urlscan.io logo urlscan.io
SecurityTrails logo

52.4.165.249 Open in urlscan Pro
52.4.165.249  Public Scan

Go To Rescan Add Verdict Report
URL: https://52.4.165.249/
Submission: On March 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 6 countries across 15 domains to perform 83 HTTP transactions. The main IP is 52.4.165.249, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is 52.4.165.249.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 23rd 2023. Valid for: 5 months.
This is the only time 52.4.165.249 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.4.165.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-165-249.compute-1.amazonaws.com
52.4.165.249
28    54.243.164.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-164-7.compute-1.amazonaws.com
banqi.com.br
1    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
8    2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.95.165.96 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1.amazonaws.com
s3-sa-east-1.amazonaws.com
3    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
8    2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
3    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
banqi.zendesk.com
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
28 banqi.com.br
banqi.com.br
619 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
565 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
29 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
79 KB
8 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 1803
ekr.zdassets.com — Cisco Umbrella Rank: 2092
374 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
91 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6149
670 B
3 zendesk.com
banqi.zendesk.com
2 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 357
12 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
185 B
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
498 B
1 amazonaws.com
s3-sa-east-1.amazonaws.com
516 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
854 B
83 15
Domain Requested by
28 banqi.com.br 52.4.165.249
banqi.com.br
8 www.google.com 52.4.165.249
www.google.com
www.gstatic.com
8 www.googletagmanager.com 52.4.165.249
7 static.zdassets.com 52.4.165.249
static.zdassets.com
6 www.gstatic.com www.google.com
www.gstatic.com
3 connect.facebook.net 52.4.165.249
connect.facebook.net
3 www.google.de 52.4.165.249
3 banqi.zendesk.com static.zdassets.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
52.4.165.249
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
www.google.com
2 googleads.g.doubleclick.net www.googletagmanager.com
1 www.facebook.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ekr.zdassets.com static.zdassets.com
1 www.youtube.com 1 redirects
1 s3-sa-east-1.amazonaws.com 52.4.165.249
1 fonts.googleapis.com 52.4.165.249
83 18
Subject Issuer Validity Valid
banqi.com.br
Amazon RSA 2048 M01		 2023-02-23 -
2023-08-05		 5 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
zdassets.com
Cloudflare Inc ECC CA-3		 2022-11-10 -
2023-11-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.s3-sa-east-1.amazonaws.com
Amazon		 2022-09-21 -
2023-09-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
banqi.zendesk.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-13		 2 months crt.sh

This page contains 5 frames:

Primary Page: https://52.4.165.249/
Frame ID: B6ABCA92BAB155563F4E74F60F02EDFE
Requests: 62 HTTP requests in this frame

Frame: https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/1tzlD8JG9v4%3Frel%3D0&q=EhAqAxsgAAbwEQAAAAAAAAteGLONlaAGIjAKjBd8G_SmVOhPEFm9-IzoDnrzC1VIK4MqwgFa8kLjtiPP7C0XRLuHU0hxiS79tQ8yAXI
Frame ID: 9A5E6CF85A650D96157AE3E7E31F7DFD
Requests: 3 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-framework-6329b98acad6fbd36322.js
Frame ID: 9D0C64B4917892AFDB6B777A26FFF9AC
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&s=Z4vvDRKQaHFl19XsXs3eMQ9rcNuVkMUuJO5894vqSOmFIXj1E0MJ3IijmicCpV_g52m_MAje6qvyKS2bfXAQK48hlroK_xyE7iZnq3eQVPVjJoUf5vuWgkY5yqesnlStd2X6GBCQUkcG73gWNxiHb7NJEgz9MdgxutCmMusTOdHuBxzY_nSIFr1pRcPPlZWqxQI3JsM7QAmYm_uU4x-ZoliXxDazakJNZygZI2OUxHTNvYl6pL5HfimEculzUYEpwOVwHn2kRR_7QOgTXtdoIO5-jlqmspM&cb=qxb5mw1fnqpa
Frame ID: D337945268208E3EED07C09DCE27F5ED
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Frame ID: 0733F0D693ADBF6C911923F43CBD3C96
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

A conta digital gratuita dos brasileiros | banQi

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

83
Requests

99 %
HTTPS

68 %
IPv6

15
Domains

18
Subdomains

19
IPs

6
Countries

1834 kB
Transfer

4139 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://www.youtube.com/embed/1tzlD8JG9v4?rel=0 HTTP 302
  • https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/1tzlD8JG9v4%3Frel%3D0&q=EhAqAxsgAAbwEQAAAAAAAAteGLONlaAGIjAKjBd8G_SmVOhPEFm9-IzoDnrzC1VIK4MqwgFa8kLjtiPP7C0XRLuHU0hxiS79tQ8yAXI

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
52.4.165.249/ 		37 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.165.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-165-249.compute-1.amazonaws.com
Software
/
Resource Hash
e3b381117337846aff2d0b7583119afb81cf169efc2395d563dd4ac0cd8280de

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
de-DE,de;q=0.9

Response headers

content-length
38079
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 01:49:38 GMT
host
52.4.165.249
index.css
banqi.com.br/assets/build/css/ 		44 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://banqi.com.br/assets/build/css/index.css?id=9d371270068503ee8efed7749fe90d93
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
690d3186c7630fbbc45b8d64200d5803491d1f8f1a1ea91c0df293731fc915ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:38 GMT
host
banqi.com.br
content-length
45237
content-type
text/css; charset=UTF-8
css
fonts.googleapis.com/ 		4 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700&subset=latin-ext&display=swap
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a64134b8fd1cc209c18777a88920a3b783e6ece981112f9ec94df591364507bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 01:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 06 Mar 2023 01:49:38 GMT
logo-internas.svg
banqi.com.br/assets/img/ui/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/ui/logo-internas.svg
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
452d73916962926a0ee3e2ebd908768a76fceed5aee9e0663f9f2ef948b707a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
5690
content-type
image/svg+xml
apis.png
banqi.com.br/assets/img/cashback/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/cashback/apis.png
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
d45e2f6d631463659f3f617776da90fbad68aa91d94b666b74cc681ce9cc8911

