t06k1tb.oilcoshand.live Open in urlscan Pro
185.155.184.55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gogood.com.br/partners/
Effective URL:
https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprl...
Submission: On August 11 via manual (August 11th 2024, 5:50:14 am UTC) from BR — Scanned from US

Summary HTTP 83 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 23 domains to perform 83 HTTP transactions. The main IP is 185.155.184.55, located in Switzerland and belongs to AS-6898 C41.CH SAGL - LUGANO Data Center, CH. The main domain is t06k1tb.oilcoshand.live.
TLS certificate: Issued by E6 on August 10th 2024. Valid for: 3 months.

This is the only time t06k1tb.oilcoshand.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
7	18.160.10.15 18.160.10.15	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:8dd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4e8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:df98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:16b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:6ffe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3037::6815:4640	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.155.186.33 185.155.186.33	203639 (TEKNOLOGY) (TEKNOLOGY)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:50cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:f06c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:affc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:400d:c0d::9d	15169 (GOOGLE) (GOOGLE)
1	2600:1408:c40... 2600:1408:c400:5::17c7:3719	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:400d:c07::69	15169 (GOOGLE) (GOOGLE)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:50::12 2620:1ec:50::12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
30	185.155.184.55 185.155.184.55	6898 (AS-6898 C...) (AS-6898 C41.CH SAGL - LUGANO Data Center)
1	136.243.216.235 136.243.216.235	24940 (HETZNER-AS) (HETZNER-AS)
83	25

7 18.160.10.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-15.iad12.r.cloudfront.net

gogood.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c09::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:8dd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4e8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:df98 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:16b7 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6ffe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:4640 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

velvet.relessor.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.155.186.33 (Switzerland)

ASN203639 (TEKNOLOGY, CH)

enhancemalenew.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:50cc (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f06c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:affc (United States)

ASN13335 (CLOUDFLARENET, US)

44645643.hs-sites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0d::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:5::17c7:3719 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c07::69 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:50::12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 185.155.184.55 (Switzerland)

ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH)

t06k1tb.oilcoshand.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.216.235 (Eitensheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.216.243.136.clients.your-server.de

jsontdsexit2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	oilcoshand.live t06k1tb.oilcoshand.live	348 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 www.linkedin.com — Cisco Umbrella Rank: 914 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	4 KB
7	gogood.com.br gogood.com.br	116 KB
6	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 8139 api.hubspot.com — Cisco Umbrella Rank: 9983 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 8074 track.hubspot.com — Cisco Umbrella Rank: 5359 app.hubspot.com — Cisco Umbrella Rank: 10634	29 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	6 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	468 KB
3	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 8524 forms.hsforms.com — Cisco Umbrella Rank: 9382	2 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	76 KB
2	google.com www.google.com — Cisco Umbrella Rank: 10	128 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
2	enhancemalenew.life enhancemalenew.life	62 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 9601 forms.hscollectedforms.net — Cisco Umbrella Rank: 9837	25 KB
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 5414 js-na1.hs-scripts.com — Cisco Umbrella Rank: 14508	2 KB
1	jsontdsexit2.com jsontdsexit2.com — Cisco Umbrella Rank: 410365	502 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	hs-sites.com 44645643.hs-sites.com
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 7580	1 KB
1	relessor.shop velvet.relessor.shop Failed	767 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 5067	26 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 7189	4 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 10675	24 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 5135	25 KB
83	23

	Domain	Requested by
30	t06k1tb.oilcoshand.live	enhancemalenew.life t06k1tb.oilcoshand.live
7	gogood.com.br	gogood.com.br
5	www.facebook.com
5	px.ads.linkedin.com	3 redirects snap.licdn.com
5	www.googletagmanager.com	gogood.com.br www.googletagmanager.com js.hsadspixel.net
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.google.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	perf-na1.hsforms.com
2	www.google-analytics.com	www.googletagmanager.com
2	api.hubspot.com	js.usemessages.com
2	enhancemalenew.life	gogood.com.br
1	jsontdsexit2.com	t06k1tb.oilcoshand.live
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	forms.hsforms.com
1	snap.licdn.com	js.hsadspixel.net
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	44645643.hs-sites.com	js.hubspot.com
1	app.hubspot.com	js.usemessages.com
1	api.hubapi.com	js.hsadspixel.net
1	track.hubspot.com
1	js-na1.hs-scripts.com	js.hs-analytics.net
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	velvet.relessor.shop	gogood.com.br
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-scripts.com	gogood.com.br
83	32

This site contains no links.

Subject Issuer	Validity	Valid
www.gogood.com.br Amazon RSA 2048 M02	`2024-02-05` - `2025-03-05`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
hs-scripts.com WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
hs-analytics.net WE1	`2024-08-09` - `2024-11-07`	3 months	crt.sh
usemessages.com WE1	`2024-08-08` - `2024-11-06`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
hsadspixel.net E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
hs-banner.com WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
hscollectedforms.net WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
enhancemalenew.life R11	`2024-07-07` - `2024-10-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-20` - `2024-08-18`	3 months	crt.sh
hsforms.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
hubapi.com E6	`2024-07-02` - `2024-09-30`	3 months	crt.sh
hs-sites.com Cloudflare Inc ECC CA-3	`2024-03-10` - `2024-12-31`	10 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
oilcoshand.live E6	`2024-08-10` - `2024-11-08`	3 months	crt.sh
jsontdsexit2.com E5	`2024-07-19` - `2024-10-17`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
Frame ID: 9F71448C421086F08A58A3F5C28244F9
Requests: 80 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/44645643/threads/utk/de1b1c908cd6476dae25651238c9a909?uuid=162eed92224d4f96a8baca7ba1bf349c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=gogood.com.br&inApp53=false&messagesUtk=de1b1c908cd6476dae25651238c9a909&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true
Frame ID: 727D9AE6F8676DE405D189D7658C15C9
Requests: 1 HTTP requests in this frame

Frame: https://44645643.hs-sites.com/hs-web-interactive-44645643-153277645568?utk=c31bb57ec8af61e84768c4077a9edf1a
Frame ID: EBF0F87E126C56E342F180971FA0BC29
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2024 Annual Visitor Survey

Page URL History Show full URLs

https://gogood.com.br/partners/ Page URL
https://velvet.relessor.shop/help/?31631721355814 HTTP 302
https://enhancemalenew.life//?u=bt1k60t&o=xqt63qn&t=cid:10905&cid=10905-14309-202408110850094753 Page URL
https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-2024081108500947... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

83
Requests

98 %
HTTPS

84 %
IPv6

23
Domains

32
Subdomains

25
IPs

3
Countries

1233 kB
Transfer

2899 kB
Size

25
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gogood.com.br/partners/ Page URL
https://velvet.relessor.shop/help/?31631721355814 HTTP 302
https://enhancemalenew.life//?u=bt1k60t&o=xqt63qn&t=cid:10905&cid=10905-14309-202408110850094753 Page URL
https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://velvet.relessor.shop/help/?31631721355814 HTTP 302
https://enhancemalenew.life//?u=bt1k60t&o=xqt63qn&t=cid:10905&cid=10905-14309-202408110850094753

Request Chain 41

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4808017&time=1723355408891&li_adsId=536b3025-3fdd-40de-93e4-9107ea55312c&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4808017&time=1723355408891&li_adsId=536b3025-3fdd-40de-93e4-9107ea55312c&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4808017%26time%3D1723355408891%26li_adsId%3D536b3025-3fdd-40de-93e4-9107ea55312c%26url%3Dhttps%253A%252F%252Fgogood.com.br%252Fpartners%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4808017&time=1723355408891&li_adsId=536b3025-3fdd-40de-93e4-9107ea55312c&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4808017&time=1723355408891&li_adsId=536b3025-3fdd-40de-93e4-9107ea55312c&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&cookiesTest=true&liSync=true&e_ipv6=AQKOJEpVQ29T8gAAAZE__KxriEUa9yCpE3n-tfmzz0_4e048DTKwhRIDkY5HaN2IFBq4bXEBjGoseZenRSOUbrtRoj32wB8

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
gogood.com.br/partners/ 81 KB
17 KB 984ms
21ms Document
text/html 18.160.10.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gogood.com.br/partners/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-15.iad12.r.cloudfront.net
Software: Apache /
Resource Hash: 983098152fa48eb72cfc85f71e5abdb7cbd72bea10b9157e566cf9ce28261fb7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 183
cache-control: max-age=2696, public
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 11 Aug 2024 05:47:05 GMT
etag: "75b08635562d6eb77fc74ccd58e8f9c4"
expires: Sun, 11 Aug 2024 06:32:01 GMT
last-modified: Sun, 11 Aug 2024 05:32:01 GMT
link: <https://gogood.com.br/wp-json/>; rel="https://api.w.org/", <https://gogood.com.br/wp-json/wp/v2/pages/1835>; rel="alternate"; type="application/json", <https://gogood.com.br/?p=1835>; rel=shortlink, </wp-content/cache/minify/23245.js>; rel=preload; as=script, </wp-content/cache/minify/d26c7.css>; rel=preload; as=style
pragma: public
referrer-policy: no-referrer-when-downgrade
server: Apache
vary: Accept-Encoding
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-amz-cf-id: pTsXfKiA8Xil4-PyZHULWF6VrHLDlOTnH5mkSMDidnX1ozQytGDmoQ==
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront

