www.destravandoseudinheiro.online Open in urlscan Pro
2a02:4780:1:273:0:285c:4a16:51 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.destravandoseudinheiro.online/
Submission: On October 11 via automatic, source certstream-suspicious (October 11th 2021, 3:48:43 pm UTC) — Scanned from DE

Summary HTTP 123 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 15 domains to perform 123 HTTP transactions. The main IP is 2a02:4780:1:273:0:285c:4a16:51, located in United States and belongs to AS-HOSTINGER, CY. The main domain is www.destravandoseudinheiro.online.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on October 11th 2021. Valid for: 3 months.

This is the only time www.destravandoseudinheiro.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2a02:4780:1:2... 2a02:4780:1:273:0:285c:4a16:51	47583 (AS-HOSTINGER) (AS-HOSTINGER)
29	2600:9000:223... 2600:9000:223f:ac00:14:796:1e80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	141.94.130.128 141.94.130.128	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	34.198.22.192 34.198.22.192	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::ac43:ac3f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
2	54.165.200.156 54.165.200.156	14618 (AMAZON-AES) (AMAZON-AES)
1	18.210.132.130 18.210.132.130	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:e::7	15169 (GOOGLE) (GOOGLE)
123	22

29 2a02:4780:1:273:0:285c:4a16:51 (United States)

ASN47583 (AS-HOSTINGER, CY)

www.destravandoseudinheiro.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2600:9000:223f:ac00:14:796:1e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

static-public.klickpages.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.130.128 (France)

ASN16276 (OVH, FR)
PTR: ns31442138.ip-141-94-130.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.198.22.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-22-192.compute-1.amazonaws.com

launcher.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:ac3f (United States)

ASN13335 (CLOUDFLARENET, US)

art.klickpages.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.165.200.156 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-200-156.compute-1.amazonaws.com

identification.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.132.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-132-130.compute-1.amazonaws.com

tracking-api.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:e::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5edn6r.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	klickpages.com.br static-public.klickpages.com.br art.klickpages.com.br	1 MB
29	destravandoseudinheiro.online www.destravandoseudinheiro.online	585 KB
16	youtube.com www.youtube.com	756 KB
13	googlevideo.com r2---sn-4g5edn6r.googlevideo.com	503 KB
9	gstatic.com fonts.gstatic.com	218 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	39 KB
5	hotmart.com launcher.hotmart.com identification.hotmart.com tracking-api.hotmart.com	9 KB
5	google.com apis.google.com www.google.com	121 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	2 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	facebook.net connect.facebook.net	78 KB
1	newrelic.com js-agent.newrelic.com	16 KB
1	ytimg.com i.ytimg.com	71 KB
1	ggpht.com yt3.ggpht.com	4 KB
1	postimg.cc i.postimg.cc	23 KB
123	15

	Domain	Requested by
29	static-public.klickpages.com.br	www.destravandoseudinheiro.online
29	www.destravandoseudinheiro.online	www.destravandoseudinheiro.online
16	www.youtube.com	www.destravandoseudinheiro.online www.youtube.com
13	r2---sn-4g5edn6r.googlevideo.com	www.youtube.com
9	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
5	fonts.googleapis.com	www.destravandoseudinheiro.online static-public.klickpages.com.br
4	apis.google.com	www.destravandoseudinheiro.online
2	bam-cell.nr-data.net	www.destravandoseudinheiro.online
2	identification.hotmart.com	www.destravandoseudinheiro.online
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	connect.facebook.net	www.destravandoseudinheiro.online
2	launcher.hotmart.com	www.destravandoseudinheiro.online
1	js-agent.newrelic.com	www.destravandoseudinheiro.online
1	tracking-api.hotmart.com	www.destravandoseudinheiro.online
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	art.klickpages.com.br	www.destravandoseudinheiro.online
1	ajax.googleapis.com	www.destravandoseudinheiro.online
1	i.postimg.cc	www.destravandoseudinheiro.online
123	21

This site contains links to these domains. Also see Links.

Domain
ev.braip.com

Subject Issuer	Validity	Valid
destravandoseudinheiro.online ZeroSSL RSA Domain Secure Site CA	`2021-10-11` - `2022-01-09`	3 months	crt.sh
*.klickpages.com.br Go Daddy Secure Certificate Authority - G2	`2020-06-06` - `2022-06-06`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
postimg.cc R3	`2021-09-30` - `2021-12-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
data.hotmart.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-22` - `2021-10-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
hotmart.com Amazon	`2021-07-12` - `2022-08-10`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-09-28` - `2021-12-07`	2 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.destravandoseudinheiro.online/
Frame ID: E7662F5F2285D5F476313E53CCA7B270
Requests: 90 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
Frame ID: 5D6F0CF526F9D980C7408FC318EF0682
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Destravando Seu Dinheiro

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
/([\d.]+)/jquery(?:\.min)?\.js

Page Statistics

123
Requests

100 %
HTTPS

71 %
IPv6

15
Domains

21
Subdomains

22
IPs

3
Countries

3737 kB
Transfer

7512 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ev.braip.com/checkout/pla86ndr/che45r0g
Title: QUERO AGORA MESMO

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

123 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.destravandoseudinheiro.online/ 118 KB
22 KB 362ms
110ms Document
text/html 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

88d3546c7edc1eb6e861c3f1eefc3c80c185ae091d8fb2cda8df256aadbcd5c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:method: GET
:authority: www.destravandoseudinheiro.online
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
last-modified: Mon, 11 Oct 2021 15:14:31 GMT
etag: "1d742-616454d7-a62b082d59513bf1;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 22480
date: Mon, 11 Oct 2021 15:48:37 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 publish.css
static-public.klickpages.com.br/app/assets/stylesheets/ 291 KB
31 KB 77ms
9ms Stylesheet
text/css 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/app/assets/stylesheets/publish.css?v=1633388492
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8688491562f2663822cf013daaf499c97f870d0584360bed309172a2791be571

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:39:15 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 17:31:48 GMT
server: AmazonS3
age: 1249763
etag: W/"8c78168015dd49337c65e7a59ce176af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 1BJOrb1od0O3SojGkuq1PhuPLpoQHSE-5imRW4qFdj57RIvrgjpcQw==
expires: Fri, 23 Sep 2022 17:31:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 66 KB
3 KB 47ms
24ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Dosis:300,500,700|Just+Another+Hand|Lato:%27100italic%27,%27300italic%27,%27400italic%27,%27700italic%27,%27900italic%27,100,300,400,700,900|Lora:%27400italic%27,%27700italic%27,400,700|Montserrat:300,400,500,700|Oswald:300,400,700|Open+Sans:%27300italic%27,%27400italic%27,%27600italic%27,%27700italic%27,300,400,600,700|Open+Sans+Condensed:%27300italic%27,300,700|Roboto:%27100italic%27,%27300italic%27,%27400italic%27,%27500italic%27,%27700italic%27,%27900italic%27,100,300,400,500,700,900|Raleway:%27300italic%27,%27400italic%27,%27700italic%27,300,400,700|Nunito:%27wght@200%27,400,700,800|Vollkorn:%27ital,,400,500,600,700,800,900,wght@0,

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e9be33442a32609456c1ef0aa754cb485ff55f52e64fdc63364b17dc5aa7503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 15:48:37 GMT
server: ESF
date: Mon, 11 Oct 2021 15:48:37 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 15:48:37 GMT

