 Nov 2024 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99453
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 280ms
79ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-er8nb3IX' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 12:26:11 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-er8nb3IX' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=56, rtx=0, c=23, mss=1232, tbw=4516, tp=10, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: xAgwZrp6uIC3ltd0j1wl0W8E3NZFnncmFp10PkIJXBcXlFTaVmio61w+48yrclOdr/ePptJajlq9dttWQ5G8Bw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame EC7C 0
0 240ms
75ms Document
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2F191.252.156.111%3A4435

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGKN4LZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 12:26:11 GMT
expires: Fri, 21 Nov 2025 12:26:11 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/474224517/ 5 KB
2 KB 209ms
80ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/474224517/?random=1732191971821&cv=11&fst=1732191971821&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v884874140z8832648255za201zb832648255&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2F191.252.156.111%3A4435%2F&hn=www.googleadservices.com&frm=0&tiba=myProfit&npa=0&pscdl=noapi&auid=2021047978.1732191971&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-474224517&l=dataLayer&cx=c&gtm=45He4bk0v832648255za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

128968a40482fae094730184fa0a776c5d566a85add7de3525ba3aea0f20ec4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2314
date: Thu, 21 Nov 2024 12:26:12 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 474224517
td.doubleclick.net/td/rul/ Frame B88D 0
0 231ms
83ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/474224517?random=1732191971821&cv=11&fst=1732191971821&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v884874140z8832648255za201zb832648255&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2F191.252.156.111%3A4435%2F&hn=www.googleadservices.com&frm=0&tiba=myProfit&npa=0&pscdl=noapi&auid=2021047978.1732191971&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-474224517&l=dataLayer&cx=c&gtm=45He4bk0v832648255za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://191.252.156.111:4435/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 12:26:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

204

https://www.google-analytics.com/g/collect?v=2&tid=G-YVHQTHNQ4Y&gtm=45je4bk0v869197395z8832648255za200zb832648255&_p=1732191968286&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808...
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1320231642.1732191972&dbk=15949996028138698117&dma=0&en=page_view&gtm=45je4bk0v869197395z8832648255za200zb832648255&npa...

0
0

119ms
117ms

Fetch
text/plain

142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1320231642.1732191972&dbk=15949996028138698117&dma=0&en=page_view&gtm=45je4bk0v869197395z8832648255za200zb832648255&npa=0&tid=G-YVHQTHNQ4Y&dl=https%3A%2F%2F191.252.156.111%3F
Requested by: Host: 191.252.156.111
URL: https://191.252.156.111:4435/
Protocol: H3
Server: 142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
attribution-reporting-info: preferred-platform=os
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
attribution-reporting-register-os-trigger: "https://www.google-analytics.com/privacy-sandbox/register-os-conversion?_c=1&cid=1320231642.1732191972&dbk=15949996028138698117&dma=0&en=page_view&gtm=45je4bk0v869197395z8832648255za200zb832648255&npa=0&tid=G-YVHQTHNQ4Y&dl=https%3A%2F%2F191.252.156.111%3F"
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x952a51ce98b92bee","source_keys":["1"]},{"key_piece":"0x3f2c65bb5a9e66ac","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"15949996028138698117","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["474224517"],"5":["11-21","11-20","11-19"]}}
date: Thu, 21 Nov 2024 12:26:12 GMT
content-type: text/plain
server: Golfe2

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1320231642.1732191972&dbk=15949996028138698117&dma=0&en=page_view&gtm=45je4bk0v869197395z8832648255za200zb832648255&npa=0&tid=G-YVHQTHNQ4Y&dl=https%3A%2F%2F191.252.156.111%3F
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 481
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 12:26:12 GMT
content-type: text/html; charset=UTF-8
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
375 B 67ms
67ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1747055966&t=pageview&_s=1&dl=https%3A%2F%2F191.252.156.111%2F&ul=fi-fi&de=UTF-8&dt=myProfit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=352294892&gjid=209051617&cid=1320231642.1732191972&tid=UA-177415448-1&_gid=234628162.1732191972&_r=1&_slc=1&gtm=45He4bk0n81TGKN4LZv832648255za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1296248555