GET
H2 200 23245.js Show response
gogood.com.br/wp-content/cache/minify/ 23 KB
6 KB 21ms
20ms Script
application/x-javascript 18.160.10.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gogood.com.br/wp-content/cache/minify/23245.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-15.iad12.r.cloudfront.net
Software: Apache /
Resource Hash: 56c32daace7908db601fe0475375edbea385c4de7a1e6c6ccd454729d1dc079f

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 18:03:44 GMT
content-encoding: gzip
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
age: 992784
x-cache: Hit from cloudfront
content-length: 5734
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 30 Jul 2024 03:53:00 GMT
server: Apache
etag: "pub1722311580;gz"
vary: Accept-Encoding, Origin
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000, public
x-amz-cf-id: spqR_58pwHpE9xh-kHoiYYKBVoChUsZq2wWZ1yalMpHhgsYXdArLLQ==
expires: Wed, 30 Jul 2025 18:03:44 GMT

GET
H2 200 d26c7.css
gogood.com.br/wp-content/cache/minify/ 245 KB
35 KB 17ms
17ms Stylesheet
text/css 18.160.10.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gogood.com.br/wp-content/cache/minify/d26c7.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-15.iad12.r.cloudfront.net
Software: Apache /
Resource Hash: a5792390a8524aa9f2eebb5cc1eab38a2789f00a028dd16f1a1080678bd3f353

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 02 Aug 2024 10:11:43 GMT
content-encoding: gzip
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
age: 761905
x-cache: Hit from cloudfront
content-length: 35784
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 20 Jul 2024 04:16:53 GMT
server: Apache
etag: "pub1721449013;gz"
vary: Accept-Encoding, Origin
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
x-amz-cf-id: l6OeCfNeXqUdE2C-zn28gBWvUdXfcpmy47kgcM5_HEmCpHBb_ke0eQ==
expires: Sat, 02 Aug 2025 10:11:42 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
gogood.com.br/wp-content/astra-local-fonts/montserrat/ 32 KB
33 KB 28ms
26ms Font
application/font-woff2 18.160.10.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gogood.com.br/wp-content/astra-local-fonts/montserrat/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by: Host: gogood.com.br
URL: https://gogood.com.br/partners/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-15.iad12.r.cloudfront.net
Software: Apache /
Resource Hash: bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Request headers

Referer: https://gogood.com.br/partners/
Origin: https://gogood.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 21:29:41 GMT
content-encoding: gzip
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
age: 2708427
x-cache: Hit from cloudfront
content-length: 33120
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Jul 2024 14:44:56 GMT
server: Apache
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public,max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: 6XXfjvkhUNzFGDGVetVgQEbUhJ15VFJbZksMOzEIZ7TRoED20bKN1g==

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
gogood.com.br/wp-content/astra-local-fonts/source-sans-pro/ 15 KB
15 KB 28ms
27ms Font
application/font-woff2 18.160.10.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gogood.com.br/wp-content/astra-local-fonts/source-sans-pro/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by: Host: gogood.com.br
URL: https://gogood.com.br/partners/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-15.iad12.r.cloudfront.net
Software: Apache /
Resource Hash: 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Request headers

Referer: https://gogood.com.br/partners/
Origin: https://gogood.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 20:25:56 GMT
content-encoding: gzip
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
age: 552252
x-cache: Hit from cloudfront
content-length: 14915
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Jul 2024 14:44:56 GMT
server: Apache
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: public,max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: CP46qT9yQdpila5lGhJHwPmgPt3AtQXac3JqRVK3_RRqiREflDkQ-w==

GET
H2 200 js
www.googletagmanager.com/gtag/ 269 KB
93 KB 103ms
57ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NSXXH3C1SL

Requested by

Host: gogood.com.br
URL: https://gogood.com.br/partners/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95533
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 11 Aug 2024 05:50:08 GMT

GET
H2 200 cropped-logo-gogood-36-2-127x34.png
gogood.com.br/wp-content/uploads/2018/07/ 5 KB
5 KB 20ms
19ms Image
image/png 18.160.10.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gogood.com.br/wp-content/uploads/2018/07/cropped-logo-gogood-36-2-127x34.png
Requested by: Host: gogood.com.br
URL: https://gogood.com.br/partners/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-15.iad12.r.cloudfront.net
Software: Apache /
Resource Hash: fa4b66a5cfae352bb04f7f950448acda808fee5e9e044ab466f606e435b61080

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Tue, 06 Aug 2024 18:45:05 GMT
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Jul 2024 14:44:51 GMT
server: Apache
x-amz-cf-pop: IAD12-P3
age: 385503
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600, public, public
accept-ranges: bytes
content-length: 5024
x-amz-cf-id: oURB5kPiHM4EOaVWL2CAcF5da1aqC7qfzDPcKj2SdEYYXPMh379I4g==

GET
H2 200 44645643.js
js.hs-scripts.com/ 3 KB
1 KB 72ms
48ms Script
application/javascript 2606:4700::6810:8dd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/44645643.js?integration=WordPress&ver=11.1.22

Requested by

Host: gogood.com.br
URL: https://gogood.com.br/partners/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8dd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 795617a2-f9e8-438d-89a0-bc2516572b3f
x-envoy-upstream-service-time: 4
content-length: 711
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 795617a2-f9e8-438d-89a0-bc2516572b3f
last-modified: Sun, 11 Aug 2024 05:50:08 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://gogood.com.br
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-85b74c4c74-mbwmd
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 8b15f246aa38439c-EWR
expires: Sun, 11 Aug 2024 05:51:38 GMT

GET
H2 200 gtm.js
www.googletagmanager.com/ 303 KB
103 KB 81ms
36ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T4ST2DF

Requested by

Host: gogood.com.br
URL: https://gogood.com.br/partners/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104558
x-xss-protection: 0
last-modified: Sun, 11 Aug 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 11 Aug 2024 05:50:08 GMT

GET
H2 200 logo-gogoodv2-38-300x94.png
gogood.com.br/wp-content/uploads/2018/07/ 4 KB
4 KB 18ms
17ms Image
image/webp 18.160.10.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gogood.com.br/wp-content/uploads/2018/07/logo-gogoodv2-38-300x94.png
Requested by: Host: gogood.com.br
URL: https://gogood.com.br/partners/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-15.iad12.r.cloudfront.net
Software: Apache /
Resource Hash

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: public
date: Thu, 08 Aug 2024 02:24:47 GMT
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 23 May 2023 21:58:55 GMT
server: Apache
x-amz-cf-pop: IAD12-P3
age: 271521
vary: Origin
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31557600, public, public
accept-ranges: bytes
content-length: 3986
x-amz-cf-id: y9_Ta2uhXF0B2pmc1eKi6Jp7Mk1aTAV_awG-TQNS03ujJrqWYMYA0Q==

GET
H2 200 44645643.js
js.hs-analytics.net/analytics/1723355400000/ 68 KB
25 KB 91ms
62ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1723355400000/44645643.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/44645643.js?integration=WordPress&ver=11.1.22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: B1C2CWBJB9STXE4T
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: dc5e953c-8137-4e0e-a70c-54d30280d87b
x-envoy-upstream-service-time: 26
x-amz-id-2: Kw+2NjExEqorHYU2+Xvz6KmQZQBDqpik1BtEgxCfT8wT9kFDxOAOA5Zh3wmc7lZZVr3nmcR4Pbio8pKs96LloQ==
x-evy-trace-listener: listener_https
x-request-id: dc5e953c-8137-4e0e-a70c-54d30280d87b
x-evy-trace-route-configuration: listener_https/all
last-modified: Sat, 03 Aug 2024 01:42:39 GMT
server: cloudflare
etag: W/"c6ea7029a583bc112f83f391a8d33801"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-wgwsj
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8b15f2472f718cb7-EWR
expires: Sun, 11 Aug 2024 05:55:08 GMT

GET
H2 200 conversations-embed.js
js.usemessages.com/ 85 KB
24 KB 47ms
20ms Script
application/javascript 2606:4700::6810:4e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/44645643.js?integration=WordPress&ver=11.1.22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4e8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: gzip
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-amz-version-id: IOZvZyCQvESzzIXDpDb8C47v20ojhaU7
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P3
age: 522
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.17367/bundles/project.js&cfRay=8af9ba83085d8c09-EWR
x-cache: Hit from cloudfront
x-hubspot-correlation-id: da03b8da-6ec9-4a03-bf25-f8932ffeda10
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: da03b8da-6ec9-4a03-bf25-f8932ffeda10
last-modified: Thu, 01 Aug 2024 19:44:14 UTC
server: cloudflare
etag: W/"b57858533bdc895fc298584a34a08c3a"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-vjwjs
cf-ray: 8b15f2471ca2c484-EWR
x-amz-cf-id: Hg6-KfdbV34iwazsu60MDEIfYE8E3gAKEyDLAAbbTmpT69MlWtC7sg==
x-hs-target-asset: conversations-embed/static-1.17367/bundles/project.js