GET
H2 200 include.js Show response
static-public.klickpages.com.br/app/assets/javascripts/public/js/ 230 KB
68 KB 83ms
15ms Script
application/javascript 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/app/assets/javascripts/public/js/include.js?v=1633388492
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 967f32071b62b6339e4207159b75d5dbf6defabcc12848a02603370816f9ee89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 03:52:26 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 20:56:34 GMT
server: AmazonS3
age: 18014172
etag: W/"e3c62a2610fa173d5cb5b2c7f3b88537"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: MP8QhJbiiXCXCdrAhhXjWvtivCSPA2L3E_oj7n7BCS7T653mRk9Urw==
expires: Tue, 15 Mar 2022 20:56:33 GMT

GET
H2 200 plus.js Show response
apis.google.com/js/ 52 KB
21 KB 68ms
39ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plus.js

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1a1aa3ad89d1990b1899aa5b0a3b7aac179304ee146d5d8cb1083c74d3ca2db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SpNcmJQftOGdUvsscddwsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "b7c368eab41994173e879faa7ca9be36"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-SpNcmJQftOGdUvsscddwsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Mon, 11 Oct 2021 15:48:37 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
20 KB 103ms
74ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+l1M5B34UTp+V7yycpTdEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "c34d224d0ee061f3752d1f91e397a052"
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-+l1M5B34UTp+V7yycpTdEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires: Mon, 11 Oct 2021 15:48:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
2 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800,italic|Varela+Round:400

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76c034ceaf5f5f958530b5c59d3341255c524200248fd47e7c7f0d54b4f8a85c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 15:48:37 GMT
server: ESF
date: Mon, 11 Oct 2021 15:48:37 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 15:48:37 GMT

GET
H2 200 bootstrap.min.css
www.destravandoseudinheiro.online/css/ 138 KB
19 KB 113ms
110ms Stylesheet
text/css 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.destravandoseudinheiro.online/css/bootstrap.min.css

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /css/bootstrap.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
content-encoding: br
last-modified: Thu, 07 Oct 2021 22:15:52 GMT
server: LiteSpeed
etag: "22682-615f7198-75a64e5e7879747d;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 19106
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 base032c.css
www.destravandoseudinheiro.online/css/ 2 KB
732 B 120ms
117ms Stylesheet
text/css 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.destravandoseudinheiro.online/css/base032c.css?1568260061

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c5b7b16da6f2cd236fb4da993395d0f19916249424f5ceb0671c9b8aeed312a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /css/base032c.css?1568260061
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
content-encoding: br
last-modified: Thu, 07 Oct 2021 22:15:52 GMT
server: LiteSpeed
etag: "7d8-615f7198-3db194d2ec783b34;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 670
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 lobibox.min.css
www.destravandoseudinheiro.online/css/ 23 KB
3 KB 121ms
117ms Stylesheet
text/css 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.destravandoseudinheiro.online/css/lobibox.min.css

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

1ba940a0f632a3567aa7493e66f016f845f58f3faff42bea7940df2e9fff5efd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /css/lobibox.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
content-encoding: br
last-modified: Thu, 07 Oct 2021 22:15:53 GMT
server: LiteSpeed
etag: "5cbd-615f7199-cbeabdb41943dd0b;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 3257
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 jquery.min.js Show response
www.destravandoseudinheiro.online/js/ 85 KB
29 KB 214ms
212ms Script
application/x-javascript 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.destravandoseudinheiro.online/js/jquery.min.js

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /js/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
content-encoding: br
last-modified: Thu, 07 Oct 2021 22:16:01 GMT
server: LiteSpeed
etag: "1538f-615f71a1-10879fa2972fa8a6;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 29664
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 bootstrap.min.js Show response
www.destravandoseudinheiro.online/js/ 50 KB
13 KB 217ms
214ms Script
application/x-javascript 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.destravandoseudinheiro.online/js/bootstrap.min.js

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /js/bootstrap.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
content-encoding: br
last-modified: Thu, 07 Oct 2021 22:15:59 GMT
server: LiteSpeed
etag: "c62b-615f719f-3fc72424f09b9f8b;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 13378
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 exit.js Show response
www.destravandoseudinheiro.online/js/ 4 KB
2 KB 219ms
217ms Script
application/x-javascript 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.destravandoseudinheiro.online/js/exit.js

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f0e3b876ac223c9263e924d757a752b8ffb595ffb8143633c243d6cbce3b2343

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /js/exit.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
content-encoding: br
last-modified: Thu, 07 Oct 2021 22:15:59 GMT
server: LiteSpeed
etag: "f9b-615f719f-af23be9583772162;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 1797
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 lobibox.min.js Show response
www.destravandoseudinheiro.online/js/ 33 KB
6 KB 219ms
217ms Script
application/x-javascript 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.destravandoseudinheiro.online/js/lobibox.min.js

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

fad783aaa175dff38aaaf42ac9b07a4fb583d1486011e9456e27b8297a776dec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /js/lobibox.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
content-encoding: br
last-modified: Thu, 07 Oct 2021 22:16:00 GMT
server: LiteSpeed
etag: "85f5-615f71a0-d6dac932dba64203;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6330
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 analytics.js Show response
www.destravandoseudinheiro.online/www.google-analytics.com/ 48 KB
19 KB 118ms
108ms Script
application/x-javascript 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.destravandoseudinheiro.online/www.google-analytics.com/analytics.js

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /www.google-analytics.com/analytics.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
content-encoding: br
last-modified: Thu, 07 Oct 2021 22:16:22 GMT
server: LiteSpeed
etag: "c001-615f71b6-7dc6a7ea079901a1;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 19076
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 404 powr1047.js
www.destravandoseudinheiro.online/www.powr.io/ 0
0 220ms
218ms Script
text/html 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://www.destravandoseudinheiro.online/www.powr.io/powr1047.js?platform=html

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /www.powr.io/powr1047.js?platform=html
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2019 07:07:00 GMT
server: LiteSpeed
etag: "999-5d11c814-6676c669517ec7ee;br"
vary: Accept-Encoding
content-type: text/html
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 914

GET
H2 200 begin.js Show response
static-public.klickpages.com.br/app/assets/javascripts/public/js/body/ 0
379 B 86ms
21ms Script
application/javascript 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/app/assets/javascripts/public/js/body/begin.js?v=1633388492
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 16:17:25 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jan 2021 21:00:35 GMT
server: AmazonS3
age: 21252673
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 0
x-amz-cf-id: jD91__WAh468Fmh-QpMHLMYhrY0NIYrq9WMehMqcvwF1WZ_Qz4Cl0Q==
expires: Thu, 27 Jan 2022 21:00:34 GMT

GET
H2 200 css
fonts.googleapis.com/ 419 B
377 B 43ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Just+Another+Hand&display=swap

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f15ebd465228a4af7f7aa83b2c8ef6ffbfd6b55009f833c2f51c0ac7f6f2dbce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 15:48:37 GMT
server: ESF
date: Mon, 11 Oct 2021 15:48:37 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 15:48:37 GMT

GET
H2 200 main.css
static-public.klickpages.com.br/tmp/zip/1261/styles/ 1 KB
875 B 78ms
14ms Stylesheet
text/css 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/tmp/zip/1261/styles/main.css?v=1569938350
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92a1a293cddcd20be36a6568764bd880c76e7d8b59cd2bad7b58146994d7a968

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 15:39:02 GMT
content-encoding: gzip
last-modified: Tue, 01 Oct 2019 13:59:12 GMT
server: AmazonS3
age: 21168576
etag: W/"7e28d998bd4c0235c95ada5c8eed63d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: JGJrk1z3udopCuW4V8u1aN6TSK9vTT0gqH9LCb7cbxGOBgKXA2mdqQ==
expires: Thu, 01 Oct 2020 13:59:11 GMT

GET
H2 200 main.css
static-public.klickpages.com.br/tmp/zip/920/styles/ 2 KB
1022 B 86ms
21ms Stylesheet
text/css 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/tmp/zip/920/styles/main.css?v=1532374120
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 682df476e7f851ac04c015c7fcc688b8888e2d0f69544fde9832248830d28803