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
2001
content-type
image/png
site.js
banqi.com.br/assets/build/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banqi.com.br/assets/build/js/site.js?id=bd43cda0c23f395e0f9eb5baafd8349a
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
262293e17a13a3fe741f0ed07c724a4607566a3241c54ed107da1bf58ae4964f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
7070
content-type
application/javascript
header.js
banqi.com.br/assets/build/js/components/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banqi.com.br/assets/build/js/components/header.js?id=a0414d642da3c55724a14c64f99bbdad
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
17435c891df050859692c7066181988a6ce4f6e8b4419177ecbc40311add072d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
1076
content-type
application/javascript
subnav.js
banqi.com.br/assets/build/js/components/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banqi.com.br/assets/build/js/components/subnav.js?id=e26aa1480a54b072951d7d5c59e44601
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
f0d9b40fb1b0bf5b784e461570f3ccf71d08d6ffb5f9f8aea8acef96da95dad1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
1448
content-type
application/javascript
snippet.js
static.zdassets.com/ekr/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=ad9e05f5-dd8c-4f4f-96b2-17e38f316df5
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
x-amz-version-id
TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
XNBMQM4BVJWRJKRJ
age
38
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
tyIbrU5hrd4ZfUGmBQAaIFh+Ke6aiG/useaPeD23y3+Ad0YBs3GrZEEyR0k31gEan+FCNqEtC5g=
last-modified
Thu, 28 Jul 2022 23:44:02 GMT
server
cloudflare
etag
W/"5cae6ce528dce0c327b2bcbaad459fdb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LOzTavQz9Sj3SUA9LSAF3s6aTbKcBFPWweFeHS%2BKpSCjOnR%2FCtg%2FyVpx5uJNeKSsReHSQizNZSlbY3mDVXjO6CWb9KuFV%2BHAn7xJItaqkLIQ%2Beqa0w%2BLbzQ6aXEvqJ1ZqbedB4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600, s-maxage=60
cf-ray
7a36f17fedcb2bd2-FRA
zendesk.js
banqi.com.br/assets/build/js/components/ 		177 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banqi.com.br/assets/build/js/components/zendesk.js?id=8072fbe535b953e02b1929cbfe653ef8
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
43d6630abfd36743995865e2a46f9d7692ebaca19235f4120eebfc11c9e2c6a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
177
content-type
application/javascript
pagamentos.js
banqi.com.br/assets/build/js/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banqi.com.br/assets/build/js/pagamentos.js?id=8e3d454c939f9695b09bb487ea3585ee
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
7dfb988a715fb45cb93e88466a182b9f3a10a0edbc1612e24edb815aead0dc65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:38 GMT
host
banqi.com.br
content-length
24080
content-type
application/javascript
footer.js
banqi.com.br/assets/build/js/components/ 		747 B
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banqi.com.br/assets/build/js/components/footer.js?id=49ff19d7b8c432a8d3f51ad41948410d
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
682188bb339da52ed0ceffff499289edd3302de148a64c69c68875a24a66a8ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
747
content-type
application/javascript
cookie-consent.js
banqi.com.br/assets/build/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banqi.com.br/assets/build/js/cookie-consent.js?id=0b8b0299bab542cfcc982004df9abb8f
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
598ed08ebb35d0d4bb55200376b560418007c0cab3469b670baed1b4fc9dfa82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
2796
content-type
application/javascript
gtm.js
www.googletagmanager.com/ 		221 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NZXBFBT
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a5b264c236de76490c5108c2dcb6292644f9adfcee5e9833934af7f6f2d066c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80033
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Mar 2023 01:49:39 GMT
bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ 		0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=fb5c5efde44908fb7d6cb44687e6f482&x-r=&x-s=https://52.4.165.249/
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.165.96 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 06 Mar 2023 01:49:40 GMT
Last-Modified
Thu, 04 May 2017 08:21:21 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id
TRGKQD4DA3RKN1E9
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
0
x-amz-id-2
aCRvK9wDY7T188poOurA9NHddB3XFVDToQDa+tvo7qbdzvOMexpoDCqjZVl/l/7Dcgw6LJenGPc=
seta-menu.svg
banqi.com.br/assets/img/uploads/ 		208 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/seta-menu.svg
Requested by
Host: banqi.com.br
URL: https://banqi.com.br/assets/build/css/index.css?id=9d371270068503ee8efed7749fe90d93
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
17862fcb7ee0957a88e9ceab29f85c136093dca1e16042410f5263207c468ba0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banqi.com.br/assets/build/css/index.css?id=9d371270068503ee8efed7749fe90d93
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
208
content-type
image/svg+xml
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://52.4.165.249
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 02 Mar 2023 14:05:36 GMT
x-content-type-options
nosniff
age
301443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:07:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 14:05:36 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700&subset=latin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://52.4.165.249
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 02 Mar 2023 22:26:20 GMT
x-content-type-options
nosniff
age
271399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:10:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 22:26:20 GMT
abravanel.webp
banqi.com.br/assets/img/uploads/webp/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/webp/abravanel.webp
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
d509bb03c28e0ae4553a353289e78eff93e61145a6879306aad9ab704da64763

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
26402
content-type
image/webp
bg-hero-hero.svg
banqi.com.br/assets/img/uploads/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/bg-hero-hero.svg
Requested by
Host: banqi.com.br
URL: https://banqi.com.br/assets/build/css/index.css?id=9d371270068503ee8efed7749fe90d93
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
db56ce65c0d350212a6d5f453fc73d8d9cc0ff729cd439ab54e7a0443a0ec868

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banqi.com.br/assets/build/css/index.css?id=9d371270068503ee8efed7749fe90d93
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
5348
content-type
image/svg+xml
icon-btn-home-amarelo.svg
banqi.com.br/assets/img/uploads/ 		224 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/icon-btn-home-amarelo.svg
Requested by
Host: banqi.com.br
URL: https://banqi.com.br/assets/build/css/index.css?id=9d371270068503ee8efed7749fe90d93
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
9c7704989b0926f4aa3e2de6a3dfaa9fcd3ae32aa60cb5b69ced2251508c192d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banqi.com.br/assets/build/css/index.css?id=9d371270068503ee8efed7749fe90d93
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
224
content-type
image/svg+xml
bg-banqi-casas.svg
banqi.com.br/assets/img/uploads/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/bg-banqi-casas.svg
Requested by
Host: banqi.com.br
URL: https://banqi.com.br/assets/build/css/index.css?id=9d371270068503ee8efed7749fe90d93
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
e60876425a9c871f63c7337c437b8f58da5430e27250b37c12c772482a1b2226

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banqi.com.br/assets/build/css/index.css?id=9d371270068503ee8efed7749fe90d93
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
70141
content-type
image/svg+xml
icon-btn-home.svg
banqi.com.br/assets/img/uploads/ 		233 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/icon-btn-home.svg
Requested by
Host: banqi.com.br
URL: https://banqi.com.br/assets/build/css/index.css?id=9d371270068503ee8efed7749fe90d93
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
343db0149fa4f91aabba681822dcdd396175b47fc04dfac35f4b855a733b49d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banqi.com.br/assets/build/css/index.css?id=9d371270068503ee8efed7749fe90d93
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
233
content-type
image/svg+xml
seta-no-banqi.svg
banqi.com.br/assets/img/uploads/ 		210 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/seta-no-banqi.svg
Requested by
Host: banqi.com.br
URL: https://banqi.com.br/assets/build/css/index.css?id=9d371270068503ee8efed7749fe90d93
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
eae21891b8f615becf47233987da126d7f76a380c6d67fa83837d17da0c66422