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dad827aa8b5fe5e15a521b0eebffc6155dd7337edb2c609aaae611fd9642be22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://191.252.156.111:4435/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 12:26:12 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://191.252.156.111:4435
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H3 200 790499525045285 Show response
connect.facebook.net/signals/config/ 81 KB
16 KB 263ms
262ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/790499525045285?v=2.9.176&r=stable&domain=191.252.156.111&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

390eaaa699d1ef37114b9502b3ab0b7023affb949f294b9d36294f4529fe1fae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-tBJgVqhl' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 12:26:12 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-tBJgVqhl' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=58, rtx=0, c=77, mss=1232, tbw=70372, tp=66, tpl=0, uplat=163, ullat=0
pragma: public
x-fb-debug: W+7ZSSaeMfgEYF0xV2oaqRxcT1BcdtDhWh3ehu5vuB7IYDIGAVVHiR65LKoxRqLktPqhvW6dHUnlVHcM+6QupQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 379 KB
125 KB 123ms
121ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BLMTDM6H5P&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9e1b711fe4bcd9480c46c0a232a2c16435d58248a54cdebd4cf3028a2493342a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 21 Nov 2024 12:26:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 12:26:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 127458
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 /
www.google.com/pagead/1p-user-list/474224517/ 42 B
64 B 121ms
119ms Image
image/gif 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/474224517/?random=1732191971821&cv=11&fst=1732190400000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v884874140z8832648255za201zb832648255&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2F191.252.156.111%3A4435%2F&hn=www.googleadservices.com&frm=0&tiba=myProfit&npa=0&pscdl=noapi&auid=2021047978.1732191971&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dL-FeyrBW-drmGEedrWPVLrBp56BvbQ&random=1188313618&rmt_tld=0&ipr=y

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 21 Nov 2024 12:26:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.fi/pagead/1p-user-list/474224517/ 42 B
455 B 319ms
33ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/pagead/1p-user-list/474224517/?random=1732191971821&cv=11&fst=1732190400000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v884874140z8832648255za201zb832648255&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2F191.252.156.111%3A4435%2F&hn=www.googleadservices.com&frm=0&tiba=myProfit&npa=0&pscdl=noapi&auid=2021047978.1732191971&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dL-FeyrBW-drmGEedrWPVLrBp56BvbQ&random=1188313618&rmt_tld=1&ipr=y

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 21 Nov 2024 12:26:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 148ms
67ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790499525045285&ev=PageView&dl=https%3A%2F%2F191.252.156.111%3A4435&rl=&if=false&ts=1732191972756&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.3.1732191972741.420649298981136773&cs_est=true&pm=1&hrl=28f9b6&ler=empty&cdl=API_unavailable&it=1732191972225&coo=false&cs_cc=1&cas=7523104584437364%2C5617299924955327%2C4819691214783405%2C4150129111686855&rqm=GET

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=23, mss=1232, tbw=4506, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 21 Nov 2024 12:26:12 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
198 B 309ms
230ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=790499525045285&ev=PageView&dl=https%3A%2F%2F191.252.156.111%3A4435&rl=&if=false&ts=1732191972756&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12316&fbp=fb.3.1732191972741.420649298981136773&cs_est=true&pm=1&hrl=28f9b6&ler=empty&cdl=API_unavailable&it=1732191972225&coo=false&cs_cc=1&cas=7523104584437364%2C5617299924955327%2C4819691214783405%2C4150129111686855&rqm=FGET