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 17:42:19 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 19:28:41 GMT
server: AmazonS3
age: 16322779
etag: W/"366f0918acf174eab423849a6a474387"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: a7hWEvqqTWpRXoEPrfmy9Tub2yvujJuWHWTfUwM9WnRHgFMfJZQufw==
expires: Tue, 23 Jul 2019 19:28:40 GMT

GET
H2 200 video-paused-btn.png
i.postimg.cc/KvjgW9Gn/ 22 KB
23 KB 74ms
17ms Image
image/png 141.94.130.128
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/KvjgW9Gn/video-paused-btn.png
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.130.128 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31442138.ip-141-94-130.eu
Software: nginx /
Resource Hash: a4a2681a774708a859774e5718609b0fc8030e8934de1a5273d45bd4fe556521

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Sun, 04 Jul 2021 00:38:21 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 22968
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Tue, 11 Oct 2022 14:01:14 GMT

GET
H2 200 player_api Show response
www.youtube.com/ 980 B
2 KB 55ms
23ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e5c85e0a6c4be2aa4a6880effe874a973eae35378e876527bd14e150f00e2ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires: Mon, 11 Oct 2021 15:48:37 GMT

GET
H2 200 fb-001.jpg
www.destravandoseudinheiro.online/ps/ 29 KB
29 KB 121ms
112ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-001.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a1c2fe5cb5a4cd9e3bb88043a1a3b3801ae15db9733c92d7fad533a860444991

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-001.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:11 GMT
server: LiteSpeed
etag: "74c1-615f71ab-727807e6876d6016;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 29889
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-002.jpg
www.destravandoseudinheiro.online/ps/ 24 KB
25 KB 132ms
123ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-002.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a3278520b1b98aaf6a0d67e6c5235450eff3ba1e5a050c48c436164e618dd58a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-002.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:11 GMT
server: LiteSpeed
etag: "61f8-615f71ab-8e7120ee23526b23;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 25080
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-003.jpg
www.destravandoseudinheiro.online/ps/ 30 KB
30 KB 133ms
124ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-003.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7fcc9de29f940489104d0b7744765939b2f50b3a6cfc9cf5e6adf725d97442be

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-003.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:12 GMT
server: LiteSpeed
etag: "790f-615f71ac-b6c17e3cb053b4f8;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 30991
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-004.jpg
www.destravandoseudinheiro.online/ps/ 30 KB
30 KB 135ms
126ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-004.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a524a5961ae8c3fedc122b30aae06fff29963cde8769d166babb2a5631da7898

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-004.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:12 GMT
server: LiteSpeed
etag: "7682-615f71ac-14c9ac66dc2640ec;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 30338
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-005.jpg
www.destravandoseudinheiro.online/ps/ 32 KB
32 KB 136ms
127ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-005.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b95bbf9c424ea81bfdb45df933b92ea830af02edfb2d72e578a64ed9b72f4dbe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-005.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:12 GMT
server: LiteSpeed
etag: "7ebe-615f71ac-ad08ae597f217757;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 32446
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-006.jpg
www.destravandoseudinheiro.online/ps/ 31 KB
31 KB 218ms
209ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-006.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

09f83d1849f369a9127fc1d33f9b968997a31bd65c3c4fe5498371865ffad57d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-006.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:13 GMT
server: LiteSpeed
etag: "7a7a-615f71ad-570d295d20403530;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 31354
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-007.jpg
www.destravandoseudinheiro.online/ps/ 24 KB
25 KB 219ms
211ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-007.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5b45b05226968154752109d02af36615c63f2cbfd6752ab83b5bc55eec89b8ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-007.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:13 GMT
server: LiteSpeed
etag: "61fa-615f71ad-5419385cfde2e365;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 25082
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-008.jpg
www.destravandoseudinheiro.online/ps/ 31 KB
31 KB 223ms
215ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-008.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

49c5387a25f5b4e357d8279db3d01795cbe7edf0fb8022d7a2ad9e507baed6dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-008.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:14 GMT
server: LiteSpeed
etag: "7cd4-615f71ae-d7661c6ca97a6093;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 31956
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-009.jpg
www.destravandoseudinheiro.online/ps/ 29 KB
29 KB 224ms
216ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-009.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

42a06c9ecbad8f2eae36c9cec331518384cf0157031899a65764a08d704441c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-009.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:14 GMT
server: LiteSpeed
etag: "73f1-615f71ae-e66aab1dc4da44bc;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 29681
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-010.jpg
www.destravandoseudinheiro.online/ps/ 31 KB
31 KB 319ms
311ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-010.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

7d6f2bd7a39b9ca2dbf668bb8c072b3ddf90a9c7bf8e17c372c1a48191e60e7a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-010.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:14 GMT
server: LiteSpeed
etag: "7bb1-615f71ae-6d5492b8426cf57;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 31665
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-011.jpg
www.destravandoseudinheiro.online/ps/ 24 KB
24 KB 323ms
315ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-011.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d1cf8704918df988fa4273b5c79bf8aba67820254f6dae1d05bec755145dcdea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-011.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:15 GMT
server: LiteSpeed
etag: "5eb9-615f71af-3cd06aabce8ba765;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 24249
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-012.jpg
www.destravandoseudinheiro.online/ps/ 29 KB
29 KB 324ms
317ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-012.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

14f0ea9b34702f261b48208eed1e3dc77981083b7c1355419a0bcb0f7fb4ad2a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-012.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:15 GMT
server: LiteSpeed
etag: "747e-615f71af-e79611e96762b5a7;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 29822
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-013.jpg
www.destravandoseudinheiro.online/ps/ 31 KB
31 KB 326ms
318ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-013.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8d0740ef41550b949b01041cce40096fee3f03656925029ddac36a63c38d9a50

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-013.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:16 GMT
server: LiteSpeed
etag: "7a4c-615f71b0-2702ab2e2b2ccc93;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 31308
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-014.jpg
www.destravandoseudinheiro.online/ps/ 25 KB
26 KB 327ms
320ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-014.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a311a481bddbecb80122f5af71c086365952074e82224660f63cd5e00bd5a7cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-014.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:16 GMT
server: LiteSpeed
etag: "65fe-615f71b0-eab9fabd31177c9b;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 26110
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-015.jpg
www.destravandoseudinheiro.online/ps/ 31 KB
31 KB 328ms
321ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-015.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e7c1511b26b40f8f09e0a8f9acf79d926d5fd3f54093763384c86834f03af577

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-015.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:16 GMT
server: LiteSpeed
etag: "7a51-615f71b0-c33414736cfba678;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 31313
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-016.jpg
www.destravandoseudinheiro.online/ps/ 9 KB
9 KB 329ms
323ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-016.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f71d800809ede53b7fd0bbecb0cf9c6d268c8f1442f4c73339a52ac4bec4a2d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-016.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:17 GMT
server: LiteSpeed
etag: "2284-615f71b1-12a5a87da8aa6893;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 8836
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 fb-017.jpg
www.destravandoseudinheiro.online/ps/ 29 KB
30 KB 331ms
324ms Image
image/jpeg 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.destravandoseudinheiro.online/ps/fb-017.jpg

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

a87663d841c57e6e47bbb042a26432717d0794543f6333bd61c09702a7c36837

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /ps/fb-017.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
last-modified: Thu, 07 Oct 2021 22:16:17 GMT
server: LiteSpeed
etag: "75e4-615f71b1-44fb6d5acbf9b7d1;;;"
content-type: image/jpeg
cache-control: public, max-age=604800
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 30180
expires: Mon, 18 Oct 2021 15:48:37 GMT