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banqi.com.br/assets/build/css/index.css?id=9d371270068503ee8efed7749fe90d93
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
210
content-type
image/svg+xml
bg-depoimentos.svg
banqi.com.br/assets/img/uploads/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/bg-depoimentos.svg
Requested by
Host: banqi.com.br
URL: https://banqi.com.br/assets/build/css/index.css?id=9d371270068503ee8efed7749fe90d93
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
4d29590fde9766dd0c2f2fa7feecd160943e76af3ec485b9f8ce118440bcb935

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://banqi.com.br/assets/build/css/index.css?id=9d371270068503ee8efed7749fe90d93
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
4769
content-type
image/svg+xml
index
www.google.com/sorry/ Frame 9A5E
Redirect Chain
  • https://www.youtube.com/embed/1tzlD8JG9v4?rel=0
  • https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/1tzlD8JG9v4%3Frel%3D0&q=EhAqAxsgAAbwEQAAAAAAAAteGLONlaAGIjAKjBd8G_SmVOhPEFm9-IzoDnrzC1VIK4MqwgFa8kLjtiPP7C0XRLuHU0hxiS79tQ8...
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/1tzlD8JG9v4%3Frel%3D0&q=EhAqAxsgAAbwEQAAAAAAAAteGLONlaAGIjAKjBd8G_SmVOhPEFm9-IzoDnrzC1VIK4MqwgFa8kLjtiPP7C0XRLuHU0hxiS79tQ8yAXI
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
326f6ecef0f365c4c890c331619710091331e869095edda497acc9373fa1ed5f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://52.4.165.249/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-length
3361
content-type
text/html
date
Mon, 06 Mar 2023 01:49:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-length
402
content-type
text/html; charset=UTF-8
date
Mon, 06 Mar 2023 01:49:39 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/1tzlD8JG9v4%3Frel%3D0&q=EhAqAxsgAAbwEQAAAAAAAAteGLONlaAGIjAKjBd8G_SmVOhPEFm9-IzoDnrzC1VIK4MqwgFa8kLjtiPP7C0XRLuHU0hxiS79tQ8yAXI
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
emprestimo-index.webp
banqi.com.br/assets/img/uploads/webp/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/webp/emprestimo-index.webp
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
0c4b2ae6a7d0f844994809f576df98001874b2cf206137817628e6a97aeec99c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
18372
content-type
image/webp
home-cb.webp
banqi.com.br/assets/img/uploads/webp/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/webp/home-cb.webp
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
3a14bc62839482d364050d53fd348de40ec2b49a766d4c1f7a82c36de370d325

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
106422
content-type
image/webp
app-e-cartao-banqi-2.webp
banqi.com.br/assets/img/uploads/webp/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/webp/app-e-cartao-banqi-2.webp
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
be091d67a0dd204147f7fec45e36aaf690608f9a756c086673f1db0520f2d8af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
87740
content-type
image/webp
pagamento-pelo-app-h.svg
banqi.com.br/assets/img/uploads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/pagamento-pelo-app-h.svg
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
c41787d960484844fa924145801a1f318a802ae97c32aeb20071f434f0e4eb77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
1841
content-type
image/svg+xml
transferencias-h.svg
banqi.com.br/assets/img/uploads/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/transferencias-h.svg
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
f14be8f6d546c38448258d3f76ea7fb839de33758b5dcc0b6d28c37333710914

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
2571
content-type
image/svg+xml
sacar-h.svg
banqi.com.br/assets/img/uploads/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/sacar-h.svg
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
92c21edd566cb3bf8dbebd39e68c2e900e1169b78f0099b0427b92854f7881ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
5000
content-type
image/svg+xml
compras-recargas-shopping-banqi-icone-branco.svg
banqi.com.br/assets/img/uploads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/compras-recargas-shopping-banqi-icone-branco.svg
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
777315ccb4be476c8869c95eaed87db7a494dad292cf5a2346526501eef98917

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
1670
content-type
image/svg+xml
no-banqi.webp
banqi.com.br/assets/img/uploads/webp/ 		195 KB
195 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/webp/no-banqi.webp
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
350776212ee83d4b770d7ff2a6aac0b64963d41d19f85649eb0624c30c75a60f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
199744
content-type
image/webp
frame.svg
banqi.com.br/assets/img/uploads/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/frame.svg
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
7fe044093bbdb0b451cc285122d017b39dfe950ceaea547ec7ba051a6f7aba02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
8190
content-type
image/svg+xml
card.svg
banqi.com.br/assets/img/uploads/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banqi.com.br/assets/img/uploads/card.svg
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.164.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-164-7.compute-1.amazonaws.com
Software
/
Resource Hash
7db06c0854ef6036b750a55b53f126ce7ff3f670ec0db0dd1b2c2c830077e023