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439707871243841574"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 12:26:12 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: yFPleG30hQwrqR8Hoa5ZR17Zn+27WU+wwI87F9F0sk031qD0c8NWWy9QJ32rOKnIM1dBxQGuNI2uq5Hyd53FiQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439707871243841574", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=61, rtx=0, c=23, mss=1232, tbw=4874, tp=13, tpl=0, uplat=173, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' 'report-sample' 'nonce-Xa7mmMDf' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 186ms
40ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BLMTDM6H5P&gtm=45je4bk0v9135212688za200&_p=1732191968286&_gaz=1&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=fi-fi&sr=1600x1200&cid=1320231642.1732191972&_ng=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2F191.252.156.111%2F&dt=myProfit&sid=1732191972&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=9250
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BLMTDM6H5P&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://191.252.156.111:4435
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 12:26:13 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
548 B 292ms
48ms Ping
text/plain 2a00:1450:400c:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-BLMTDM6H5P&cid=1320231642.1732191972&gtm=45je4bk0v9135212688za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BLMTDM6H5P&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://191.252.156.111:4435
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 12:26:13 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 1902 0
0 83ms
82ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-BLMTDM6H5P&gacid=1320231642.1732191972&gtm=45je4bk0v9135212688za200&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=572137657

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BLMTDM6H5P&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://191.252.156.111:4435/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Nov 2024 12:26:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
107 B 100ms
99ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-BLMTDM6H5P&cid=1320231642.1732191972&gtm=45je4bk0v9135212688za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=744554423

Requested by

Host: 191.252.156.111
URL: https://191.252.156.111:4435/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 21 Nov 2024 12:26:13 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 vendor-list.json Show response
disclaimer-api.goadopt.io/api/iab/ 643 KB
79 KB 595ms
523ms XHR
application/json 172.67.70.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://disclaimer-api.goadopt.io/api/iab/vendor-list.json
Requested by: Host: 191.252.156.111
URL: https://191.252.156.111:4435/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.70.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 827c3f6cb653b89d728ab8ace0f5bb65a11a34d8baaa3e4ae5937a6c169eddb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

access-control-max-age: 5
content-encoding: gzip
cf-cache-status: MISS
etag: W/"a0a80-IjQoGg5oNhrNaR4ie8oEYZa9hZE"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NzG9SJgDlfuUa93PG2gbwADdcYk4AFnmUfvrKFhCwYIIJ40dFWfXNR3Te3%2BbCzaHawijYIkLYj0rlEOCWbZ3g9cBRVX0Whc9GJ5diTPccf83YWPIwSSaYTZ96FCgRj5YOeIul4X2P0j8wtE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47166&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4270&recv_bytes=4432&delivery_rate=387&cwnd=12000&unsent_bytes=0&cid=6c3f2f98ae6e81ea&ts=531&x=1", cfHdrFlush;dur=0
date: Thu, 21 Nov 2024 12:26:14 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent,X-XSRF-TOKEN,adopt-lang,traceparent,tracestate,request-id
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:
cf-ray: 8e60aac0be43c3e7-WAW
access-control-allow-origin: https://191.252.156.111:4435
x-powered-by: Express
server: cloudflare

GET
H2 200 favicon.ico
191.252.156.111/images/ 32 KB
32 KB 245ms
244ms Other
image/x-icon 191.252.156.111
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://191.252.156.111:4435/images/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

191.252.156.111 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

vpsw2340.publiccloud.com.br

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a9022e35bba3ee4a367953ff12052bb682a89ef96b0d903b63934db54294077b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://191.252.156.111:4435/

Response headers

strict-transport-security: max-age=31536000;includeSubDomains; preload
x-powered-by: ASP.NET
etag: "0fbdcacbbfad61:0"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 32988
x-xss-protection: 1; mode=block
date: Thu, 21 Nov 2024 12:25:47 GMT
content-type: image/x-icon
last-modified: Thu, 04 Feb 2021 06:05:02 GMT
server: Microsoft-IIS/10.0
x-frame-options: DENY