GET
H2 200 web-interactives-embed.js
js.hubspot.com/ 82 KB
24 KB 63ms
34ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/44645643.js?integration=WordPress&ver=11.1.22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gogood.com.br/partners/
Origin: https://gogood.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1294/bundles/project.js&cfRay=8af91fc57d708cca-EWR
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"ca106ef78092107b8d4a40131d641c01"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1294/bundles/project.js
date: Sun, 11 Aug 2024 05:50:08 GMT
x-amz-version-id: GMZ9HyPHjtzB9hq9Kp4nuMbTlOz7NvmB
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 b9e3ae23b2e5d7b2e1c159467ba23f34.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 04da59bc-bedb-4b23-aa96-f94964e23dcd
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-evy-trace-route-configuration: listener_https/all
x-request-id: 04da59bc-bedb-4b23-aa96-f94964e23dcd
last-modified: Mon, 29 Jul 2024 11:16:10 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YGbe8NO63twHLHVtg%2BK1R4w35QZlgbU9pP4hzCes4L1KBI5Ym8yAwdKrCR2Sg%2BaxWpb%2BplhF9Rt07vteBq%2FU5yCnx0juNkvgDExPxJPLEhY%2BHql0dwM3p7NQNvN8A7VmFTGZvOHlIvM0CaPl"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-fj2sp
cf-ray: 8b15f2472f8b431c-EWR
x-amz-cf-id: PmB7QObJt2HiIG2ueBIvvpCR7prfdEFlEbcRaRq-77SahZjekJ-qzQ==

GET
H2 200 fb.js
js.hsadspixel.net/ 6 KB
4 KB 51ms
22ms Script
application/javascript 2606:4700::6811:df98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/44645643.js?integration=WordPress&ver=11.1.22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
x-amz-version-id: UIOsIr3qFS9r3wFn4ECf3yNr1.R8N2aA
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 b9e3ae23b2e5d7b2e1c159467ba23f34.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 1fd9c630-55e3-458f-a3e3-86fcf26d62df
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.572/bundles/pixels-release.js&cfRay=8af163868a667c7c-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age: 89
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1fd9c630-55e3-458f-a3e3-86fcf26d62df
last-modified: Tue, 06 Aug 2024 19:11:03 UTC
server: cloudflare
etag: W/"45a803cc17701ff8c7710294960c14c7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-dqn98
cf-ray: 8b15f2472fe20cc4-EWR
x-amz-cf-id: J7QyvbgLu4kfpNUb_CUIDWG_pmCisHUx7vKSftENBIXJB5i5SszRHQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.572/bundles/pixels-release.js

GET
H2 200 banner.js
js.hs-banner.com/v2/44645643/ 71 KB
26 KB 125ms
98ms Script
text/javascript 2606:4700::6812:16b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/44645643/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/44645643.js?integration=WordPress&ver=11.1.22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
x-amz-version-id: ITV3Kg17pYm0mHDRCHABFRck.d4R_fPv
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: ZGR88WE99MV2FG1P
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: dba8b65b-adca-493c-8f81-cfdb1b0b1552
x-envoy-upstream-service-time: 91
x-amz-id-2: NlFwrpnI/8da0Lu1yORrgrdsKvyeLV0f4Hg2JqnnylnAdwKW8sH5J0MxLickgMUIsFj7OU11qkU=
x-evy-trace-listener: listener_https
x-request-id: dba8b65b-adca-493c-8f81-cfdb1b0b1552
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 11 Apr 2024 21:16:09 GMT
server: cloudflare
etag: W/"c727b19ffc8a6f471002cad145878bf0"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://gogood.com.br
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-gfff7
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8b15f2471958190a-EWR
expires: Sun, 11 Aug 2024 05:55:08 GMT

GET
H2 200 collectedforms.js
js.hscollectedforms.net/ 69 KB
25 KB 111ms
45ms Script
application/javascript 2606:4700::6810:6ffe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/44645643.js?integration=WordPress&ver=11.1.22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6ffe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gogood.com.br/partners/
Origin: https://gogood.com.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.586/bundles/project.js&cfRay=8b15f2475aa3c339-EWR
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"ac41634810840adc02ea51748cb19c2f"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: collected-forms-embed-js/static-1.586/bundles/project.js
date: Sun, 11 Aug 2024 05:50:08 GMT
x-amz-version-id: FCxgV_B3nWescR00el0uV0Hdj2lazDBZ
x-content-type-options: nosniff
cf-cache-status: EXPIRED
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 3606001d-be3f-4319-8f3f-4a06cd56b08b
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3606001d-be3f-4319-8f3f-4a06cd56b08b
last-modified: Tue, 23 Jul 2024 12:55:20 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-sw27x
cf-ray: 8b15f2475aa3c339-EWR
x-amz-cf-id: 2mTR0PLeadlmaWXHJCVnyKdZvU9vYiTSC1HOqHzw8rB7zEHqXwJkDQ==

GET /
velvet.relessor.shop/help/ 0
0

GET
H/1.1

200
OK

/ Show response
enhancemalenew.life//
Redirect Chain

https://velvet.relessor.shop/help/?31631721355814
https://enhancemalenew.life//?u=bt1k60t&o=xqt63qn&t=cid:10905&cid=10905-14309-202408110850094753

62 KB
62 KB

562ms
151ms

Document
text/html

185.155.186.33
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL: https://enhancemalenew.life//?u=bt1k60t&o=xqt63qn&t=cid:10905&cid=10905-14309-202408110850094753
Requested by: Host: gogood.com.br
URL: https://gogood.com.br/partners/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.155.186.33 , Switzerland, ASN203639 (TEKNOLOGY, CH),
Reverse DNS
Software: openresty /
Resource Hash: 8d61cfa6eada95158e106497829ee32e4af1e84d123f8186349681cbba44d50e

Request headers

Referer: https://gogood.com.br/partners/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 63063
Content-Type: text/html
Date: Sun, 11 Aug 2024 05:50:10 GMT
Server: openresty
cache-control: private

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8b15f2475c147ca8-EWR
content-type: text/html; charset=utf-8
date: Sun, 11 Aug 2024 05:50:09 GMT
expires: Thu, 21 Jul 1977 07:30:00 GMT
last-modified: Sun, 11 Aug 2024 05:50:09 GMT
location: https://enhancemalenew.life//?u=bt1k60t&o=xqt63qn&t=cid:10905&cid=10905-14309-202408110850094753
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2BN%2FNI5jpKV71GMZKRo%2B1JAOqZV5rJx4pmabN3s%2FmxbWKucKLZWitVyn%2BG6kF%2FGVwhnobCFu3UTM5CAPrbMkNtVt5dG8WLXXGF0PhZWXK8JQD5aVcK%2FmeydmhckEUpqFJCN4gFtuldgJtLd6O4O3NoSJRw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.0.33

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 44ms
41ms Preflight
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=44645643&conversations-embed=static-1.17367&mobile=false&messagesUtk=de1b1c908cd6476dae25651238c9a909&traceId=de1b1c908cd6476dae25651238c9a909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://gogood.com.br
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://gogood.com.br
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8b15f2475fad431c-EWR
content-length: 18
content-type: text/plain; charset=utf-8
date: Sun, 11 Aug 2024 05:50:08 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TUkvzOVrJdFcqGi5ZsMtn2r7OHhOxVSw7bElKALiomA4eQDcNoK1l1atHhO115yfxXPAgx%2Bg1QZ5pq%2BtS1S5AysIp5dtCgkebbFFEjICMLb5CKhvvfk4eAjd1frTUY0BNTwkx6Vz2hBWLQZkbg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-85b74c4c74-7hh57
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 05a482ff-b9bd-487f-a5d0-6ebe2c1c1486
x-request-id: 05a482ff-b9bd-487f-a5d0-6ebe2c1c1486

GET
H2 200 public
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 87ms
86ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gogood.com.br/partners/
X-HubSpot-Messages-Uri: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9e231c33-952f-47fc-abce-c09198f137d3
x-envoy-upstream-service-time: 45
content-length: 1509
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9e231c33-952f-47fc-abce-c09198f137d3
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://gogood.com.br
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-85b74c4c74-tkf6s
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2FgIjqBY%2FsZsKS0ReLC6WSP0fNpOvtjYcJdtRz0XSpCB%2Bc0ucFTUDWdsIeUGejWf52BL8OvyyTa0I7OFz9%2FAmidNcH2h0tfCtJSijLTGt9gqAVYC0JRu7G1U%2FBEziFqA6y5q0MjDuFnfXhYg1g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b15f247afd9431c-EWR
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 939 B
2 KB 50ms
49ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=44645643&currentUrl=https%3A%2F%2Fgogood.com.br%2Fpartners%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 293858fb-dc19-49a2-85c6-b5e4cdf03661
x-envoy-upstream-service-time: 16
content-length: 556
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 293858fb-dc19-49a2-85c6-b5e4cdf03661
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://gogood.com.br
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9SvLyh1g2pJoZEZMcHU2vP7Am7L0KRTyyMUmrLSwZYvCqmVPrwT95dzS0EEqbIor7ni%2B9yIyIhP8rhZcI9zZ%2B4dJhcKNQupCORu4lVAQI0FEzh3Ko96aVB3Z1sbnVn%2BTyUemFVvslrrEELTv9RFQdVfQgT3w92YJPy8%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8b15f2477fc2431c-EWR
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-vls5k

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 52ms
22ms Fetch
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NSXXH3C1SL&gtm=45je4880v869972578za200&_p=1723355408426&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&gdid=dZTNiMT&cid=503533045.1723355409&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723355408&sct=1&seg=0&dl=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&dt=Partners-%20GoGood&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1202
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NSXXH3C1SL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 05:50:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gogood.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 destination
www.googletagmanager.com/gtag/ 263 KB
91 KB 34ms
34ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10873561308&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4ST2DF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92862
x-xss-protection: 0
last-modified: Sun, 11 Aug 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 11 Aug 2024 05:50:08 GMT