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
host
banqi.com.br
content-length
1579
content-type
image/svg+xml
ad9e05f5-dd8c-4f4f-96b2-17e38f316df5
ekr.zdassets.com/compose/ 		339 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/ad9e05f5-dd8c-4f4f-96b2-17e38f316df5
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ad9e05f5-dd8c-4f4f-96b2-17e38f316df5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbd2a1b8102dac9a5796d3f616a03117c4bd03498577f8a441c02592caeb6c8f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
status
200 OK
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
7a36f1803f98381c-SEA, 7a36f1803f98381c-SEA
x-runtime
0.003194
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"cbd2a1b8102dac9a5796d3f616a03117"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vb%2B6iqmd0FSGO%2F2FfWWU8ibGO54WAkJocEMBJfcaLy2MjoJ0Jwx4DD61iFlzD3PzaLdrRS2Qlbz3T6rpCYnMTroKrpwGlhED10wDyWAyoDeIr%2FnjBDvBqzhjM4tclzi1pTk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=600, public, stale-while-revalidate=600, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
7a36f1803f98381c-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZXBFBT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 01:19:39 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1800
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 06 Mar 2023 03:19:39 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/736117095/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/736117095/?random=1678067379425&cv=11&fst=1678067379425&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2F52.4.165.249%2F&tiba=A%20conta%20digital%20gratuita%20dos%20brasileiros%20%7C%20banQi&auid=986211872.1678067379&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZXBFBT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44d65e24d1d7842cf9d36059d916a6c41522e64d44e1247d98f3c46b6867dbd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 01:49:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1201
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZXBFBT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 06 Mar 2023 01:49:39 GMT
last-modified
Thu, 16 Feb 2023 18:31:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 597C8801E43441C1A0491A558B278A9F Ref B: FRAEDGE1218 Ref C: 2023-03-06T01:49:39Z
etag
"8072cff03442d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11894
a
www.googletagmanager.com/ 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-NZXBFBT&cv=21&v=3&t=t&pid=709570754&rv=3310&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAACCA&h=Ag&tc=28&tr=1gclidw.1ua.1sp.1baut&ti=1gclidw.1ua.1sp.2baut&dl=52.4.165.249%2F&tdp=GTM-NZXBFBT;;0;0;0&z=0
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=GTM-NZXBFBT&cv=21&v=3&t=t&pid=709570754&rv=3310&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAACCA&h=Ag&tc=28&tr=1gclidw.1ua.1sp.1baut&ti=1gclidw.1ua.1sp.2baut&dl=52.4.165.249%2F&tdp=GTM-NZXBFBT;;0;0;0&z=0
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 01:49:39 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-NZXBFBT&cv=21&v=3&t=t&pid=709570754&rv=3310&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAACCA&h=Ag&tc=28&z=0
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-NZXBFBT&cv=21&v=3&t=t&pid=709570754&rv=3310&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAACCA&h=Ag&tc=28&tr=1cl.1cl.1lcl.1lcl.1lcl.1cl.1cl.1cl.1lcl.1lcl.1lcl.1cl.1cl&ti=1cl.1cl.1lcl.1lcl.1lcl.1cl.1cl.1cl.1lcl.1lcl.1lcl.1cl.1cl&z=0
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-NZXBFBT&cv=21&v=3&t=t&pid=709570754&rv=3310&es=1&e=gtm.dom&eid=3&u=AAAAAAAAAAAAACCA&h=Ag&tc=28&z=0
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-NZXBFBT&cv=21&v=3&t=t&pid=709570754&rv=3310&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAACCA&h=Ag&tc=28&tr=5gclidw&ti=1gclidw&z=0
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
web-widget-framework-6329b98acad6fbd36322.js
static.zdassets.com/web_widget/latest/ Frame 9D0C 		158 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/web-widget-framework-6329b98acad6fbd36322.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=ad9e05f5-dd8c-4f4f-96b2-17e38f316df5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65cb95820a83f6becb0e7496181626c92a36d5ca7ad6fd32b1c9394767c5d32c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
x-amz-version-id
k27XMKNvlQ4VBk3GAfuA5qgVl0lEBz3E
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
59NXYGA4BVJAN2TZ
age
353375
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
4z8Xvd5JlZ7jGe9a/vvu3uqqRMf5A/dRF0ydNKPh7qrHIrMqfPNxE8bphOgN9QfyMWEpj3G2A54=
last-modified
Wed, 01 Mar 2023 03:08:46 GMT
server
cloudflare
etag
W/"4078404a7b8430d50d2f31374960583b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9fA5ddQZoRWV%2BCiSBXakWCQ%2BnUmzTxiFQxM%2BSAkBqLHmMQjREXU1%2Bu0MYssSOSu%2F%2BZdbKieLF8wHgj5KcTsEZ1Et4tX2jBOtWRabYRnzt61nhGk1gwT18SD0nBM9DlvsT0YeYs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7a36f1819eec2bd2-FRA
expires
Thu, 29 Feb 2024 03:08:45 GMT
config
banqi.zendesk.com/embeddable/ Frame 9D0C 		539 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://banqi.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-6329b98acad6fbd36322.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c205fda3a9697d6e0abe37594538abb5aa54335e6a58bbda2cbdf123361198