GET
H2 200 publish.css
static-public.klickpages.com.br/app/assets/stylesheets/ 291 KB
31 KB 15ms
15ms Stylesheet
text/css 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/app/assets/stylesheets/publish.css?v=1633633186
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8688491562f2663822cf013daaf499c97f870d0584360bed309172a2791be571

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:39:15 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 17:31:48 GMT
server: AmazonS3
age: 1249763
etag: W/"8c78168015dd49337c65e7a59ce176af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: UJqTSlOmQBtS6-0dyxyzvtsOnodEV6aO8IjmMgdSdqfTUR_fDfVr2w==
expires: Fri, 23 Sep 2022 17:31:47 GMT

GET
H2 200 include.js Show response
static-public.klickpages.com.br/app/assets/javascripts/public/js/ 230 KB
68 KB 8ms
8ms Script
application/javascript 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/app/assets/javascripts/public/js/include.js?v=1633633186
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 967f32071b62b6339e4207159b75d5dbf6defabcc12848a02603370816f9ee89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 03:52:26 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 20:56:34 GMT
server: AmazonS3
age: 18014172
etag: W/"e3c62a2610fa173d5cb5b2c7f3b88537"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: qA3VENUgSvdH43GOnyk7CmwJzEuTPoYNl7PnMXZcIIae02F4T4uLQw==
expires: Tue, 15 Mar 2022 20:56:33 GMT

GET
H2 200 begin.js Show response
static-public.klickpages.com.br/app/assets/javascripts/public/js/body/ 0
379 B 7ms
7ms Script
application/javascript 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/app/assets/javascripts/public/js/body/begin.js?v=1633633186
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 16:17:25 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jan 2021 21:00:35 GMT
server: AmazonS3
age: 21252673
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 0
x-amz-cf-id: BlsaMFE4WBOLW31Pnj31RJJCidQMtPZudKx33IfG6RiAH5-SMkbAPQ==
expires: Thu, 27 Jan 2022 21:00:34 GMT

GET
H2 200 main.css
static-public.klickpages.com.br/tmp/zip/1408/styles/ 305 B
684 B 7ms
7ms Stylesheet
text/css 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/tmp/zip/1408/styles/main.css?v=1628600352
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c1ae0d9f6961bac9b4c4230dec7e92be4fb7874c07d226daac698acd91154c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 02 Sep 2021 12:14:50 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Tue, 10 Aug 2021 12:59:13 GMT
server: AmazonS3
age: 3382428
etag: "5e83c932c60fd5b82119139c14a5b623"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 305
x-amz-cf-id: cjfO6sIe3VLan0SJmxwnVLa-pbsUjAYU96KSUmHRWz2dhFFKLVrQGQ==
expires: Wed, 10 Aug 2022 12:59:12 GMT

GET
H2 200 main.css
static-public.klickpages.com.br/tmp/zip/1371/styles/ 2 KB
1 KB 7ms
7ms Stylesheet
text/css 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/tmp/zip/1371/styles/main.css?v=1618260168
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b68e2f058e7e4923da3ce4d2bdaa3469c419ef2a08967e3baf7689319d054e92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 00:15:20 GMT
content-encoding: gzip
last-modified: Mon, 12 Apr 2021 20:42:49 GMT
server: AmazonS3
age: 15694398
etag: W/"9be0ec6981ba00b6f9f828ca178c19ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: Q0rggQw-fpaYWmxmzBo9d9br5SFoHkEthKkSXkTuZ-06dylM67n50w==
expires: Tue, 12 Apr 2022 20:42:48 GMT

GET
H2 200 main.css
static-public.klickpages.com.br/tmp/zip/1219/styles/ 4 KB
1 KB 9ms
8ms Stylesheet
text/css 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/tmp/zip/1219/styles/main.css?v=1559680022
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b94c2e3a253fa14b542c9c6045d09ee0fe3f49986c0703fa1db991ff6f459b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 14:55:32 GMT
content-encoding: gzip
last-modified: Tue, 04 Jun 2019 20:27:03 GMT
server: AmazonS3
age: 17801586
etag: W/"6f92183d171a727f8580eb72c27859e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: i7f6Zod5xlmYKbr5oBYu9arI1YPSc26sb3Th1IB6hX8wiVtYo7wB8w==
expires: Thu, 04 Jun 2020 20:27:02 GMT

GET
H2 200 main.css
static-public.klickpages.com.br/tmp/zip/1343/styles/ 2 KB
1 KB 8ms
7ms Stylesheet
text/css 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/tmp/zip/1343/styles/main.css?v=1604692430
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc68b7865e219dc633272e26e690a33d92dbb038778f3d21a5dfdcb80e54e38d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 16:09:31 GMT
content-encoding: gzip
last-modified: Fri, 06 Nov 2020 19:54:03 GMT
server: AmazonS3
age: 21512347
etag: W/"c85377053b612d6fb2d683a912d7f399"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 4237gSFfb11LjXjm1Lw9sE4Z_MKBDQ2eJRZNGk4AoHhnaS4Rjv-81g==
expires: Sat, 06 Nov 2021 19:54:02 GMT

GET
H2 200 7d.png
static-public.klickpages.com.br/uploads/media/file/4264255/ 11 KB
11 KB 428ms
421ms Image
image/png 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-public.klickpages.com.br/uploads/media/file/4264255/7d.png
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 231faa57db334b38f668bd4e8a7c67bb18d007cac245f4a4ad0ed4a3394f259f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:38 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 14:37:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "592b4571c37f0670aa3317a68f75f0d3"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 11288
x-amz-cf-id: duR-rzMQunm01pK1_mEGwWm0mOKn6ai5KI-4aADBrQwIxWc_02YnDg==

GET
H2 200 design-sem-nome.png
static-public.klickpages.com.br/uploads/media/file/4264332/ 79 KB
79 KB 449ms
442ms Image
image/png 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-public.klickpages.com.br/uploads/media/file/4264332/design-sem-nome.png
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57df14e3a9e2c26c6608c094f81fda7a060a839a0721f5336e2b2b9c07e156ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:38 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 14:48:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "b9ad22f7794bf2a4ed758be2334d05c1"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 80955
x-amz-cf-id: lVxH0YRZUkNbL95I9bHCsI2ItFAvsHLw1SaBLgE09J-P8l9On9jJOw==

GET
H2 200 para_o_site.png
static-public.klickpages.com.br/uploads/media/file/4256941/ 484 KB
485 KB 442ms
436ms Image
image/png 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-public.klickpages.com.br/uploads/media/file/4256941/para_o_site.png
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0704d8993268ceebd1d8eab32e2094cecdc8095cdbc29af0ff48e44c0e358ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:38 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 18:09:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "d463aebbcf773e8fff1f3dc221a4c645"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 495382
x-amz-cf-id: DtDH9tspx6849OVGTscAXKCrjZ_jc1TsjCL8ebBHWtnJJ6PHQUKdQg==

GET
H2 200 news_2.png
static-public.klickpages.com.br/uploads/media/file/4256944/ 280 KB
280 KB 437ms
431ms Image
image/png 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-public.klickpages.com.br/uploads/media/file/4256944/news_2.png
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 139a656c69f435e196337975d7a247e6ec7d3bc5dfdc4a78794aa1d52358811a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:38 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 18:09:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "f39d74ae51de5be4e7c64dadf358ab64"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 286409
x-amz-cf-id: -KSSElLP3bzIsBM1aYtfsQwinWxJrQrJdG74xEcl4eCNfqXp4zbjfA==

GET
H2 200 g1.png
static-public.klickpages.com.br/uploads/media/file/4264162/ 18 KB
18 KB 418ms
412ms Image
image/png 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-public.klickpages.com.br/uploads/media/file/4264162/g1.png
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b1a2062491a408f460d82f8d3cc0f06927c930d15d5864ea7266a91296a3073