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 225 KB
60 KB 127ms
16ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4ST2DF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 11 Aug 2024 05:50:08 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=12, mss=1328, tbw=2771, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 1yeP09TtKTBLvIucMxaKCAPLZ3GOr3nLwq/J0n8kTLINvkxABUuSqFHG8uCzlPHV90WIJFy/ETX8Asg6ZXfqfQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 44645643.js
js-na1.hs-scripts.com/ 3 KB
791 B 66ms
22ms Script
application/javascript 2606:4700::6810:8dd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-na1.hs-scripts.com/44645643.js

Requested by

Host: js.hs-analytics.net
URL: https://js.hs-analytics.net/analytics/1723355400000/44645643.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8dd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 586fac0f-62e5-41d9-8876-45a0ed997674
cf-polished: origSize=2999
age: 181
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 586fac0f-62e5-41d9-8876-45a0ed997674
cf-bgj: minify
last-modified: Sun, 11 Aug 2024 05:47:07 GMT
server: cloudflare
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://gogood.com.br
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-85b74c4c74-c8mwm
x-evy-trace-virtual-host: all
access-control-allow-credentials: true
cf-ray: 8b15f2484b14439c-EWR

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 74ms
48ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3354772291&v=1.1&a=44645643&ct=standard-page&rcu=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&pu=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&t=Partners-+GoGood&cts=1723355408638&vi=c31bb57ec8af61e84768c4077a9edf1a&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6f131896-0225-4596-a375-ee696b6e595b
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 3
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6f131896-0225-4596-a375-ee696b6e595b
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rcFcbnKPet77c8fCP8qX%2FSA1JBZf4dUwIQFP6D2U1eHriHx5zQFmU5Z9X0ii7Gk7Wfgxj5lhqWrdFgap1JlqLluF0lZ4IuJ6z09glDG93l1H4mznmoC6sUXD0ycTn8b3lNU6u5GIAJfe3B8kADWU"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-p52jx
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8b15f2483e0d78d3-EWR
x-robots-tag: none

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 25ms
24ms Fetch
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NSXXH3C1SL&gtm=45je4880v869972578z879703606za200&_p=1723355408426&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&gdid=dZTNiMT&cid=503533045.1723355409&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAC&_s=2&sid=1723355408&sct=1&seg=1&dl=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&dt=Partners-%20GoGood&en=page_view&_et=46&tfd=1257
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NSXXH3C1SL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 05:50:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gogood.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
929 B 52ms
37ms Image
image/gif 2606:4700::6812:50cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:50cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f09ca944-5b9f-441d-8039-66ea039ad0a4
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f09ca944-5b9f-441d-8039-66ea039ad0a4
last-modified: Sun, 11 Aug 2024 05:50:08 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-2rthx
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8b15f2485a6042d1-EWR

GET
H2 200 json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 256 B
1 KB 66ms
41ms XHR
application/json 2606:4700::6812:f06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=44645643

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f06c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 42e26f41-117f-4936-aac9-fa5dbc136809
x-envoy-upstream-service-time: 3
content-length: 174
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 42e26f41-117f-4936-aac9-fa5dbc136809
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://gogood.com.br
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-85b74c4c74-kgzsd
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b3yHu3%2BorqQeLw7MzI%2B6nS%2Fz70U0ct1BS1dEtWnxURclbg5wkfKb%2BI9aI%2BKlNcOqBkyE55Nwf4AefUg93WdxGVovBgTe5bYfW%2BYPA%2FLKlzIaHCDbZEg%2B2NmVSL9K9CFIL%2B%2BHDpJae0Rhv8%2Fm"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b15f2486fc34240-EWR
access-control-allow-headers: *

GET
H2 200 de1b1c908cd6476dae25651238c9a909
app.hubspot.com/conversations-visitor/44645643/threads/utk/ Frame 727D 0
0 169ms
107ms Document
text/html 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/44645643/threads/utk/de1b1c908cd6476dae25651238c9a909?uuid=162eed92224d4f96a8baca7ba1bf349c&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=gogood.com.br&inApp53=false&messagesUtk=de1b1c908cd6476dae25651238c9a909&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://gogood.com.br/partners/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
age: 2462
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 8b15f248df6f7d0b-EWR
content-encoding: gzip
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.19819/html/index.html&cfRay=8b15f248df6f7d0b&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F44645643%2Fthreads%2Futk%2Fde1b1c908cd6476dae25651238c9a909%3Fuuid%3D162eed92224d4f96a8baca7ba1bf349c%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dgogood.com.br%26inApp53%3Dfalse%26messagesUtk%3Dde1b1c908cd6476dae25651238c9a909%26url%3Dhttps%253A%252F%252Fgogood.com.br%252Fpartners%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue&referrer=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&cfenv=prod&pdt=2024-08-11&csp=ro
content-type: text/html; charset=utf-8
date: Sun, 11 Aug 2024 05:50:08 GMT
etag: W/"38c1e37b97f9ff944a5ec6c9e9e029c3"
last-modified: Thu, 01 Aug 2024 19:44:14 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8b15f248df6f7d0b&resource=conversations-visitor-ui/static-1.19819/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 1f1067e4f193aaabd2c24b99bcdc4e88.cloudfront.net (CloudFront)
x-amz-cf-id: scFkeqX9oB7Iz7B4kRzV7FBYFjSDUljIBdHk6hT7fTDgtUnfAZOL_w==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: uajQiO9H6Nuks.TQxN7J0mDYokmRP0rl
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 7
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-xgqk6
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.19819/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: 4170134b-f9aa-483b-be6a-942a711de582
x-request-id: 4170134b-f9aa-483b-be6a-942a711de582

GET
H3 200 hs-web-interactive-44645643-153277645568
44645643.hs-sites.com/ Frame EBF0 0
0 356ms
300ms Document
text/html 2606:4700::6813:affc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://44645643.hs-sites.com/hs-web-interactive-44645643-153277645568?utk=c31bb57ec8af61e84768c4077a9edf1a

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:affc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Referer: https://gogood.com.br/partners/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10,max-age=5
cache-tag: CT-153277645568,P-44645643,PGS-ALL,SW-4
cf-cache-status: MISS
cf-ray: 8b15f248da19c40c-EWR
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Sun, 11 Aug 2024 05:50:09 GMT
edge-cache-tag: CT-153277645568,P-44645643,PGS-ALL,SW-4
last-modified: Sun, 11 Aug 2024 05:50:09 GMT
link: </_hcms/forms/embed/v3.js>; rel=preload; as=script
server: cloudflare
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 58
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/cms-hs-sites-td/envoy-proxy-fffdb9b56-z4ckj
x-evy-trace-virtual-host: all
x-hs-cache-config: BrowserCache-5s-EdgeCache-10s
x-hs-content-id: 153277645568
x-hs-hub-id: 44645643
x-hubspot-correlation-id: 42d83ac9-7278-4309-9fb6-1b954da71d1a
x-request-id: 42d83ac9-7278-4309-9fb6-1b954da71d1a
x-robots-tag: none

GET
H2 200 json
forms.hscollectedforms.net/collected-forms/v1/config/ 136 B
429 B 39ms
38ms XHR
application/json 2606:4700::6810:6ffe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=44645643&utk=c31bb57ec8af61e84768c4077a9edf1a

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6ffe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 950eda13-b4cb-4121-b54e-0538010dfb18
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 950eda13-b4cb-4121-b54e-0538010dfb18
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://gogood.com.br
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-fj2sp
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8b15f2488b5cc339-EWR

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/10873561308/ 2 KB
1 KB 78ms
32ms Script
text/javascript 2607:f8b0:400d:c0d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10873561308/?random=1723355408741&cv=11&fst=1723355408741&bg=ffffff&guid=ON&async=1&gtm=45be4880v9112930544z879703606za201zb79703606&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&hn=www.googleadservices.com&frm=0&tiba=Partners-%20GoGood&npa=0&pscdl=noapi&auid=1649508019.1723355409&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10873561308&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 263 KB
91 KB 47ms
46ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10873561308

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92815
x-xss-protection: 0
last-modified: Sun, 11 Aug 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 11 Aug 2024 05:50:08 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 263 KB
91 KB 43ms
43ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10873561308&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NSXXH3C1SL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92812
x-xss-protection: 0
last-modified: Sun, 11 Aug 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 11 Aug 2024 05:50:08 GMT

GET
H2 200 insight.min.js
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 106ms
16ms Script
application/javascript 2600:1408:c400:5::17c7:3719
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:5::17c7:3719 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 28 Jul 2024 07:35:22 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=57191
accept-ranges: bytes
content-length: 14597

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
538 B 80ms
35ms Image
image/gif 2606:4700::6812:50cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:50cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6d3754cf-8276-4da6-a38c-64faee192225
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6d3754cf-8276-4da6-a38c-64faee192225
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-lkwbr
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8b15f2491ae042d1-EWR