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:40 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-f9496d4b8-rs55t
x-cached
MISS
x-request-id
7a36f1828c205c68-SEA
x-runtime
0.001682
last-modified
Mon, 06 Mar 2023 01:49:40 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qa58MOMQIlrSeATv7X4z9keJPz2ZhUDhVptdYTzbiY0bPmSpmqXSMsMz3G1%2FHYiVrXk8s6bNdL23zSCZeM%2BjSI6rlIiyLWLH1hxc612mLD%2Bq8CCvPud8wiagRW5k5hgV%2FXnm"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
7a36f1828c205c68-FRA
56165581.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56165581.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 06 Mar 2023 01:49:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 40C9553D85C84D4190C9FCB482B079E1 Ref B: FRAEDGE1218 Ref C: 2023-03-06T01:49:39Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56165581&tm=gtm002&Ver=2&mid=ab26e676-e409-45ad-a7a2-fe7f10e7d955&sid=282a6040bbc111ed8ca9bf18f2146e70&vid=282a6410bbc111ed9ff0a536bb5f90e9&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=A%20conta%20digital%20gratuita%20dos%20brasileiros%20%7C%20banQi&p=https%3A%2F%2F52.4.165.249%2F&r=&lt=1439&evt=pageLoad&sv=1&rn=285548
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 06 Mar 2023 01:49:39 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F2EB1C6245574C6CB4178CB8FAB7BF7A Ref B: FRAEDGE1218 Ref C: 2023-03-06T01:49:39Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1726622094&t=pageview&_s=1&dl=https%3A%2F%2F52.4.165.249%2F&dh=banqi.com.br&ul=en-us&de=UTF-8&dt=A%20conta%20digital%20gratuita%20dos%20brasileiros%20%7C%20banQi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=521564852&gjid=1188127102&cid=211192180.1678067380&tid=UA-116695794-3&_gid=758922419.1678067380&_r=1&_slc=1&gtm=45He3310n81NZXBFBT&z=1057161260
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://52.4.165.249/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 01:49:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://52.4.165.249
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/736117095/ 		42 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/736117095/?random=1678067379425&cv=11&fst=1678064400000&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2F52.4.165.249%2F&tiba=A%20conta%20digital%20gratuita%20dos%20brasileiros%20%7C%20banQi&fmt=3&is_vtc=1&random=2188195127&rmt_tld=0&ipr=y
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 01:49:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/736117095/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/736117095/?random=1678067379425&cv=11&fst=1678064400000&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2F52.4.165.249%2F&tiba=A%20conta%20digital%20gratuita%20dos%20brasileiros%20%7C%20banQi&fmt=3&is_vtc=1&random=2188195127&rmt_tld=1&ipr=y
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 01:49:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-116695794-3&cid=211192180.1678067380&jid=521564852&gjid=1188127102&_gid=758922419.1678067380&_u=YEBAAEAAAAAAACAAI~&z=1406791444
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://52.4.165.249/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 06 Mar 2023 01:49:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://52.4.165.249
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-116695794-3&cid=211192180.1678067380&jid=521564852&_u=YEBAAEAAAAAAACAAI~&z=199717182
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 01:49:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-116695794-3&cid=211192180.1678067380&jid=521564852&_u=YEBAAEAAAAAAACAAI~&z=199717182
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 01:49:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.js
www.google.com/recaptcha/ Frame 9A5E 		850 B
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.google.com
URL: https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/1tzlD8JG9v4%3Frel%3D0&q=EhAqAxsgAAbwEQAAAAAAAAteGLONlaAGIjAKjBd8G_SmVOhPEFm9-IzoDnrzC1VIK4MqwgFa8kLjtiPP7C0XRLuHU0hxiS79tQ8yAXI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bd9fd05593f2168a333d59615133d6fe1fe255e3fc551a9bf69d845138ecc77c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/1tzlD8JG9v4%3Frel%3D0&q=EhAqAxsgAAbwEQAAAAAAAAteGLONlaAGIjAKjBd8G_SmVOhPEFm9-IzoDnrzC1VIK4MqwgFa8kLjtiPP7C0XRLuHU0hxiS79tQ8yAXI
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
554
x-xss-protection
1; mode=block
expires
Mon, 06 Mar 2023 01:49:39 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 9A5E 		408 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 05 Mar 2023 06:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166391
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 06:54:12 GMT
anchor
www.google.com/recaptcha/api2/ Frame D337 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&s=Z4vvDRKQaHFl19XsXs3eMQ9rcNuVkMUuJO5894vqSOmFIXj1E0MJ3IijmicCpV_g52m_MAje6qvyKS2bfXAQK48hlroK_xyE7iZnq3eQVPVjJoUf5vuWgkY5yqesnlStd2X6GBCQUkcG73gWNxiHb7NJEgz9MdgxutCmMusTOdHuBxzY_nSIFr1pRcPPlZWqxQI3JsM7QAmYm_uU4x-ZoliXxDazakJNZygZI2OUxHTNvYl6pL5HfimEculzUYEpwOVwHn2kRR_7QOgTXtdoIO5-jlqmspM&cb=qxb5mw1fnqpa
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e2556b4e12841dde7eff34f6a57382ecb9eb11494cd57bdb9ef33694e6884f54
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-R4iTYoLkLImr2KwdWgpX7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/1tzlD8JG9v4%3Frel%3D0&q=EhAqAxsgAAbwEQAAAAAAAAteGLONlaAGIjAKjBd8G_SmVOhPEFm9-IzoDnrzC1VIK4MqwgFa8kLjtiPP7C0XRLuHU0hxiS79tQ8yAXI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23082
content-security-policy
script-src 'nonce-R4iTYoLkLImr2KwdWgpX7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 01:49:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
web-widget-classic-8b46e95.js
static.zdassets.com/web_widget/latest/classic/ Frame 9D0C 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8b46e95.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-6329b98acad6fbd36322.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89e54c83e96388fc735f3c94ce0d1d05f407f17362f8b17ca72153c0c307405
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:40 GMT
x-amz-version-id
pO.V7.z7RNaRuwO5JahAcTLTfSGkQPz8
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
59NG7V1PZCM7JSXP
age
353376
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
U4BLM6leBjECp2DAHz1yMDjiDv1Tz4C34LdG9bHDbtbCsaaiwsB+WhBiXhULt26eH9cbaNv4xOU=
last-modified
Wed, 01 Mar 2023 03:11:31 GMT
server
cloudflare
etag
W/"275f39f5903e5c3c4dda98bfa974b88e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3kOPkzs9G3im1T5WI%2BMiQtffCJNd4HneYZpP14mxaJYzcOMnb5p0%2FobgaeaanZ0PODX%2FYN107aGlcXwU%2BO4IJl374LhAbqJLIz%2FFHz9C%2FLEJPk7D6z%2Fv%2FbvkkHd7Kk0Ki3MIPo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7a36f186f9cd2bd2-FRA
expires
Thu, 29 Feb 2024 03:11:30 GMT
web-widget-8165-8b46e95.js
static.zdassets.com/web_widget/latest/classic/ Frame 9D0C 		663 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-8b46e95.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8b46e95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:40 GMT
x-amz-version-id
rDTR2Aja94LDV863i0qULaM33rs.xrFd
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
59NH0T43V0VM0MC5
age
353375
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