POST
H3 200 get-consent Show response
disclaimer-api.goadopt.io/api/tag/ 200 B
1 KB 339ms
284ms XHR
application/json 172.67.70.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://disclaimer-api.goadopt.io/api/tag/get-consent
Requested by: Host: 191.252.156.111
URL: https://191.252.156.111:4435/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.70.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d0d8f8183abeed1053a16b546f11ee9625485d1983b53dd99b6c7f5738d68de7

Request headers

Referer: https://191.252.156.111:4435/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8

Response headers

access-control-max-age: 5
content-encoding: br
cf-cache-status: DYNAMIC
etag: W/"c8-LJUiKoqO7+06SCpQASZpWzLns4I"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=diUZesr27iEgax7IQlBG7KIVIhux0s2OPhEcccVFiYh0sIl%2BFo5dWmAjHoH2rfnC%2BS%2BzhGC83OJ6on9AR3p1v7ybJkrXnMKzn1bEN5l9dFA2kdnZbHwL5s%2BjYujzp4KUJDJLzTsYQzdkX9g%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48390&sent=12&recv=10&lost=0&retrans=0&sent_bytes=2701&recv_bytes=4585&delivery_rate=383&cwnd=12000&unsent_bytes=0&cid=fbe5403c7e42b812&ts=289&x=1", cfHdrFlush;dur=0
date: Thu, 21 Nov 2024 12:26:15 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-headers: Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent,X-XSRF-TOKEN,adopt-lang,traceparent,tracestate,request-id
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
request-context: appId=cid-v1:
cf-ray: 8e60aac82aadee4d-WAW
access-control-allow-origin: https://191.252.156.111:4435
x-powered-by: Express
server: cloudflare

OPTIONS
H3 200 get-consent
disclaimer-api.goadopt.io/api/tag/ Frame 0
0 275ms
275ms Preflight 172.67.70.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://disclaimer-api.goadopt.io/api/tag/get-consent
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.70.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://191.252.156.111:4435
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Charset,Accept-Encoding,Authorization,Content-Type,Cookie,Set-Cookie,User-Agent,X-XSRF-TOKEN,adopt-lang,traceparent,tracestate,request-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://191.252.156.111:4435
access-control-max-age: 5
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e60aac61d91c3e7-WAW
content-length: 0
date: Thu, 21 Nov 2024 12:26:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w3I2ZDWP04kE4DZdnnR5rRiHrpJeXJt%2FpI2Go4ZfkouC%2BMih6nmQJp1sZ5gEuf7aXqMLr5NrrUQTtqKn7RPUSH%2BEzrWnKYJZfu7TXT4rZ4KrwgwST4i8nIFfDC3l9McZyeB36D2yZFjktTU%3D"}],"group":"cf-nel","max_age":604800}
request-context: appId=cid-v1:
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=47661&sent=82&recv=47&lost=0&retrans=0&sent_bytes=87253&recv_bytes=6333&delivery_rate=535467&cwnd=48000&unsent_bytes=0&cid=6c3f2f98ae6e81ea&ts=1148&x=1" cfHdrFlush;dur=0
vary: Origin
x-powered-by: Express

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 191.252.156.111
URL: https://191.252.156.111:4435/API/Home