GET
H2 200 1143101209088195
connect.facebook.net/signals/config/ 64 KB
13 KB 65ms
64ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1143101209088195?v=2.9.164&r=stable&domain=gogood.com.br&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 11 Aug 2024 05:50:08 GMT
document-policy: force-load-at-top
x-fb-server-load: 25
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=63, mss=1328, tbw=64410, tp=-1, tpl=-1, uplat=49, ullat=0
pragma: public
x-fb-debug: kHak15jNaBeonO9+4LgH0I2hFb21hQ3/xomXZXDmdmlmwTk3CvrGAC/X3X6X48PPENq1PyRTUY0fuMx8Eus4Dw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10873561308/ 42 B
64 B 80ms
31ms Image
image/gif 2607:f8b0:400d:c07::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10873561308/?random=1723355408741&cv=11&fst=1723352400000&bg=ffffff&guid=ON&async=1&gtm=45be4880v9112930544z879703606za201zb79703606&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&hn=www.googleadservices.com&frm=0&tiba=Partners-%20GoGood&npa=0&pscdl=noapi&auid=1649508019.1723355409&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfi5VBZaqNcaKyMEEvDTMPGqxBkuEsVw&random=604691724&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::69 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 05:50:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/10873561308/ 2 KB
1 KB 37ms
36ms Script
text/javascript 2607:f8b0:400d:c0d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10873561308/?random=1723355408863&cv=11&fst=1723355408863&bg=ffffff&guid=ON&async=1&gtm=45be4880v9112930544za200zb869972578&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&hn=www.googleadservices.com&frm=0&tiba=Partners-%20GoGood&did=dZTNiMT%2CdZTQ1Zm&gdid=dZTNiMT.dZTQ1Zm&npa=0&pscdl=noapi&auid=1649508019.1723355409&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10873561308&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1402
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_trigger
px.ads.linkedin.com/ 2 B
762 B 156ms
106ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=4808017&time=1723355408891&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: *
Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:08 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: C075B1D991FA4AFB968F6FE457DFAAE6 Ref B: EWR30EDGE0213 Ref C: 2024-08-11T05:50:08Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYfYfL5bubufVsbCc211g==
x-fs-uuid: 00061f61f2f96ee6ee7d5b1b09cdb5d6

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4808017&time=1723355408891&li_adsId=536b3025-3fdd-40de-93e4-9107ea55312c&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4808017&time=1723355408891&li_adsId=536b3025-3fdd-40de-93e4-9107ea55312c&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4808017%26time%3D1723355408891%26li_adsId%3D536b3025-3fdd-40de-93e4-9107ea55312c%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4808017&time=1723355408891&li_adsId=536b3025-3fdd-40de-93e4-9107ea55312c&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4808017&time=1723355408891&li_adsId=536b3025-3fdd-40de-93e4-9107ea55312c&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&cookiesTest=true&liSync=tr...

0
489 B

179ms
101ms

Image
application/javascript

2620:1ec:50::12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4808017&time=1723355408891&li_adsId=536b3025-3fdd-40de-93e4-9107ea55312c&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&cookiesTest=true&liSync=true&e_ipv6=AQKOJEpVQ29T8gAAAZE__KxriEUa9yCpE3n-tfmzz0_4e048DTKwhRIDkY5HaN2IFBq4bXEBjGoseZenRSOUbrtRoj32wB8
Protocol: H2
Server: 2620:1ec:50::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:09 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5EEE4E0F5CA74F77B1F6C052C91AB1C2 Ref B: EWR30EDGE0119 Ref C: 2024-08-11T05:50:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYfYfMEKIBswkdIuAGkKw==

Redirect headers

date: Sun, 11 Aug 2024 05:50:08 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 51C5DAC03C474736A5A1BCB0579EBBAF Ref B: EWR311000101037 Ref C: 2024-08-11T05:50:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4808017&time=1723355408891&li_adsId=536b3025-3fdd-40de-93e4-9107ea55312c&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&cookiesTest=true&liSync=true&e_ipv6=AQKOJEpVQ29T8gAAAZE__KxriEUa9yCpE3n-tfmzz0_4e048DTKwhRIDkY5HaN2IFBq4bXEBjGoseZenRSOUbrtRoj32wB8
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYfYfMBaIkdwysOLup9bg==

GET
H3 200 1061891495141615
connect.facebook.net/signals/config/ 22 KB
3 KB 60ms
60ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1061891495141615?v=2.9.164&r=stable&domain=gogood.com.br&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C195%2C194%2C196%2C201%2C202%2C203%2C199%2C191%2C128%2C158%2C190%2C192%2C119%2C152%2C141%2C146%2C184%2C185%2C125%2C227%2C113%2C124%2C228%2C160%2C116%2C230%2C161%2C132%2C120%2C149%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 11 Aug 2024 05:50:08 GMT
document-policy: force-load-at-top
x-fb-server-load: 21
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=23, mss=1232, tbw=4646, tp=11, tpl=0, uplat=44, ullat=0
pragma: public
x-fb-debug: K4/xcHsjMetSFnjVdx5Mh4iEhEnloYJYAxYMZhKqaAbjTeyPeTEVOA32T1m/q8T97ukZL2VP55RQwInSbiMIfQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10873561308/ 42 B
64 B 31ms
31ms Image
image/gif 2607:f8b0:400d:c07::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10873561308/?random=1723355408863&cv=11&fst=1723352400000&bg=ffffff&guid=ON&async=1&gtm=45be4880v9112930544za200zb869972578&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&hn=www.googleadservices.com&frm=0&tiba=Partners-%20GoGood&did=dZTNiMT%2CdZTQ1Zm&gdid=dZTNiMT.dZTQ1Zm&npa=0&pscdl=noapi&auid=1649508019.1723355409&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfYRgl_XMIl9cE5tyJWn2OCrR_E8S6bcGG-dfJiPEa-ZhKWG-u&random=3337740142&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::69 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Aug 2024 05:50:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 52ms
14ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1328, tbw=2821, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 11 Aug 2024 05:50:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 116ms
78ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1143101209088195&ev=PageView&dl=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&rl=&if=false&ts=1723355408906&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.2.1723355408905.2980588515217820&ler=empty&cdl=API_unavailable&it=1723355408809&coo=false&tm=1&exp=f1&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xdafdc878e54278a7","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:3820730424686126","7830:3820730424686126","10853:3820730424686126","41:3820730424686126","8046:3820730424686126"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 11 Aug 2024 05:50:09 GMT
x-fb-server-load: 38
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401755118631909168", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=15, mss=1328, tbw=3392, tp=-1, tpl=-1, uplat=62, ullat=0
pragma: no-cache
x-fb-debug: 0lmn06CLv1zT8elqjbo1LqHDfBczqYV+gHZbGR0vaZkZQxRzgC31ESRmKSBAfow0yJ2maDPnzlL1sXuxq9v6XQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401755118631909168"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
126 B 18ms
16ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?batch=1&events[0]=id%3D1143101209088195%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fgogood.com.br%252Fpartners%252F%26rl%3D%26if%3Dfalse%26ts%3D1723355408972%26sw%3D1600%26sh%3D1200%26v%3D2.9.164%26r%3Dstable%26a%3DtmSimo-GTM-WebTemplate%26ec%3D1%26o%3D4126%26fbp%3Dfb.2.1723355408905.2980588515217820%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1723355408809%26coo%3Dfalse%26exp%3Df3&events[1]=id%3D1061891495141615%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fgogood.com.br%252Fpartners%252F%26rl%3D%26if%3Dfalse%26ts%3D1723355408973%26sw%3D1600%26sh%3D1200%26ud%5Bexternal_id%5D%3Dc31bb57ec8af61e84768c4077a9edf1a%26v%3D2.9.164%26r%3Dstable%26a%3Dhubspot%26ec%3D0%26o%3D4126%26fbp%3Dfb.2.1723355408905.2980588515217820%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1723355408809%26coo%3Dfalse%26exp%3Df3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=15, mss=1328, tbw=3222, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 11 Aug 2024 05:50:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
860 B 51ms
50ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1143101209088195&ev=PageView&dl=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&rl=&if=false&ts=1723355408972&sw=1600&sh=1200&v=2.9.164&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.2.1723355408905.2980588515217820&ler=empty&cdl=API_unavailable&it=1723355408809&coo=false&exp=f3&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xdafdc878e54278a7","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:3820730424686126","7830:3820730424686126","10853:3820730424686126","41:3820730424686126","8046:3820730424686126"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 11 Aug 2024 05:50:09 GMT
x-fb-server-load: 33
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401755121834021403", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=15, mss=1328, tbw=7029, tp=-1, tpl=-1, uplat=34, ullat=0
pragma: no-cache
x-fb-debug: rcKYz1dejaSwJkyR7yKEStTSj8jOKsUh8svAMIy72wt8W6iYikC7OeMl0DO20u70yGWIjeR9dtSYQDqabhVbqQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401755121834021403"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
851 B 53ms
52ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1061891495141615&ev=PageView&dl=https%3A%2F%2Fgogood.com.br%2Fpartners%2F&rl=&if=false&ts=1723355408973&sw=1600&sh=1200&ud[external_id]=c31bb57ec8af61e84768c4077a9edf1a&v=2.9.164&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.2.1723355408905.2980588515217820&ler=empty&cdl=API_unavailable&it=1723355408809&coo=false&exp=f3&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 11 Aug 2024 05:50:09 GMT
document-policy: force-load-at-top
x-fb-server-load: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7401755123034582975", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=15, mss=1328, tbw=7933, tp=-1, tpl=-1, uplat=38, ullat=0
pragma: no-cache
x-fb-debug: sMFcIVbMXBPS6IdgvLW5REunxpQpK4xJK63TAprWKKYjC0qe6HoukXzayABBd5BV6iUci6tRNT3KUHlmuz7zdw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7401755123034582975"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
580 B 40ms
40ms Image
image/gif 2606:4700::6812:50cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=interactive-shown&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:50cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 05:50:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6a44591f-2af6-40fa-bca5-666a65f6af03
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6a44591f-2af6-40fa-bca5-666a65f6af03
last-modified: Sun, 11 Aug 2024 05:50:09 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-xz9v8
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8b15f24c3ccc42d1-EWR