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:38 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 14:22:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "18b694a6d0f0a423dfbbdc8a9841d78c"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 18286
x-amz-cf-id: NIdv392iGD0JauHuzdRMKBczxSeKmji5JJq3t5XyzjVpTRSotpDDbg==

GET
H2 200 r7.png
static-public.klickpages.com.br/uploads/media/file/4264164/ 78 KB
79 KB 459ms
454ms Image
image/png 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-public.klickpages.com.br/uploads/media/file/4264164/r7.png
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45bdd9e12e86b2e2256f1f701388c71422ca0f5c1613c913557c7551cb492042

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:38 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 14:23:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "7ac6991d67be67b386df53a28d35d496"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 80245
x-amz-cf-id: Je1DexuDxn1I9EOcCpL4FtvQDdHh1Rgg5QitqzSujeDU8k6tXCJLuQ==

GET
H2 200 gl.jpeg
static-public.klickpages.com.br/uploads/media/file/4264168/ 10 KB
10 KB 423ms
417ms Image
image/jpeg 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-public.klickpages.com.br/uploads/media/file/4264168/gl.jpeg
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e6a1289b2fb7bd233e5e4059914e562f3e946435fdaf54bd66e9fa17f5158b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:38 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 14:24:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "eb424c8bdbb1776faca233bddd2168f8"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 10368
x-amz-cf-id: WBcLE6dMjCFOsELCxVH10h0W_110x63ckt2cluSvNWaN7AcD4phPwg==

GET
H2 200 main.css
static-public.klickpages.com.br/tmp/zip/1311/styles/ 4 KB
1 KB 11ms
2ms Stylesheet
text/css 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/tmp/zip/1311/styles/main.css?v=1579098209
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30f00b76cbd0c5950a91dcc6bfaa009a46e092e1b5f6f2cae924445915a10cab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 16:51:52 GMT
content-encoding: gzip
last-modified: Wed, 15 Jan 2020 14:23:33 GMT
server: AmazonS3
age: 22028206
etag: W/"c501f0874af086ca9611f8c0010974a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 7PNHo4k0mMesf2NM4kdG3xbyllnf1wLOCrv8KMOQ2yDiQpc5asBKpg==
expires: Fri, 15 Jan 2021 14:23:32 GMT

GET
H2 200 design-sem-nome.png
static-public.klickpages.com.br/uploads/media/file/4265199/ 79 KB
79 KB 508ms
503ms Image
image/png 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-public.klickpages.com.br/uploads/media/file/4265199/design-sem-nome.png
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57df14e3a9e2c26c6608c094f81fda7a060a839a0721f5336e2b2b9c07e156ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:38 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 18:00:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "b9ad22f7794bf2a4ed758be2334d05c1"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 80955
x-amz-cf-id: pEkzYbyyls2gyi8NhvkIKr2mQzSx0xrbnhZRRJJ_KEvKvYxjjo06_Q==

GET
H2 200 main.css
static-public.klickpages.com.br/tmp/zip/1234/styles/ 2 KB
1 KB 16ms
6ms Stylesheet
text/css 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/tmp/zip/1234/styles/main.css?v=1564688885
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 559339a07cd23571b589312dcefcf75378e0031240cab99744f607da551ab35a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 15:13:45 GMT
content-encoding: gzip
last-modified: Thu, 01 Aug 2019 19:48:06 GMT
server: AmazonS3
age: 21170093
etag: W/"0e1f75b51f7dc4a37042210c9f00508b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: SOh66IbCsPwUU8Tv6bQ3JixHqbySCMZSrMe9cS8AVTutgEHCqvcwzg==
expires: Sat, 01 Aug 2020 19:48:05 GMT

GET
H2 200 main.css
static-public.klickpages.com.br/tmp/zip/705/styles/ 540 B
917 B 17ms
7ms Stylesheet
text/css 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/tmp/zip/705/styles/main.css?v=1493236320
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 815b6cd84edbe8cd0896ef3c6cdafafd868e21a9426cb94c3c11ddd3b27013bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 03:15:27 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Wed, 26 Apr 2017 19:52:01 GMT
server: AmazonS3
age: 4883591
etag: "8d3ab66185d9dd60f7a570e55d4ee9ed"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 540
x-amz-cf-id: xBLHb115CBAJK3TGYw7-l9lNmJWGGKj9q05FkXAE456GCtrg6gf6Jg==
expires: 2018-04-26T16:52:00-03:00

GET
H2 200 site-seguro-google.png
static-public.klickpages.com.br/uploads/media/file/4264213/ 7 KB
7 KB 407ms
402ms Image
image/png 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-public.klickpages.com.br/uploads/media/file/4264213/site-seguro-google.png
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0737d388d326571cf85a834d326bb87cd896c0c2c9be490e034d3065b595aa6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:38 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Thu, 07 Oct 2021 14:32:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "7ee9e633badeaf2699e7c879f2974c9d"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 6819
x-amz-cf-id: 09pK6jz0E24wL0UHvuXhs5Q88vYoZnEpotLySuC7dzH47_o_aEe9_Q==

GET
H2 200 main.css
static-public.klickpages.com.br/tmp/zip/865/styles/ 925 B
1 KB 16ms
6ms Stylesheet
text/css 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/tmp/zip/865/styles/main.css?v=1528118659
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce710940f97c50df4202d458a4a1b1202eed740aad31caf74254e40b74a6745e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 02:16:17 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Mon, 04 Jun 2018 13:24:20 GMT
server: AmazonS3
age: 21562340
etag: "af8dc9fc37f669770a6468e2c29f4797"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 925
x-amz-cf-id: nJlRIJILjmuHnJb-vy8_-tsw5Z3WrU7yX9DUFSDYthnwAMFJPoUpIA==
expires: Tue, 04 Jun 2019 13:24:19 GMT

GET
H2 200 end.js Show response
static-public.klickpages.com.br/app/assets/javascripts/public/js/body/ 19 KB
6 KB 16ms
7ms Script
application/javascript 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/app/assets/javascripts/public/js/body/end.js?v=1633633186
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77d6bcbe1be94252e8eef57092e4be2696896b4439c6d11b809371ad1a41a275

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 21:20:23 GMT
content-encoding: gzip
last-modified: Fri, 03 Sep 2021 17:35:57 GMT
server: AmazonS3
age: 2312894
etag: W/"7eb3bd20cc263033bdee8558d2d946e6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: NgxJm3MbO7fBgTvHRe2Wr2bOle2EzZ53MLTjyrQCDVw8mu6glcL5lQ==
expires: Sat, 03 Sep 2022 17:35:56 GMT

GET
H2 200 libs.js Show response
static-public.klickpages.com.br/app/assets/javascripts/libs/ 7 KB
3 KB 16ms
6ms Script
application/javascript 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-public.klickpages.com.br/app/assets/javascripts/libs/libs.js?v=1633633186
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41555928210575101175ea0102028541dc0371ac593d46e612f6ef8956301e3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 10:27:38 GMT
content-encoding: gzip
last-modified: Wed, 27 Jan 2021 21:00:50 GMT
server: AmazonS3
age: 22051260
etag: W/"4888e1579f4ec72d319cbcfb9d508b1e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: oFv2kMHDc5inXOADoCjWJ4K8YzabXOphXkcButaW5U5KXEJe86aldg==
expires: Thu, 27 Jan 2022 21:00:49 GMT

GET
H2 200 launcher.js Show response
launcher.hotmart.com/ 6 KB
3 KB 341ms
106ms Script
application/javascript 34.198.22.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://launcher.hotmart.com/launcher.js