hT9swHjfgf2t4wAoo/sK+eNFguA4JoE2ZVf6051h9Abs3hgUIQAuj9t0dwJUntOYHaTad37GhT4=
last-modified
Wed, 01 Mar 2023 03:11:31 GMT
server
cloudflare
etag
W/"d519ea27f763cb6ec80aeec5b45213a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvUw9o4ce6hFfR%2FYjFBSnTYQyEcZ%2F5tcWFs5j3I4VQ5%2Fknk9ny949ACGjqL61d2d26rWgm3N6EHQA49NAq%2F0Jp3nLCaaRdQpWQOGYfHmKKC9q06tJLhvPCOA5q4jsgOWgT%2BKvAc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7a36f18719e02bd2-FRA
expires
Thu, 29 Feb 2024 03:11:30 GMT
web-widget-5324-8b46e95.js
static.zdassets.com/web_widget/latest/classic/ Frame 9D0C 		494 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-8b46e95.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8b46e95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b0d2e73d7c227880cca8af7134e1f0382cb439d3144a64fd0f9a1766bc000c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:40 GMT
x-amz-version-id
0SIWUJFzZ.wmPCD4SO29WH925oJxFm8c
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
59NH3ZED5K70HSGQ
age
353375
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
/RApgSw6HaFLhk1WVU2bGcMygsS9soxGyTEQFn2xOzCVryXra9Aj3ei6p3qH59ybYXI4ZC7Piic=
last-modified
Wed, 01 Mar 2023 03:11:31 GMT
server
cloudflare
etag
W/"08a8b4198fe082394e890bda14abe045"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TreutUbtBw4YOpZdtaKiFIp0ghOObZilnEN7c7lxohTfuWNHIa%2BrjGqGGPGtWl6f%2Bdjth9g0iXUNtCRuT1RoXpQKwLBuBVrGIpmQJz%2Fap8QDvDudH8Zg18ihvxESVACob%2B0SAg0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7a36f18719e22bd2-FRA
expires
Thu, 29 Feb 2024 03:11:30 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame D337 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&s=Z4vvDRKQaHFl19XsXs3eMQ9rcNuVkMUuJO5894vqSOmFIXj1E0MJ3IijmicCpV_g52m_MAje6qvyKS2bfXAQK48hlroK_xyE7iZnq3eQVPVjJoUf5vuWgkY5yqesnlStd2X6GBCQUkcG73gWNxiHb7NJEgz9MdgxutCmMusTOdHuBxzY_nSIFr1pRcPPlZWqxQI3JsM7QAmYm_uU4x-ZoliXxDazakJNZygZI2OUxHTNvYl6pL5HfimEculzUYEpwOVwHn2kRR_7QOgTXtdoIO5-jlqmspM&cb=qxb5mw1fnqpa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 05 Mar 2023 07:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 07:48:43 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame D337 		408 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&s=Z4vvDRKQaHFl19XsXs3eMQ9rcNuVkMUuJO5894vqSOmFIXj1E0MJ3IijmicCpV_g52m_MAje6qvyKS2bfXAQK48hlroK_xyE7iZnq3eQVPVjJoUf5vuWgkY5yqesnlStd2X6GBCQUkcG73gWNxiHb7NJEgz9MdgxutCmMusTOdHuBxzY_nSIFr1pRcPPlZWqxQI3JsM7QAmYm_uU4x-ZoliXxDazakJNZygZI2OUxHTNvYl6pL5HfimEculzUYEpwOVwHn2kRR_7QOgTXtdoIO5-jlqmspM&cb=qxb5mw1fnqpa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 05 Mar 2023 06:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166391
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 06:54:12 GMT
embeddable_blip
banqi.zendesk.com/ Frame 9D0C 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://banqi.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoaVBob25lOyBDUFUgaVBob25lIE9TIDE0XzdfMSBsaWtlIE1hYyBPUyBYKSBBcHBsZVdlYktpdC82MDUuMS4xNSAoS0hUTUwsIGxpa2UgR2Vja28pIFZlcnNpb24vMTQuMS4yIE1vYmlsZS8xNUUxNDggU2FmYXJpLzYwNC4xIiwiaXNNb2JpbGUiOnRydWV9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiI1NDY4NjRjZWUzZjg0Yzk3OGI3ZGQ1NTliMDk5M2JmYiIsInN1aWQiOiI5ZTRjOTA1NTA2NTg0ZWVlODY0ZjQ4ODIxMzMwODdlMCIsInZlcnNpb24iOiI4YjQ2ZTk1IiwidGltZXN0YW1wIjoiMjAyMy0wMy0wNlQwMTo0OTo0MC40ODlaIiwidXJsIjoiaHR0cHM6Ly81Mi40LjE2NS4yNDkvIn0%3D
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-6329b98acad6fbd36322.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:40 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Mar 2023 01:49:40 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvXu7wKFTRdwmcRdkwKInGN7gTtKFr0rhVZNE5H6b8cUUn9dRxySORwBlqNJNL6YTKVuleHD0CPTESIK%2FdsJeTAzDRUGq%2FkkE6zOVcrHLq1ncLjJWtIlDSM3zXowHGUgj4Vf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
7a36f1881ec25c68-FRA
content-length
0
x-request-id
7a36f1881ec25c68-SEA
embeddable_blip
banqi.zendesk.com/ Frame 9D0C 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://banqi.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiaGVscENlbnRlciI6eyJmaWx0ZXIiOnsic2VjdGlvbiI6IjM2MDAxMTM0MjMxMiJ9fX19LCJidWlkIjoiNTQ2ODY0Y2VlM2Y4NGM5NzhiN2RkNTU5YjA5OTNiZmIiLCJzdWlkIjoiOWU0YzkwNTUwNjU4NGVlZTg2NGY0ODgyMTMzMDg3ZTAiLCJ2ZXJzaW9uIjoiOGI0NmU5NSIsInRpbWVzdGFtcCI6IjIwMjMtMDMtMDZUMDE6NDk6NDAuNDk5WiIsInVybCI6Imh0dHBzOi8vNTIuNC4xNjUuMjQ5LyJ9
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-6329b98acad6fbd36322.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:40 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Mar 2023 01:49:40 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FVNCVBnbi%2FwboKKJY3h4KYoVnnU7OVN8yzu%2BUDS9fMMta3p1kwU9Axs1wGEBHH%2F4Q7gdgkEq45x1Se%2FjWkbmBH16Woye%2F4rjD4WjGx9Z6hdsS97QLTt30N0TcHa8v9BufLw"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
7a36f1882ec85c68-FRA
content-length
0
x-request-id
7a36f1882ec85c68-SEA
de-de-json-8b46e95.js
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 9D0C 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/de-de-json-8b46e95.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8b46e95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4dd9c0fce72a1d158eea4905d80b89742ac8dde08092be76d87ba5cb313ade6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:40 GMT
x-amz-version-id
nRMqYE8FmG5AUFgWrNL7uzh8lI7F2b4A
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
WTK5P63AS8XGP7P9
age
353373
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
YXhHckXdtBWHeFuFAHaoloT9mJKgmTUSvqn6MEkxJXNWpvojbk/DBxZmb8hZxjyX2kNvIQ5GMz4=
last-modified
Wed, 01 Mar 2023 03:11:32 GMT
server
cloudflare
etag
W/"215162609ce510a4b104092239c95cfd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGHWK8jZ%2FIZNDybspDzgAkFFpaw9O%2FXmEoa%2Fef6Aij0TJNlQeeMNX5H0AMShG1iP0VsPuFIqYGUof7KW0BfgeSTqW9v4EcHLgO%2FE6zWNXp1EkTQ0BZoQC1gf9zr%2FI8RmwgidMIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7a36f1882a642bd2-FRA
expires
Thu, 29 Feb 2024 03:11:31 GMT
pt-br-json-8b46e95.js
static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame 9D0C 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/pt-br-json-8b46e95.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-8b46e95.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b335147413e768c35cad0a01ab565531c6e9f732b63c8a5c8c846e2a73b98f0c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:40 GMT
x-amz-version-id
gYw5bRiLlgvkXlJ5YM21RX6nEDYWvwoe
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8S12TJN2T7F12N6Q
age
351695
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Jve/x9DqkFR9L1934Fw3Vq0ucuHqcTfj3kmnCLLRijjSEoEyO7h0SuOOpmPo+0q2YwAgY+MuF4s=
last-modified
Wed, 01 Mar 2023 03:11:35 GMT
server
cloudflare
etag
W/"95fe388a58ae2789dccdb6d9ea75a940"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujrBUGgwWa4rfgkcIUzB%2FWjBsx4TfOuugwYW43i7PaFprdnqPcUFCzZACVL9QzqQJ38lWlN33ELqwo32Aek1dCjGnoYbdRM8y4YKMOZ2rsOcrr5Z%2FwQAB093kaQLjWr7j1wsUtw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7a36f1884a7d2bd2-FRA
expires
Thu, 29 Feb 2024 03:11:34 GMT
truncated
/ Frame D337 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
truncated
/ Frame D337 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame D337 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 02 Mar 2023 01:14:34 GMT