POST
H2 204 /
px.ads.linkedin.com/wa/ 0
195 B 105ms
104ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: *
Referer: https://gogood.com.br/partners/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 11 Aug 2024 05:50:09 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5CF32C5AAA9D47D080879596B6EB0AA2 Ref B: EWR311000101037 Ref C: 2024-08-11T05:50:09Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://gogood.com.br
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYfYfMFzNcjcQ5SBp0VDg==

GET
H/1.1 204
No Content favicon.ico
enhancemalenew.life/ 0
136 B 107ms
107ms Other
text/plain 185.155.186.33
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL: https://enhancemalenew.life/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.155.186.33 , Switzerland, ASN203639 (TEKNOLOGY, CH),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Referer: https://enhancemalenew.life//?u=bt1k60t&o=xqt63qn&t=cid:10905&cid=10905-14309-202408110850094753
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:10 GMT
Cache-Control: no-transform
Server: openresty
Connection: keep-alive

GET
H/1.1 200
OK Primary Request / Show response
t06k1tb.oilcoshand.live/dvpvwkaq/ 17 KB
17 KB 489ms
150ms Document
text/html 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
Requested by: Host: enhancemalenew.life
URL: https://enhancemalenew.life//?u=bt1k60t&o=xqt63qn&t=cid:10905&cid=10905-14309-202408110850094753
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software: openresty /
Resource Hash: 258597d6c51817d5eb2623a2466113b05bdf2618b3b8bd488bf770ff5872b72c

Request headers

Referer: https://enhancemalenew.life/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 17522
Content-Type: text/html
Date: Sun, 11 Aug 2024 05:50:11 GMT
Server: openresty
cache-control: private

GET
H/1.1 200
OK bootstrap-mini.css
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 10 KB
11 KB 204ms
107ms Stylesheet
text/css 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/bootstrap-mini.css

Requested by

Host: t06k1tb.oilcoshand.live
URL: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

eb9fe798331b592bd8fc54d5ede3ac19e961b5aa7c2dffb3dbb17ce5fcb88e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA95CC71967E21
Connection: keep-alive
Content-Length: 10214
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:23.213095Z
ETag: "f0a842b8b8a52bb05e6c729828fbb40e"
Vary: Origin, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1695223404#571748836/gid:0/gname:root/mode:33279/mtime:1653412343#213095000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:11 GMT

GET
H/1.1 200
OK font-awesome-mini.css
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 2 KB
3 KB 312ms
107ms Stylesheet
text/css 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/font-awesome-mini.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

e7eb3ba41e31f5d9710bb64a87a5e9e7664143a95f68d0f357fe0d4252bb58d5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:11 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17EA95CC7B6EF605
Connection: keep-alive
Content-Length: 1857
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 01 Aug 2024 07:20:34 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:30.393111Z
ETag: "8b2fe9dcd9e31f21056ebc3d6667123c"
Vary: Origin, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1720014411#432179424/gid:0/gname:root/mode:33279/mtime:1653412350#393111000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:11 GMT

GET
H/1.1 200
OK main-like.css
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 7 KB
8 KB 319ms
108ms Stylesheet
text/css 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/main-like.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

f2ead250f003ad44fad41af0a1554922e31ab930fa86d90a8f2df62c048c2843

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA95CC7DDAE1C0
Connection: keep-alive
Content-Length: 7181
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 20 Sep 2023 15:23:26 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:46.569146Z
ETag: "30d4bbfa0a8fa6727a9edb23be989598"
Vary: Origin, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1693134509#308024655/gid:0/gname:root/mode:33279/mtime:1653412366#569146000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:11 GMT

GET
H/1.1 200
OK jquery.min.js Show response
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 85 KB
85 KB 318ms
106ms Script
text/javascript 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/jquery.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA95CC8651CDAB
Connection: keep-alive
Content-Length: 86659
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 21 Nov 2023 12:30:07 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:40.809134Z
ETag: "c9f5aeeca3ad37bf2aa006139b935f0a"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1695223405#691751355/gid:0/gname:root/mode:33279/mtime:1653412360#809134000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:11 GMT

GET
H/1.1 200
OK 1.js Show response
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 12 KB
13 KB 318ms
107ms Script
text/javascript 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/1.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

b2134512608af652a98e1fa0528865c9ed7bfbc0776865fbbbf3ea552260ff46

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:11 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17EA95CC89F23069
Connection: keep-alive
Content-Length: 12181
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 01 Aug 2024 07:20:33 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-02-24T20:54:06Z
ETag: "4c0b32d32b0b7317afb94deba5cabeac"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1720014411#424179406/gid:0/gname:root/mode:33279/mtime:1708808046#0/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:11 GMT

GET
H/1.1 200
OK 8.js Show response
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 6 KB
6 KB 319ms
108ms Script
text/javascript 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/8.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

3219e9b5673785cb942331858ef7eee4924ac34c885f2f11533c52b2ec622784

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA96218BDF0089
Connection: keep-alive
Content-Length: 5644
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Sat, 24 Feb 2024 21:14:51 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-02-24T21:14:51.754Z
ETag: "a74f99522429e5a935d218fb8ae9abd8"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1708806895#150906557/gid:0/gname:root/mode:33279/mtime:1708809291#727091760/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:11 GMT

GET
H/1.1 200
OK u.js Show response
t06k1tb.oilcoshand.live/media/mainstream/ 23 KB
24 KB 319ms
108ms Script
text/javascript 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/u.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

da6b9222d60f021de37dbcfb23d67a505271716c8105a3507e94160a51db8a14

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:11 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17EA95CC8B08DC1C
Connection: keep-alive
Content-Length: 24047
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 01 Aug 2024 07:22:33 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-06-16T17:12:20.564575085Z
ETag: "562a2c0e490c568c065b562b78cb0f42"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1720014411#588179770/gid:0/gname:root/mode:33188/mtime:1718557940#564575085/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:11 GMT

GET
H/1.1 200
OK logo_f01.png
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 7 KB
7 KB 107ms
107ms Image
image/png 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/logo_f01.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

91e5c1968eee9298437a097fd47978a077d667e086593ab0fd7988ef60d2ddf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA95CC89D44CC4
Connection: keep-alive
Content-Length: 6763
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 21 Nov 2023 12:30:07 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:45.157143Z
ETag: "192b810ba6ed4b80611aef274d85948d"
Vary: Origin, Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1695223406#15752084/gid:0/gname:root/mode:33279/mtime:1653412365#157143000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:11 GMT

GET
H/1.1 200
OK 2.js Show response
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 15 KB
16 KB 107ms
106ms Script
text/javascript 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

03764aa86cdd3dde4d2441b90a813d055e9f8af852d849ff18bc148b9554549b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:11 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17EA95CC8BD31092
Connection: keep-alive
Content-Length: 15146
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 01 Aug 2024 07:20:33 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-02-24T20:54:27Z
ETag: "0bddd3bcca2df107ca5b8187b8e2a3f8"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1720014411#424179406/gid:0/gname:root/mode:33188/mtime:1708808067#0/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:11 GMT

GET
H/1.1 200
OK 3.js Show response
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 15 KB
15 KB 107ms
107ms Script
text/javascript 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/3.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

b31317c3e7816470c11e8c1060d770b0c79f84c65f800512a83062d69f80caed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA95CC95E905B8
Connection: keep-alive
Content-Length: 14971
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Sat, 24 Feb 2024 21:14:51 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-02-24T21:14:51.198Z
ETag: "55bab18cf6adc22fc3d91e30c20ce0e6"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1708806893#30902711/gid:0/gname:root/mode:33188/mtime:1708809291#171090831/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:11 GMT

GET
H/1.1 200
OK iphone15pro.png
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 45 KB
46 KB 107ms
107ms Image
image/png 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/iphone15pro.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

f30ac8920f3a3ab6621abad202e015353d46b61233549dfabe927234a9a5b3c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:11 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA95CC99DD51D6
Connection: keep-alive
Content-Length: 46124
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 21 Nov 2023 12:30:07 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2023-10-12T21:06:01Z
ETag: "901fdfedb54cf1297edd1de54a893cf8"
Vary: Origin, Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1697145024#950103503/gid:0/gname:root/mode:33188/mtime:1697144761#0/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:11 GMT

GET
H/1.1 200
OK img1.jpg
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 1 KB
2 KB 110ms
108ms Image
image/jpeg 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/img1.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA96055C675612
Connection: keep-alive
Content-Length: 1315
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 21 Nov 2023 12:30:07 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:34.86512Z
ETag: "c3c59916d3b4977017c89125dc42b664"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1695223405#343750573/gid:0/gname:root/mode:33279/mtime:1653412354#865120000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H/1.1 200
OK img2.jpg
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 1 KB
2 KB 109ms
108ms Image
image/jpeg 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/img2.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17EA96055EC657A1
Connection: keep-alive
Content-Length: 1297
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 01 Aug 2024 07:20:34 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:35.053121Z
ETag: "92b944714cea3e478a8e50dea1a80b26"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1719964906#413084472/gid:0/gname:root/mode:33279/mtime:1653412355#53121000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H/1.1 200
OK yWwCB4c.jpg
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 2 KB
3 KB 108ms
107ms Image
image/jpeg 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/yWwCB4c.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

a7c86ca5470f7d68b4c5f1c87f29f7daf816d1bd95353091bba8753341bb6f5f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17EA9621C6A97A6A
Connection: keep-alive
Content-Length: 2336
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 01 Aug 2024 07:20:36 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:13:13.081205Z
ETag: "5edf4db493423ac10c72a27ad5c4a618"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1719964880#637032546/gid:0/gname:root/mode:33279/mtime:1653412393#81205000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H/1.1 200
OK 3temv7e.jpg
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 1 KB
2 KB 107ms
107ms Image
image/jpeg 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/3temv7e.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17EA9621CBF8DD5B
Connection: keep-alive
Content-Length: 1169
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 01 Aug 2024 07:20:33 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:18.037083Z
ETag: "a848711320a9df61e6457f65b0dfa9fb"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1720014411#424179406/gid:0/gname:root/mode:33279/mtime:1653412338#37083000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H/1.1 200
OK 7wSpKDu.jpg
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 2 KB
3 KB 108ms
107ms Image
image/jpeg 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/7wSpKDu.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