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.198.22.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-22-192.compute-1.amazonaws.com

Software

Resource Hash

1690d9be98a0d0eae94c70bac71dbe9a8ba67fd946fb4f5ef3245d2c09253c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Oct 2021 15:48:37 GMT
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, no-store
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 2619
x-xss-protection: 1; mode=block
expires: Mon, 11 Oct 2021 15:48:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
820 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600,700,400,300

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/css/lobibox.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c0e5c2f898c9c6ae0c1aff2eca3068d28c9545f8b8c4458d912b27f93d7280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 14:34:17 GMT
server: ESF
date: Mon, 11 Oct 2021 15:48:37 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 15:48:37 GMT

GET
H2 404 powr1047.js
www.destravandoseudinheiro.online/www.powr.io/ 0
0 107ms
106ms Script
text/html 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.destravandoseudinheiro.online/www.powr.io/powr1047.js?platform=html
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

:path: /www.powr.io/powr1047.js?platform=html
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2019 07:07:00 GMT
server: LiteSpeed
etag: "999-5d11c814-6676c669517ec7ee;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 914

GET
H2 404 braip-boosterec92.js
www.destravandoseudinheiro.online/ev.braip.com/js/ 0
0 314ms
311ms Script
text/html 2a02:4780:1:273:0:285c:4a16:51
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.destravandoseudinheiro.online/ev.braip.com/js/braip-boosterec92.js?v=1633967317644
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:1:273:0:285c:4a16:51 , United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

:path: /ev.braip.com/js/braip-boosterec92.js?v=1633967317644
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.destravandoseudinheiro.online
referer: https://www.destravandoseudinheiro.online/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:37 GMT
content-encoding: br
last-modified: Tue, 25 Jun 2019 07:07:00 GMT
server: LiteSpeed
etag: "999-5d11c814-6676c669517ec7ee;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
content-length: 914

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a052d3e9c53ad6057303e0c5d7e2104c8ef8cc45674a83ce99a42acda6a51778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 7t4caJNknVCQgpIaSJPsiA==
cross-origin-resource-policy: cross-origin
expires: Mon, 11 Oct 2021 15:59:11 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 9BHsbDUUic7+sfx6vzCril03Z4SdLjfOw5OWl9dNw4cVbQ1FJwwyyrJ2vtEm5uYWILhgDXtZoZd3mVBU+60c+Q==
x-fb-trip-id: 686109401
x-fb-content-md5: 3097a9f0865e208228269cda3f5e9706
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 11 Oct 2021 15:48:37 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "004d494f65a7b938208aa34a96006f15"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 Evl3bJdQyr0 Show response
www.youtube.com/embed/ Frame 5D6F 55 KB
23 KB 81ms
78ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e923acfb1678f1372427e09a6c742f7c7a53db29c74b1aa2ee3d92aca77638db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.destravandoseudinheiro.online/
accept-encoding: gzip, deflate, br
cookie: YSC=9nBODSZekec; VISITOR_INFO1_LIVE=CjCxUEkfQPQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 11 Oct 2021 15:48:37 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+234; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/920e4583/www-widgetapi.vflset/ 140 KB
46 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/920e4583/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad0d99ab66d0e7ef994cd87cbca6c5f798af142b566fb904327b8f24cc3c7572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 13:44:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46468
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 00:21:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Oct 2022 13:44:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
699 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700;900&display=swap

Requested by

Host: static-public.klickpages.com.br
URL: https://static-public.klickpages.com.br/tmp/zip/1343/styles/main.css?v=1604692430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

468b365fbbe1ede8df6a31fd2d4f60ebaf28d219d96383ea550613cc108ab3b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static-public.klickpages.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 15:46:55 GMT
server: ESF
date: Mon, 11 Oct 2021 15:48:37 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 11 Oct 2021 15:48:37 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 264 KB
75 KB 24ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=4999ea6a2f0ea76b51b4ce04d33eac29

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8d827b35779977f28c453fdb6fae7c713dd1760865a56c9e593200a462082871

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.destravandoseudinheiro.online/
Origin: https://www.destravandoseudinheiro.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jGVF76CgxMuwaWH53362RQ==
cross-origin-resource-policy: cross-origin
expires: Tue, 11 Oct 2022 13:58:59 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76090
x-fb-rlafr: 0
x-fb-debug: N5NQ+KTmb3yv5J7EPs6263GlpFf2xbQ3ItoCjaAZCKs5KmdmFzA8T0j7v79A4yIRnGFoudEQOu8ddGJqn20Xxw==
x-fb-trip-id: 686109401
x-fb-content-md5: 771959c7bf77209022dd25cf235004c3
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 11 Oct 2021 15:48:37 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "df4c8501f6ac7376d315866e5aadbb08"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 795963.png
static-public.klickpages.com.br/uploads/media/file/3809801/ 37 KB
37 KB 447ms
447ms Image
image/png 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-public.klickpages.com.br/uploads/media/file/3809801/795963.png
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5b1f3f0afa4421018ef0bb8d614e0b7115885482155b4827c2a58331e177933

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:39 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Sun, 06 Jun 2021 01:00:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "480bb169db6f0c6151a492bdc43621f6"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 37563
x-amz-cf-id: gWR-HoF6HUEA7khSXK4cv4D8lp1GAPV0Xr-qAoGleYv1cDNfjGhAFw==

GET
H2 200 bg.jpg
static-public.klickpages.com.br/tmp/zip/1234/images/ 4 KB
5 KB 8ms
8ms Image
image/jpeg 2600:9000:223f:ac00:14:796:1e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-public.klickpages.com.br/tmp/zip/1234/images/bg.jpg?v=1564688885
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ac00:14:796:1e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b7380d988cd271119390848e1d5b74febf5eec1026e52d23ed4b7421092031a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 05:19:55 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Thu, 01 Aug 2019 19:48:06 GMT
server: AmazonS3
age: 18008923
etag: "92452343c778f503cdeda44504eb403e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 4387
x-amz-cf-id: G53SOPf5v9YEVyOQi3lJIJaZmjOU61fhrQNmRALIxsYdQzUcARHBRg==
expires: Sat, 01 Aug 2020 19:48:05 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 48ms
22ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dosis:300,500,700|Just+Another+Hand|Lato:%27100italic%27,%27300italic%27,%27400italic%27,%27700italic%27,%27900italic%27,100,300,400,700,900|Lora:%27400italic%27,%27700italic%27,400,700|Montserrat:300,400,500,700|Oswald:300,400,700|Open+Sans:%27300italic%27,%27400italic%27,%27600italic%27,%27700italic%27,300,400,600,700|Open+Sans+Condensed:%27300italic%27,300,700|Roboto:%27100italic%27,%27300italic%27,%27400italic%27,%27500italic%27,%27700italic%27,%27900italic%27,100,300,400,500,700,900|Raleway:%27300italic%27,%27400italic%27,%27700italic%27,300,400,700|Nunito:%27wght@200%27,400,700,800|Vollkorn:%27ital,,400,500,600,700,800,900,wght@0,

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.destravandoseudinheiro.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 10:51:57 GMT
x-content-type-options: nosniff
age: 104200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 10 Oct 2022 10:51:57 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 33ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.destravandoseudinheiro.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:11:30 GMT
x-content-type-options: nosniff
age: 2227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 15:11:30 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 39ms
14ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.destravandoseudinheiro.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 17:03:52 GMT
x-content-type-options: nosniff
age: 341085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 07 Oct 2022 17:03:52 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 45ms
20ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ce2f8643f80018e1c4f5dae8adadbd552256fbab5e4409672cb2e060aada574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.destravandoseudinheiro.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:54:06 GMT
x-content-type-options: nosniff
age: 17671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:21:29 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 10:54:06 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 55ms
31ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.destravandoseudinheiro.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 01:25:05 GMT
x-content-type-options: nosniff
age: 483812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Oct 2022 01:25:05 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 58ms
34ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.destravandoseudinheiro.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 07:30:39 GMT
x-content-type-options: nosniff
age: 29878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 07:30:39 GMT