x-content-type-options
nosniff
age
347706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 09 Mar 2023 01:14:34 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D337 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&s=Z4vvDRKQaHFl19XsXs3eMQ9rcNuVkMUuJO5894vqSOmFIXj1E0MJ3IijmicCpV_g52m_MAje6qvyKS2bfXAQK48hlroK_xyE7iZnq3eQVPVjJoUf5vuWgkY5yqesnlStd2X6GBCQUkcG73gWNxiHb7NJEgz9MdgxutCmMusTOdHuBxzY_nSIFr1pRcPPlZWqxQI3JsM7QAmYm_uU4x-ZoliXxDazakJNZygZI2OUxHTNvYl6pL5HfimEculzUYEpwOVwHn2kRR_7QOgTXtdoIO5-jlqmspM&cb=qxb5mw1fnqpa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 28 Feb 2023 23:07:12 GMT
x-content-type-options
nosniff
age
441748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10748
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Feb 2024 23:07:12 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame D337 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&s=Z4vvDRKQaHFl19XsXs3eMQ9rcNuVkMUuJO5894vqSOmFIXj1E0MJ3IijmicCpV_g52m_MAje6qvyKS2bfXAQK48hlroK_xyE7iZnq3eQVPVjJoUf5vuWgkY5yqesnlStd2X6GBCQUkcG73gWNxiHb7NJEgz9MdgxutCmMusTOdHuBxzY_nSIFr1pRcPPlZWqxQI3JsM7QAmYm_uU4x-ZoliXxDazakJNZygZI2OUxHTNvYl6pL5HfimEculzUYEpwOVwHn2kRR_7QOgTXtdoIO5-jlqmspM&cb=qxb5mw1fnqpa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&s=Z4vvDRKQaHFl19XsXs3eMQ9rcNuVkMUuJO5894vqSOmFIXj1E0MJ3IijmicCpV_g52m_MAje6qvyKS2bfXAQK48hlroK_xyE7iZnq3eQVPVjJoUf5vuWgkY5yqesnlStd2X6GBCQUkcG73gWNxiHb7NJEgz9MdgxutCmMusTOdHuBxzY_nSIFr1pRcPPlZWqxQI3JsM7QAmYm_uU4x-ZoliXxDazakJNZygZI2OUxHTNvYl6pL5HfimEculzUYEpwOVwHn2kRR_7QOgTXtdoIO5-jlqmspM&cb=qxb5mw1fnqpa
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 06 Mar 2023 01:49:40 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/736117095/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/736117095/?random=1678067380788&cv=11&fst=1678067380788&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2F52.4.165.249%2F&tiba=A%20conta%20digital%20gratuita%20dos%20brasileiros%20%7C%20banQi&auid=986211872.1678067379&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NZXBFBT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0323eee5bdd0bf3ec79cee2c3547f228009935a32ad767dad68672a6bec4cd98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 01:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1205
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 52.4.165.249
URL: https://52.4.165.249/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 01:49:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27907
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Z4QBLbF16zjUW7Wlu+rytJwQdV4UXJbVQtYZR8aIKglxHbapN/uUqf44qy6AC0IUnx9XjXwAeVwJxXOWj8HS2A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1726622094&t=pageview&_s=1&dl=https%3A%2F%2F52.4.165.249%2F&dh=banqi.com.br&ul=en-us&de=UTF-8&dt=A%20conta%20digital%20gratuita%20dos%20brasileiros%20%7C%20banQi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=&gjid=&cid=211192180.1678067380&tid=UA-116695794-3&_gid=758922419.1678067380&gtm=45He3310n81NZXBFBT&z=854948537
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 17:17:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30702
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 0733 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
41e6626fef2ac8e80a81f85f0df6e23d53fba6c0fe894d88f0c390f19e105255
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-LxCWGzkUyaQjUakh88cMcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/1tzlD8JG9v4%3Frel%3D0&q=EhAqAxsgAAbwEQAAAAAAAAteGLONlaAGIjAKjBd8G_SmVOhPEFm9-IzoDnrzC1VIK4MqwgFa8kLjtiPP7C0XRLuHU0hxiS79tQ8yAXI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1126
content-security-policy
script-src 'nonce-LxCWGzkUyaQjUakh88cMcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 06 Mar 2023 01:49:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
839023233165863
connect.facebook.net/signals/config/ 		150 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/839023233165863?v=2.9.98&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5367f8d637f9aa61adcb5a4247494138b464c0e1ac81600ad335c897da1b3e9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 06 Mar 2023 01:49:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
42251
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
pKJ9hSUy06inO9S+c1xVi+ivC5v3H3WJpi19uM5Uad9tmcQVuY6LbQfia8xrhDirgaql/d6kF4REYO2Fzj8fsA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/736117095/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/736117095/?random=1678067380788&cv=11&fst=1678064400000&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2F52.4.165.249%2F&tiba=A%20conta%20digital%20gratuita%20dos%20brasileiros%20%7C%20banQi&fmt=3&is_vtc=1&random=489503915&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 01:49:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/736117095/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/736117095/?random=1678067380788&cv=11&fst=1678064400000&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2F52.4.165.249%2F&tiba=A%20conta%20digital%20gratuita%20dos%20brasileiros%20%7C%20banQi&fmt=3&is_vtc=1&random=489503915&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 06 Mar 2023 01:49:40 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredevents.js
connect.facebook.net/signals/plugins/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.98
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 06 Mar 2023 01:49:40 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21972
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
uUwClTsL9YVNxoNa0Z1o2AO78yN3kydGssIVBBlsbfLbYXT3pdc3Pgi4SK2FJx8QO7s3DFSGgn3ribAjsYFWFg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 0733 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 05 Mar 2023 07:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 07:48:43 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 0733 		408 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 05 Mar 2023 06:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166391
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 06:54:12 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=839023233165863&ev=PageView&dl=https%3A%2F%2F52.4.165.249%2F&rl=&if=false&ts=1678067380883&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmgoogletagmanager&ec=0&o=28&cs_est=true&fbp=fb.3.1678067380882.1511288512&it=1678067380834&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 06 Mar 2023 01:49:40 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=GTM-NZXBFBT&cv=21&v=3&t=t&pid=709570754&rv=3310&es=1&e=gtm.load&eid=4&u=AgAAAAAAAAAAACCA&h=Ag&tc=28&tr=1gclidw.1ua.1sp.1baut.1html.5html.5gclidw.5baut.5ua.5sp&ti=1gclidw.1ua.1sp.2baut.1html.1html.1gclidw.2baut.1ua.1sp&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://52.4.165.249/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 Mar 2023 01:49:41 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| dataLayer string| u object| zEWebpackACJsonp function| zE function| zEmbed object| webpackChunk object| zESettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO boolean| zEACLoaded function| UET function| UET_init function| UET_push object| ueto_076d315899 object| uetq object| gaplugins object| gaGlobal object| gaData function| $zopim function| fbq function| _fbq