84d7f0648aeba8d80bb0f47e781cba8955b8fa7425748d9830c7a8c9bc35e5e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA9621C9D65959
Connection: keep-alive
Content-Length: 2037
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 20 Sep 2023 15:23:24 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:18.769085Z
ETag: "6d02d5cf49120718501b9a6629290c48"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1693134509#292024605/gid:0/gname:root/mode:33279/mtime:1653412338#769085000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H/1.1 200
OK 9PH2QqX.jpg
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 2 KB
3 KB 107ms
107ms Image
image/jpeg 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/9PH2QqX.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA9621CA09D7B5
Connection: keep-alive
Content-Length: 2143
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 20 Sep 2023 15:23:24 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:18.941085Z
ETag: "f48aa7778890400e3be6131e64cd4236"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1693134509#292024605/gid:0/gname:root/mode:33279/mtime:1653412338#941085000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H/1.1 200
OK EKZrmbS.jpg
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 2 KB
3 KB 107ms
107ms Image
image/jpeg 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/EKZrmbS.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA9621CC555596
Connection: keep-alive
Content-Length: 2264
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:28.093105Z
ETag: "7364bf39dcf0941d3a1760e46a562710"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1695223404#251748116/gid:0/gname:root/mode:33279/mtime:1653412348#93105000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H/1.1 200
OK yEUMY3v.jpg
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 2 KB
2 KB 107ms
107ms Image
image/jpeg 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/yEUMY3v.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

45f901bd7a281c73db028f014eb9196ad0297d6eaede94151bf2832946eb8f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA9621CE4EDEB6
Connection: keep-alive
Content-Length: 1608
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 21 Nov 2023 12:30:07 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:13:13.025205Z
ETag: "5da3831556c780010e0e5c5b967e43ce"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1695223407#915756360/gid:0/gname:root/mode:33279/mtime:1653412393#25205000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H/1.1 200
OK KqX499j.png
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 2 KB
3 KB 108ms
107ms Image
image/png 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/KqX499j.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

9d3497a2d77fdd3eeeca1fa511771f641dd2cf62380a65513c1c9c81ffa0c856

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17EA9621D292DDB8
Connection: keep-alive
Content-Length: 2074
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 01 Aug 2024 07:20:33 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:43.217139Z
ETag: "774144fe4f19ee00b63f172c8a11a55e"
Vary: Origin, Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1719964896#265063947/gid:0/gname:root/mode:33279/mtime:1653412363#217139000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H/1.1 200
OK DsrKpkj.jpg
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 1 KB
2 KB 107ms
107ms Image
image/jpeg 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/DsrKpkj.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17EA9621D2195C2C
Connection: keep-alive
Content-Length: 1506
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 01 Aug 2024 07:20:33 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:27.741105Z
ETag: "0d0f29abfcedc7dfffe3811a5100a6cd"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1719964926#229124556/gid:0/gname:root/mode:33279/mtime:1653412347#741105000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H/1.1 200
OK plR22yu.jpg
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 1017 B
2 KB 106ms
106ms Image
image/jpeg 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/plR22yu.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

9545948eefe774be5121de01ef9c14207891c35116bba14056471a59e4c212a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA9621D01F9689
Connection: keep-alive
Content-Length: 1017
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 20 Sep 2023 15:23:26 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:58.225172Z
ETag: "7a532123e2eda81e018b8c1f90c8b3bd"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1693134509#312024668/gid:0/gname:root/mode:33279/mtime:1653412378#225172000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H/1.1 200
OK 4.js Show response
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 679 B
1 KB 107ms
107ms Script
text/javascript 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/4.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

df13515853ed2541b20a4ff5dc48ed81abc416f3633de894e6e685d54dcf634f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:11 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17EA95CCA419E254
Connection: keep-alive
Content-Length: 679
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 01 Aug 2024 07:20:33 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-02T19:56:12Z
ETag: "02bdef239abfac0f6f2f0168a0febe98"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1719956911#372468330/gid:0/gname:root/mode:33279/mtime:1719950172#0/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:11 GMT

GET
H/1.1 200
OK 5.js Show response
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 12 KB
12 KB 108ms
106ms Script
text/javascript 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/5.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

e157b45ed9a28fe95914f413692e496fc0a04a4191f22492ff3a8296fbaeda47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA95CCDF6EDB85
Connection: keep-alive
Content-Length: 11920
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Sat, 24 Feb 2024 21:14:51 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-02-24T21:14:51.387Z
ETag: "de362f15f5232df7747f7e741f587fcd"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1708806893#798904105/gid:0/gname:root/mode:33279/mtime:1708809291#359091145/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H/1.1 200
OK 6.js Show response
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 28 KB
29 KB 108ms
107ms Script
text/javascript 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/6.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17EA95CCE1B1117F
Connection: keep-alive
Content-Length: 29110
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 01 Aug 2024 07:20:33 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:18.597084Z
ETag: "ba847811448ef90d98d272aeccef2a95"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1720014411#428179416/gid:0/gname:root/mode:33279/mtime:1653412338#597084000/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H/1.1 200
OK 7.js Show response
t06k1tb.oilcoshand.live/media/mainstream/all/mb/ 8 KB
9 KB 109ms
107ms Script
text/javascript 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/7.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

7a94681a57ec6c39e857fcaa26418de63c5e93b827f0fa1e44d3da3b7d3c2a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA95CCDF7E6B4C
Connection: keep-alive
Content-Length: 7936
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Sat, 24 Feb 2024 21:14:51 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-02-24T21:14:51.569Z
ETag: "114f0be35fbff35e205c5f0bc146d864"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1708809291#567091493/gid:0/gname:root/mode:33279/mtime:1708809291#543091452/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H2 200 getextparams Show response
jsontdsexit2.com/ExtService.svc/ 630 B
502 B 461ms
98ms XHR
application/json 136.243.216.235
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jsontdsexit2.com/ExtService.svc/getextparams
Requested by: Host: t06k1tb.oilcoshand.live
URL: https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/1.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 136.243.216.235 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.235.216.243.136.clients.your-server.de
Software: nginx /
Resource Hash: d26247b961984e8a362d88466132977035f878d5e4dca3df30de367a49fed489

Request headers

Referer: https://t06k1tb.oilcoshand.live/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 11 Aug 2024 05:50:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK chrome58x58.png
t06k1tb.oilcoshand.live/media/mainstream/us/wap/mobsurvey/ 8 KB
9 KB 164ms
106ms Image
image/png 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/us/wap/mobsurvey/chrome58x58.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

4a38335b55379462b766727785b7505320bcc608f7c9c8890b7bf70513570624

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17EA96056A36DF70
Connection: keep-alive
Content-Length: 8496
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 01 Aug 2024 07:22:41 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-06-16T13:51:19.478644697Z
ETag: "6111593186764223a5c03ae8fe3820ef"
Vary: Origin, Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1720014411#564179717/gid:0/gname:root/mode:33279/mtime:1655387479#478644697/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H/1.1 200
OK alert.mp3 Show response
t06k1tb.oilcoshand.live/media/mainstream/ 9 KB
9 KB 108ms
107ms XHR
audio/mpeg 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL

https://t06k1tb.oilcoshand.live/media/mainstream/alert.mp3

Requested by

Host: t06k1tb.oilcoshand.live
URL: https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),

Reverse DNS

Software

openresty /

Resource Hash

d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 05:50:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17EA960573AE9D19
Connection: keep-alive
Content-Length: 8802
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:52.802583242Z
ETag: "6d2d3da2ea28ace816fa4a138829dc18"
Vary: Origin, Accept-Encoding
Content-Type: audio/mpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1695324533#997523934/gid:0/gname:root/mode:33279/mtime:1655387452#802583242/uid:0/uname:root
Expires: Mon, 11 Aug 2025 05:50:12 GMT

GET
H/1.1 204
No Content favicon.ico
t06k1tb.oilcoshand.live/ 0
107 B 107ms
107ms Other
text/plain 185.155.184.55
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL: https://t06k1tb.oilcoshand.live/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 185.155.184.55 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://t06k1tb.oilcoshand.live/dvpvwkaq/?u=bt1k60t&o=xqt63qn&t=cid%3A10905&cid=10905-14309-202408110850094753&f=1&sid=t4~4srprlapa4y5mt5dllyu1s33&fp=Ummm%2FPuwXd96h8d7Lmy%2FnQ%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 11 Aug 2024 05:50:12 GMT
Server: openresty

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: velvet.relessor.shop
URL: https://velvet.relessor.shop/help/?31631721355814