GET
H2 200 845CNN4-AJyIGvIou-6yJKyptyOpOfr4DGg.woff2
fonts.gstatic.com/s/justanotherhand/v12/ 35 KB
35 KB 45ms
25ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/justanotherhand/v12/845CNN4-AJyIGvIou-6yJKyptyOpOfr4DGg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66ef3db3b0f8d51696ee2e0edb86f39624e22d04d8e073cef9fe20573c9929d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.destravandoseudinheiro.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 03:54:24 GMT
x-content-type-options: nosniff
age: 474853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35692
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 03:52:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Oct 2022 03:54:24 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.destravandoseudinheiro.online
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 12:00:45 GMT
x-content-type-options: nosniff
age: 100072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19536
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:41 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 10 Oct 2022 12:00:45 GMT

GET
H2 200 date_time Show response
art.klickpages.com.br/public/server/ 45 B
1 KB 266ms
236ms XHR
application/json 2606:4700:3033::ac43:ac3f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://art.klickpages.com.br/public/server/date_time

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:ac3f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a1fcf8bb63a30a91bdadf7448d15d23d1407c984b7bd47eb91c9187f35fbf2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.destravandoseudinheiro.online/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cf-ray: 69c93bd86e8f4e0d-FRA
access-control-allow-methods: GET, OPTIONS
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: 755c2a29-41e1-4c02-a8d1-130d4c5651db
x-runtime: 0.009143
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3a1fcf8bb63a30a91bdadf7448d15d23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmVjY3oOfwOmXD7iqi4WcgKNcKCxsoJkwnSIPLAeE6Ewhvd%2FNyJ0naeSvWyUbCls484YljrBAnPp1gP8eF0bCKvCew6zdz9CrrIY3lRkpOtW26ELpjcdJlPcEc1jdq7eUJ386Ed84%2BUC%2BQFvmfbliro5mXU%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plus/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 192 KB
65 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plus/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87c4d81d0302a445ee8da4ddb6eb2cf099d46fd9f5f7d52bb3067ede46e70dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 11:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65898
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Mon, 10 Oct 2022 11:16:39 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone/exm=plus/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/ 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=plusone/exm=plus/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c02fec4fdbd688353b305453e1c71569b6794a67bb6e4b80d4bf084b300fedba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 17:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 425247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1301
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:24:10 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="social-frontend-mpm-access"
expires: Thu, 06 Oct 2022 17:41:11 GMT

GET
H2 200 load-js Show response
launcher.hotmart.com/rest/v1/module/ 48 B
486 B 320ms
112ms XHR
application/json 34.198.22.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://launcher.hotmart.com/rest/v1/module/load-js?hotid=eyJzaWQiOiI3Mjc3YmYzZmE3Nzg0MjQ1OTQ3NmY0M2U3YjYzMTE4NiIsInBhZ2V2aWV3X2lkIjoiUFZucXl1Nmo5NG96a3VtdHlicGMiLCJ0cmFjZV9pZCI6IkxUMzAyMmlsNDV0Y2RrdW10eWJwYyJ9&locationHref=https%3A%2F%2Fwww.destravandoseudinheiro.online%2F&account=8aa696dd-56c9-3ea0-8c82-8b18e8e82737

Requested by

Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.198.22.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-22-192.compute-1.amazonaws.com

Software

Resource Hash

597d29c545d7a79da6b84b08603de509450bb81d0e88d3d9766b3cfae368120e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.destravandoseudinheiro.online/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 15:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Location, Link, ETag
cache-control: no-cache, no-store, max-age=0, must-revalidate
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/920e4583/ Frame 5D6F 335 KB
46 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/920e4583/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d729b2f70f453fcaf0d5574d79f4c18bc9844bcba4e6b9db51ee58d37187b4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:17:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12647
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46903
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 00:21:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Oct 2022 12:17:51 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/920e4583/www-embed-player.vflset/ Frame 5D6F 206 KB
68 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/920e4583/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daaa5c952389d8878ea2020d0741da82d97fda1dce08b1af725da60ae81ca04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 07:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69059
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 00:21:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Oct 2022 07:49:37 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/ Frame 5D6F 2 MB
511 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8026dc75e3d1abfa3b388e34207632d58179a2426ed68ea992f110ce61c61ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 00:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 312667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 522728
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 00:21:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 08 Oct 2022 00:57:31 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/920e4583/fetch-polyfill.vflset/ Frame 5D6F 8 KB
3 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/920e4583/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 12:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 00:21:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Oct 2022 12:31:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5D6F 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 589825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Oct 2022 19:58:13 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 5D6F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
474 B

42ms
41ms

XHR
application/json

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b3eb28ae5971df9a54e1aad701d727b100a4b9c8b3d9d955e6dc8876fec4eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 11 Oct 2021 15:48:38 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 5D6F 29 B
609 B 41ms
11ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:40:30 GMT
x-content-type-options: nosniff
age: 488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Oct 2021 15:55:30 GMT

GET
H2 200 88Kfa42RqqiX2_VoPzGyyTB3sqs5vmiw9j-iYX73-I0.js Show response
www.google.com/js/th/ Frame 5D6F 35 KB
14 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/88Kfa42RqqiX2_VoPzGyyTB3sqs5vmiw9j-iYX73-I0.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3c29f6b8d91aaa897dbf5683f31b2c93077b2ab39be68b0f63fa2617ef7f88d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:12:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 362162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13299
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 07 Oct 2022 11:12:36 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/ Frame 5D6F 25 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab6485b76bbc3d808027f9ba3dd4726d1839c738aa4ffb6dfca1db9a9b51fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 00:57:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 312663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7368
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 00:21:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 08 Oct 2022 00:57:35 GMT

GET
DATA 200
OK truncated
/ Frame 5D6F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 91WKWWS1LuehK4uTkXwCMydqu6jp8oiQvIfI4rmmSYVUX_7vczvbOW3NHkxUFMRxxqyqzOTQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 5D6F 4 KB
4 KB 580ms
537ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/91WKWWS1LuehK4uTkXwCMydqu6jp8oiQvIfI4rmmSYVUX_7vczvbOW3NHkxUFMRxxqyqzOTQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

203a6d5ff9305eebe14a4615e38e4fba9cfe3e236609284ee02a037971239666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3901
x-xss-protection: 0
expires: Tue, 12 Oct 2021 15:48:39 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/Evl3bJdQyr0/ Frame 5D6F 71 KB
71 KB 165ms
115ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/Evl3bJdQyr0/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aae8ccbf5e6302013ce9d2b19d37c2a5caf810897c1314da5d073f7e4d831b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:38 GMT
x-content-type-options: nosniff
server: sffe
etag: "1633636337"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72622
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 11 Oct 2021 17:48:38 GMT

GET
H2 204 generate_204
www.youtube.com/ Frame 5D6F 0
39 B 6ms
6ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?KMl0Zg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 id.min.js Show response
identification.hotmart.com/ 5 KB
5 KB 348ms
99ms Script
text/html 54.165.200.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://identification.hotmart.com/id.min.js?account=8aa696dd-56c9-3ea0-8c82-8b18e8e82737&account=8aa696dd-56c9-3ea0-8c82-8b18e8e82737
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.200.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-200-156.compute-1.amazonaws.com
Software: WildFly/9 / Undertow/1
Resource Hash: 19eadf2cdfeb8bda793665e73372a9a7a79a153ff4e317fab2b249c9b5cd2236