Verdicts & Comments Add Verdict or Comment

240 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: kB9PGFpaFo0
.youtube.com/	1970-01-21 05:29:03	Name: VISITOR_INFO1_LIVE Value: qbUfsHZQuKA
.youtube.com/	1970-01-21 05:29:03	Name: VISITOR_PRIVACY_METADATA Value: CgJJUhIEGgAgYw%3D%3D
191.252.156.111/	1970-01-21 03:19:27	Name: _gcl_au Value: 1.1.2021047978.1732191971
191.252.156.111/	1970-01-21 10:45:51	Name: _ga_YVHQTHNQ4Y Value: GS1.1.1732191972.1.0.1732191972.0.0.0
191.252.156.111/	1970-01-21 10:45:51	Name: _ga Value: GA1.1.1320231642.1732191972
191.252.156.111/	1970-01-21 01:11:18	Name: _gid Value: GA1.1.234628162.1732191972
191.252.156.111/	1970-01-21 01:09:52	Name: _gat_UA-177415448-1 Value: 1
.www.google-analytics.com/	1970-01-21 03:19:27	Name: ar_debug Value: 1
191.252.156.111/	1970-01-21 03:19:27	Name: _fbp Value: fb.3.1732191972741.420649298981136773
191.252.156.111/	1970-01-21 10:45:51	Name: _ga_BLMTDM6H5P Value: GS1.1.1732191972.1.0.1732191972.60.0.0
.doubleclick.net/	1970-01-21 10:45:51	Name: IDE Value: AHWqTUkysoEXvSzxJhm5y58rtsRLqBX_g78mz4zNfocYYL4sCnZ2QroaLoIhjKoQ
191.252.156.111/	1970-01-21 02:36:15	Name: AdoptConsent Value: N4Ig7gpgRgzglgFwgSQCIgFwgOwAZt64AsRAtAGzkBMVpRUUAJqQIaMQDMpHAxgKw8AjAE4WAMzGDGfEABoQANzjwEAewBOyRphBjcuRuSg8yYqnzF0AHNgikrUYqT58iPDuRYRGucjPmqAA4IyAB2ACosAOYwmADaALoBwQDyAK4IkTHxSSA8qqEwEKEh2lgAEgByABp8MGlyIBAKxZkAnoEQOmAOcOUAXhCVjfmFrQBqEOrwBZi48mmBjCxIjACCCDpUuFRkgoKkVILhglQYVOQYgnwAdMLYggBaIAC+QA
191.252.156.111/	1970-01-21 02:36:15	Name: AdoptVisitorId Value: GYBhBMDYCMGMBYC0wBMBWYj4A4DsBTRbaEJNNeWAZkgEN9wRI0g=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