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gogood.com.br/	1970-01-21 08:18:35	Name: _ga Value: GA1.1.503533045.1723355409
.gogood.com.br/	1970-01-21 00:52:11	Name: _gcl_au Value: 1.1.1649508019.1723355409
.gogood.com.br/	1970-01-21 03:01:47	Name: __hstc Value: 188524407.c31bb57ec8af61e84768c4077a9edf1a.1723355408636.1723355408636.1723355408636.1
.gogood.com.br/	1970-01-21 03:01:47	Name: hubspotutk Value: c31bb57ec8af61e84768c4077a9edf1a
.gogood.com.br/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.gogood.com.br/	1970-01-20 22:42:37	Name: __hssc Value: 188524407.1.1723355408636
.gogood.com.br/	1970-01-21 00:52:11	Name: _fbp Value: fb.2.1723355408905.2980588515217820
.doubleclick.net/	1970-01-21 08:18:35	Name: IDE Value: AHWqTUnZxzc7reKMp6xoai6DfGhtCU5uhHxqAT8NcHofh1QuP0uZsoG8I8FcPjBX
.hubspot.com/	1970-01-20 22:42:37	Name: __cf_bm Value: aUPaDyrR2igsTzKHJPRpx5C7Fmav40PiR8.f1LhXq.4-1723355409-1.0.1.1-dPDCRG68KQg_FQzfKgbkeNZ_AwYwR4lU_zBuA2_NgARInWzDl14In6PnGOJwCNIrQLSd25BKFPaUafodwaBPkg
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: rC6lLthtkGTjAOsJ0tJyDivCYIEfWe.wGE5nCr8l5rA-1723355409100-0.0.1.1-604800000
.hs-sites.com/	1969-12-31 23:59:59	Name: __cfruid Value: 5ec502b64d24b510954c46cf94a67c2695e85de6-1723355409
.gogood.com.br/	1970-01-21 03:01:47	Name: messagesUtk Value: de1b1c908cd6476dae25651238c9a909
.linkedin.com/	1970-01-21 00:52:11	Name: li_sugr Value: 82a36155-a7fb-433e-8c3c-efee25168d31
.linkedin.com/	1970-01-21 07:28:11	Name: bcookie Value: "v=2&55281ae5-fdf9-4f1b-8a5a-93d6101a64a8"
.linkedin.com/	1970-01-20 22:44:01	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3318:u=1:x=1:i=1723355409:t=1723441809:v=2:sig=AQHE7MRXI3XXtjFEStHzWy1Dv79s1Grz"
.linkedin.com/	1970-01-20 23:25:47	Name: UserMatchHistory Value: AQL7iPpHx5fn0AAAAZE__KuTlnJei1_f0IchVTkCUznE6L1vtl7_RBFHfE0TE08CthtK4qopdkYBOg
.linkedin.com/	1970-01-20 23:25:47	Name: AnalyticsSyncHistory Value: AQIDA5v0QJVIOgAAAZE__KuT55kWs9TVhwijbxTGy4hwV3pLWLVmMoO5JrYurVeDT6HJNmnvTpdQJrchjx15ew
.hsforms.com/	1970-01-20 22:42:37	Name: __cf_bm Value: ZF34PbnR5PbhlqnhUOHe6sUNciUmV0WIjodhMRCQULw-1723355409-1.0.1.1-wj1dKe7nF.wqLaHIKfQ49mcpcLD3OBurNgZkTu7cz0zhxbhEmvt7480noj_F7Lawn0LZtUD6EkEqME7UjUurBg
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: CSXV.BaGVTon7ca3FaHqLYEVbUh9JS9lK4EhuO0U7z0-1723355409375-0.0.1.1-604800000
.www.linkedin.com/	1970-01-21 07:28:11	Name: bscookie Value: "v=1&202408110550097d416724-342b-4469-8ec5-f0c03f4aeea4AQFE3VECPF6j67uxrOxhs9OGP-_uuOl7"
.velvet.relessor.shop/	1970-01-20 23:27:13	Name: 00831 Value: %7B%22streams%22%3A%7B%2214309%22%3A1723355409%7D%2C%22campaigns%22%3A%7B%2210905%22%3A1723355409%7D%2C%22time%22%3A1723355409%7D
enhancemalenew.life/	1969-12-31 23:59:59	Name: sid Value: t4~4srprlapa4y5mt5dllyu1s33
enhancemalenew.life/	1969-12-31 23:59:59	Name: p1 Value: https://oilcoshand.live/dvpvwkaq/
enhancemalenew.life/	1969-12-31 23:59:59	Name: s1 Value: vpwfr1u0nnsalesx
.gogood.com.br/	1970-01-21 08:18:35	Name: _ga_NSXXH3C1SL Value: GS1.1.1723355408.1.1.1723355410.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
intervention	error	URL: https://t06k1tb.oilcoshand.live/media/mainstream/all/mb/1.js Message: Blocked call to navigator.vibrate because user hasn't tapped on the frame or any embedded frame yet: https://www.chromestatus.com/feature/5644273861001216.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

44645643.hs-sites.com
api.hubapi.com
api.hubspot.com
app.hubspot.com
connect.facebook.net
cta-service-cms2.hubspot.com
enhancemalenew.life
forms.hscollectedforms.net
forms.hsforms.com
gogood.com.br
googleads.g.doubleclick.net
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hubspot.com
js.usemessages.com
jsontdsexit2.com
perf-na1.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
t06k1tb.oilcoshand.live
track.hubspot.com
velvet.relessor.shop
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
velvet.relessor.shop
136.243.216.235
18.160.10.15
185.155.184.55
185.155.186.33
2001:4860:4802:32::178
2600:1408:c400:5::17c7:3719
2606:4700:3037::6815:4640
2606:4700::6810:4e8e
2606:4700::6810:6ffe
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8dd1
2606:4700::6811:afc9
2606:4700::6811:df98
2606:4700::6812:16b7
2606:4700::6812:50cc
2606:4700::6812:f06c
2606:4700::6813:affc
2607:f8b0:4004:c09::61
2607:f8b0:400d:c07::69
2607:f8b0:400d:c0d::9d
2620:1ec:21::14
2620:1ec:50::12
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
03764aa86cdd3dde4d2441b90a813d055e9f8af852d849ff18bc148b9554549b
258597d6c51817d5eb2623a2466113b05bdf2618b3b8bd488bf770ff5872b72c
3219e9b5673785cb942331858ef7eee4924ac34c885f2f11533c52b2ec622784
388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302
45f901bd7a281c73db028f014eb9196ad0297d6eaede94151bf2832946eb8f07
4a38335b55379462b766727785b7505320bcc608f7c9c8890b7bf70513570624
56c32daace7908db601fe0475375edbea385c4de7a1e6c6ccd454729d1dc079f
7a94681a57ec6c39e857fcaa26418de63c5e93b827f0fa1e44d3da3b7d3c2a7d
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
84d7f0648aeba8d80bb0f47e781cba8955b8fa7425748d9830c7a8c9bc35e5e9
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
8d61cfa6eada95158e106497829ee32e4af1e84d123f8186349681cbba44d50e
91e5c1968eee9298437a097fd47978a077d667e086593ab0fd7988ef60d2ddf4
9545948eefe774be5121de01ef9c14207891c35116bba14056471a59e4c212a1
983098152fa48eb72cfc85f71e5abdb7cbd72bea10b9157e566cf9ce28261fb7
9d3497a2d77fdd3eeeca1fa511771f641dd2cf62380a65513c1c9c81ffa0c856
a5792390a8524aa9f2eebb5cc1eab38a2789f00a028dd16f1a1080678bd3f353
a7c86ca5470f7d68b4c5f1c87f29f7daf816d1bd95353091bba8753341bb6f5f
aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9
aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0
b2134512608af652a98e1fa0528865c9ed7bfbc0776865fbbbf3ea552260ff46
b31317c3e7816470c11e8c1060d770b0c79f84c65f800512a83062d69f80caed
ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
d26247b961984e8a362d88466132977035f878d5e4dca3df30de367a49fed489
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc
da6b9222d60f021de37dbcfb23d67a505271716c8105a3507e94160a51db8a14
df13515853ed2541b20a4ff5dc48ed81abc416f3633de894e6e685d54dcf634f
e157b45ed9a28fe95914f413692e496fc0a04a4191f22492ff3a8296fbaeda47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393
e7eb3ba41e31f5d9710bb64a87a5e9e7664143a95f68d0f357fe0d4252bb58d5
eb9fe798331b592bd8fc54d5ede3ac19e961b5aa7c2dffb3dbb17ce5fcb88e01
f2ead250f003ad44fad41af0a1554922e31ab930fa86d90a8f2df62c048c2843
f30ac8920f3a3ab6621abad202e015353d46b61233549dfabe927234a9a5b3c5
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205
fa4b66a5cfae352bb04f7f950448acda808fee5e9e044ab466f606e435b61080

t06k1tb.oilcoshand.live Open in urlscan Pro 185.155.184.55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

98 %HTTPS

84 %IPv6

23 Domains

32 Subdomains

25 IPs

3 Countries

1233 kBTransfer

2899 kBSize

25 Cookies

0 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

t06k1tb.oilcoshand.live Open in urlscan Pro
185.155.184.55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

98 %
HTTPS

84 %
IPv6

23
Domains

32
Subdomains

25
IPs

3
Countries

1233 kB
Transfer

2899 kB
Size

25
Cookies

83 HTTP transactions
0 data transactions