9 Cookies

Domain/Path Name / Value
52.4.165.249/ Name: _gcl_au
Value: 1.1.986211872.1678067379
52.4.165.249/ Name: _uetsid
Value: 282a6040bbc111ed8ca9bf18f2146e70
52.4.165.249/ Name: _uetvid
Value: 282a6410bbc111ed9ff0a536bb5f90e9
.bing.com/ Name: MUID
Value: 1BB7FF4734B666261D49ED8B35646762
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
52.4.165.249/ Name: _ga
Value: GA1.1.211192180.1678067380
52.4.165.249/ Name: _gid
Value: GA1.1.758922419.1678067380
52.4.165.249/ Name: _gat_UA-116695794-3
Value: 1
52.4.165.249/ Name: _fbp
Value: fb.3.1678067380882.1511288512

1 Console Messages

Source Level URL
Text
network error URL: https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/1tzlD8JG9v4%3Frel%3D0&q=EhAqAxsgAAbwEQAAAAAAAAteGLONlaAGIjAKjBd8G_SmVOhPEFm9-IzoDnrzC1VIK4MqwgFa8kLjtiPP7C0XRLuHU0hxiS79tQ8yAXI
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banqi.com.br
banqi.zendesk.com
bat.bing.com
connect.facebook.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
s3-sa-east-1.amazonaws.com
static.zdassets.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
104.16.51.111
104.18.70.113
104.18.72.113
2620:1ec:c11::200
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:400c:c06::9d
2a00:1450:400d:804::2003
2a00:1450:400d:806::2008
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::200a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.4.165.249
52.95.165.96
54.243.164.7
0323eee5bdd0bf3ec79cee2c3547f228009935a32ad767dad68672a6bec4cd98
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0c4b2ae6a7d0f844994809f576df98001874b2cf206137817628e6a97aeec99c
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
12b0d2e73d7c227880cca8af7134e1f0382cb439d3144a64fd0f9a1766bc000c
17435c891df050859692c7066181988a6ce4f6e8b4419177ecbc40311add072d
17862fcb7ee0957a88e9ceab29f85c136093dca1e16042410f5263207c468ba0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
262293e17a13a3fe741f0ed07c724a4607566a3241c54ed107da1bf58ae4964f
326f6ecef0f365c4c890c331619710091331e869095edda497acc9373fa1ed5f
343db0149fa4f91aabba681822dcdd396175b47fc04dfac35f4b855a733b49d7
347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe
350776212ee83d4b770d7ff2a6aac0b64963d41d19f85649eb0624c30c75a60f
3a14bc62839482d364050d53fd348de40ec2b49a766d4c1f7a82c36de370d325
41e6626fef2ac8e80a81f85f0df6e23d53fba6c0fe894d88f0c390f19e105255
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
43d6630abfd36743995865e2a46f9d7692ebaca19235f4120eebfc11c9e2c6a0
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44d65e24d1d7842cf9d36059d916a6c41522e64d44e1247d98f3c46b6867dbd7
452d73916962926a0ee3e2ebd908768a76fceed5aee9e0663f9f2ef948b707a4
4d29590fde9766dd0c2f2fa7feecd160943e76af3ec485b9f8ce118440bcb935
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
598ed08ebb35d0d4bb55200376b560418007c0cab3469b670baed1b4fc9dfa82
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
5a5b264c236de76490c5108c2dcb6292644f9adfcee5e9833934af7f6f2d066c
65cb95820a83f6becb0e7496181626c92a36d5ca7ad6fd32b1c9394767c5d32c
682188bb339da52ed0ceffff499289edd3302de148a64c69c68875a24a66a8ba
690d3186c7630fbbc45b8d64200d5803491d1f8f1a1ea91c0df293731fc915ed
777315ccb4be476c8869c95eaed87db7a494dad292cf5a2346526501eef98917
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7db06c0854ef6036b750a55b53f126ce7ff3f670ec0db0dd1b2c2c830077e023
7dfb988a715fb45cb93e88466a182b9f3a10a0edbc1612e24edb815aead0dc65
7fe044093bbdb0b451cc285122d017b39dfe950ceaea547ec7ba051a6f7aba02
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c205fda3a9697d6e0abe37594538abb5aa54335e6a58bbda2cbdf123361198
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
92c21edd566cb3bf8dbebd39e68c2e900e1169b78f0099b0427b92854f7881ea
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9c7704989b0926f4aa3e2de6a3dfaa9fcd3ae32aa60cb5b69ced2251508c192d
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a64134b8fd1cc209c18777a88920a3b783e6ece981112f9ec94df591364507bb
a89e54c83e96388fc735f3c94ce0d1d05f407f17362f8b17ca72153c0c307405
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b335147413e768c35cad0a01ab565531c6e9f732b63c8a5c8c846e2a73b98f0c
bd9fd05593f2168a333d59615133d6fe1fe255e3fc551a9bf69d845138ecc77c
be091d67a0dd204147f7fec45e36aaf690608f9a756c086673f1db0520f2d8af
c41787d960484844fa924145801a1f318a802ae97c32aeb20071f434f0e4eb77
c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2
cbd2a1b8102dac9a5796d3f616a03117c4bd03498577f8a441c02592caeb6c8f
d45e2f6d631463659f3f617776da90fbad68aa91d94b666b74cc681ce9cc8911
d509bb03c28e0ae4553a353289e78eff93e61145a6879306aad9ab704da64763
d5367f8d637f9aa61adcb5a4247494138b464c0e1ac81600ad335c897da1b3e9
db56ce65c0d350212a6d5f453fc73d8d9cc0ff729cd439ab54e7a0443a0ec868
dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a
e2556b4e12841dde7eff34f6a57382ecb9eb11494cd57bdb9ef33694e6884f54
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b381117337846aff2d0b7583119afb81cf169efc2395d563dd4ac0cd8280de
e60876425a9c871f63c7337c437b8f58da5430e27250b37c12c772482a1b2226
eae21891b8f615becf47233987da126d7f76a380c6d67fa83837d17da0c66422
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d9b40fb1b0bf5b784e461570f3ccf71d08d6ffb5f9f8aea8acef96da95dad1
f14be8f6d546c38448258d3f76ea7fb839de33758b5dcc0b6d28c37333710914
f4dd9c0fce72a1d158eea4905d80b89742ac8dde08092be76d87ba5cb313ade6