191.252.156.111
cdn.addevent.com
connect.facebook.net
disclaimer-api.goadopt.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ka-f.fontawesome.com
kit.fontawesome.com
region1.analytics.google.com
stats.g.doubleclick.net
tag.goadopt.io
td.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fi
www.googletagmanager.com
www.youtube.com
191.252.156.111
142.250.184.227
142.250.185.104
142.250.185.228
142.250.186.110
142.250.186.98
157.240.253.1
157.240.253.35
172.217.18.110
172.67.70.191
18.244.18.75
191.252.156.111
2001:4860:4802:34::36
2606:4700:3034::6815:1adf
2606:4700:4400::6812:2844
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c1d::9b
008c9f15d89a376122fc01af01a27681dc757017be6175fe09322aa5905ffaac
0b1e4a0bc4f02e261768b0d69feedccbe8a4d1705dee92569b3446825668aa22
0c12de4d555c4ad97cd0ef3409af2fcdbcd959a12b577a82de2cccb406f1639e
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
128968a40482fae094730184fa0a776c5d566a85add7de3525ba3aea0f20ec4b
159b381ac60c01dbbc9a1208783c6564cbe4a3c6cf6bb7c210f5e446f1046443
1a4955b1415f9513d341f8779f528a47faf68c95c75873594e81047edbdf98f5
22d12fea88a54308c894e32a95b9276f292d2360fd89e95a446454fa6bb22352
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
32c789aae2719019f62909b01fd6f1a87672c0841f3556ced6245b2215fdea49
3795f6ef7d8125fd55f239062b99386307ca6659fc4257bb80445c02a90257af
390eaaa699d1ef37114b9502b3ab0b7023affb949f294b9d36294f4529fe1fae
3cbb5b1d5c27f4fb79e3aa5fb947c27bcc44418e6dd6a9a9280245ca2ef6c727
49fc051603ce6ca3f6ed919138d56d55bd21a2021287d9a2b499047ee475372a
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5558d13fe6fce455ba6de887c995ef75c0b0d7ccd2b3be9b689873c1aad1075c
56ca131e02e335cbc5604cf53451ad97f160b33a46bba0b0b8f41578de9715c1
57444381b95c95c9120ca4db23fcec7a6c8b5b219c8b72923f5eb6c09ffc911d
61cb59336bda774805f76cc6db308ccabfb29d988f0e130f1313afbc67759eeb
6bbe9a3cddf977d56086e65b57ccdfb1cb1cba178ffcde2c2f6811db2e0c4590
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
797c3d6758b73564a52689d466480219a73cbfe11df2918a3c4bb7ce5b82a1b3
7d8175160f5c7011d74bf0e179b5202bcec80233e7da829cbc9d48baa20723b9
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
81f2fe899f2fd8289fb54f6f4a683547243054ee7eab0f5b803a9f756ed1752a
827c3f6cb653b89d728ab8ace0f5bb65a11a34d8baaa3e4ae5937a6c169eddb1
897c4df32b7e67c6c5709dc7b235f5f3e64d6f9c7e95e0b847e969c6f4192c1b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
934fef79d58789ebede9058f0c51189b620518a8924ccb3159734d825a45c283
940536434151fa9d438221daeb92b6857bc06ce500ac72d8d433e55236570f45
9e1b711fe4bcd9480c46c0a232a2c16435d58248a54cdebd4cf3028a2493342a
a0c74daf35c03544905293661cf9a1e06a43a6071dda4ea6956c90cad464fe6c
a66849bf592a22efdaf5919d5682f60c887228ae0484b6f25e63fdab18187613
a8f8b0ad8ce93c1169b38f33b43a1027c5511540962e8530e27dab536fff5247
a9022e35bba3ee4a367953ff12052bb682a89ef96b0d903b63934db54294077b
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aff449f7c5a8475b5d6cbef1f55fbacf576d88ccabb084c3bfd8a4d176595b95
b1338429285ec880feb7374752fa5bf370be5b77cea1e2930c67824ca58088cd
b3f6bff0e601f0e121167ad1b349f8dbd16d2ec3a88cce4f70ac10d3b485ed74
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
bd37e68658c4caf0b1f6319552270dbaaa326e76d6e93168be61e44ab99ec5ea
bf13e2fefed77efd1ed94436df7ce5b24a0bc068bf32a29c3587928eb6a096f0
c065dd3ee5764b10016223c3452b7963b4bb2c6548a5fd8be54bd21356375ab2
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c56515cae3f87f06aad6097cf51eed4718c0c226c4c35c0e99cdf374ac860431
c8cadd0d8ec0be16beb3a44b0a083fde92caafe0dbe622a3f3d653cb6db80847
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d09e2a38ae526a1ea49b747ac45cc5eab3f1c2b5dfa3d30066a9b978620f97d8
d0d8f8183abeed1053a16b546f11ee9625485d1983b53dd99b6c7f5738d68de7
d559d628e51869ae826255859390fe7338d4feaf9eff96fb315e3466090e8f3a
dad827aa8b5fe5e15a521b0eebffc6155dd7337edb2c609aaae611fd9642be22
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee35cc797cd0cf7ce669d5bb7594badc7fa65c4bae38752236ec4b034422881f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09824992a7b90d71f65b900fe55c46594000cd34e73c825c3407643955524eb
f0caa0c5609b3a9428f532b08c2d4ef6eacbcd91cfab4a4398b94cb8c4776813
f3d4549f657c699519f9494551b9ea377eed633a4f6ebee7d79317b05d066308
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

191.252.156.111 Open in urlscan Pro 191.252.156.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

59 %HTTPS

45 %IPv6

14 Domains

19 Subdomains

21 IPs

4 Countries

6223 kBTransfer

10654 kBSize

14 Cookies

22 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

191.252.156.111 Open in urlscan Pro
191.252.156.111 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

59 %
HTTPS

45 %
IPv6

14
Domains

19
Subdomains

21
IPs

4
Countries

6223 kB
Transfer

10654 kB
Size

14
Cookies

80 HTTP transactions
0 data transactions