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:38 GMT
last-modified: Mon, 11 Oct 2021 14:41:58 GMT
server: WildFly/9
x-powered-by: Undertow/1
content-type: text/html;charset=utf-8
cache-control: max-age=60
content-length: 5407
expires: 163396731884760000

GET
H2 200 track Show response
tracking-api.hotmart.com/rest/ 0
103 B 520ms
165ms XHR
application/json 18.210.132.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking-api.hotmart.com/rest/track?hotid=eyJzaWQiOiI3Mjc3YmYzZmE3Nzg0MjQ1OTQ3NmY0M2U3YjYzMTE4NiIsImNpZCI6IjE2MzM5NjczMTg5MDA3NDA0MjQwNDIxOTE0NDAxMDAiLCJiaWQiOiIxNjMzOTY3MzE4OTAwNzQwNDI0MDQyMTkxNDQwMTAwIiwibG9jYXRpb25IcmVmIjoiaHR0cHMlM0ElMkYlMkZ3d3cuZGVzdHJhdmFuZG9zZXVkaW5oZWlyby5vbmxpbmUlMkYiLCJwYWdldmlld19pZCI6IlBWbnF5dTZqOTRvemt1bXR5YnBjIiwidHJhY2VfaWQiOiJMVG1kZmJpc3oxenhrdW10eWM4bCJ9&sid=7277bf3fa77842459476f43e7b631186&cid=1633967318900740424042191440100&bid=1633967318900740424042191440100&locationHref=https%3A%2F%2Fwww.destravandoseudinheiro.online%2F&account=8aa696dd-56c9-3ea0-8c82-8b18e8e82737
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.132.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-132-130.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.destravandoseudinheiro.online/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.destravandoseudinheiro.online
date: Mon, 11 Oct 2021 15:48:39 GMT
content-length: 0
content-type: application/json

GET
H2 200 id.gif
identification.hotmart.com/ 43 B
161 B 98ms
98ms Image
image/gif 54.165.200.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://identification.hotmart.com/id.gif?cid=1633967318900740424042191440100&bid=1633967318900740424042191440100
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.200.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-200-156.compute-1.amazonaws.com
Software: WildFly/9 / Undertow/1
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:48:38 GMT
cache-control: no-cache
server: WildFly/9
x-powered-by: Undertow/1
content-length: 43
content-type: image/gif

GET
H2 200 nr-spa-1210.min.js Show response
js-agent.newrelic.com/ 41 KB
16 KB 30ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1210.min.js
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: S2ZWAVF_bOLxH9dSP4fxyD9xCbMCwnq9
content-encoding: gzip
etag: "d5eff122d09ab2c851fb1780f0287cbf"
x-amz-request-id: WX0V4HYCNZMQF8V1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15563
x-amz-id-2: V3NWDRAGc9SgNVtEBWiiDcINCoTerPj471IMrsQhETN32n9I20g9CtqBNYipCh1nBoNnp81FM40=
x-served-by: cache-fra19174-FRA
last-modified: Tue, 22 Jun 2021 22:47:08 GMT
server: AmazonS3
x-timer: S1633967328.485852,VS0,VE0
date: Mon, 11 Oct 2021 15:48:48 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 917

GET
H/1.1 200
OK NRJS-c142e72e4c1ae98c33c Show response
bam-cell.nr-data.net/1/ 49 B
925 B 551ms
533ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/NRJS-c142e72e4c1ae98c33c?a=985034685&v=1210.e2a3f80&to=JQ5YEBZdDl8GRUxmWwgAQhYFHTJSBFIQZlcUF18HAQhYchNHTHJ3MkEMCxRGC1wNVg9qQgcVXg%3D%3D&rst=2275&ck=1&ref=https://www.destravandoseudinheiro.online/&ap=6&be=491&fe=2234&dc=910&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1633967316792,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:32,%22c%22:32,%22s%22:37,%22ce%22:253,%22rq%22:253,%22rp%22:363,%22rpe%22:465,%22dl%22:366,%22di%22:910,%22ds%22:910,%22de%22:1270,%22dc%22:2234,%22l%22:2234,%22le%22:2238%7D,%22navigation%22:%7B%7D%7D&fp=1298&fcp=1298&jsonp=NREUM.setToken
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.destravandoseudinheiro.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 15:48:39 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQGQlVSDQcEXFVVFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoBAVELU3RMB05WAhtDVgcPVQRRUwNRBQJfVFIPV0BKBQNcEV0/
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 69c93be04c134a5c-FRA

POST
H2 200 player Show response
www.youtube.com/youtubei/v1/ Frame 5D6F 68 KB
19 KB 866ms
866ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

617e66d2c35ccf3d0c228710ef97a3e1c4133a4edfc57f80e81ce7196f6fbaca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211006.1.0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Goog-Visitor-Id: CgtDakN4VUVrZlFQUSjVuZGLBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 11 Oct 2021 15:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18753
x-xss-protection: 0
expires: Mon, 11 Oct 2021 15:48:40 GMT

POST
H/1.1 200
OK NRJS-c142e72e4c1ae98c33c Show response
bam-cell.nr-data.net/events/1/ 24 B
521 B 145ms
145ms XHR
image/gif 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/NRJS-c142e72e4c1ae98c33c?a=985034685&v=1210.e2a3f80&to=JQ5YEBZdDl8GRUxmWwgAQhYFHTJSBFIQZlcUF18HAQhYchNHTHJ3MkEMCxRGC1wNVg9qQgcVXg%3D%3D&rst=2839&ck=1&ref=https://www.destravandoseudinheiro.online/
Requested by: Host: www.destravandoseudinheiro.online
URL: https://www.destravandoseudinheiro.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.destravandoseudinheiro.online/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 11 Oct 2021 15:48:39 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.destravandoseudinheiro.online
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 69c93be3bae94a5c-FRA
Content-Length: 24

POST
H2 204 qoe
www.youtube.com/api/stats/ Frame 5D6F 0
177 B 17ms
17ms Ping
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=134&afmt=251&cpn=xGqakL5lF0r0m2-t&ei=11xkYeuOF8SU1gK-w4DIDg&el=embedded&docid=Evl3bJdQyr0&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24064555%2C24067854%2C24080738%2C24082661%2C24094826%2C24101841%2C24106092&cl=401352273&seq=1&cbr=Chrome&cbrver=93.0.4577.63&c=WEB_EMBEDDED_PLAYER&cver=1.20211006.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.006:B,0.009:S,0.895:S,0.895:S&cmt=0.006:0.000,0.009:0.100,0.895:0.100&afs=0.894:251::i&vfs=0.895:134:135::r&view=0.895:1000:563&bwe=0.895:130000&bat=0.895:1:1&vis=0.895:0&bh=0.895:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 15:48:40 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5edn6r.googlevideo.com/ Frame 5D6F 1 KB
2 KB 66ms
8ms XHR
text/plain 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1633988919&ei=11xkYeuOF8SU1gK-w4DIDg&ip=2a0f%3A9441%3A5%3A0%3Aea%3A%3A1&id=o-ALL5l0j9qqfKHrnPVAe8sbx2UYhcZgPoZH6hECR_pMSg&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&mh=OK&mm=31%2C29&mn=sn-4g5edn6r%2Csn-4g5lznez&ms=au%2Crdu&mv=u&mvi=2&pl=48&vprv=1&mime=video%2Fmp4&ns=JyGeGdojG5EvTmCFdK8PqCUG&gir=yes&clen=5214818&otfp=1&dur=471.299&lmt=1633584343589370&mt=1633967043&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=opgKLNXluHPyLg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgB4zzu4Lpy5QDVNsf99_Oi9FUp-NkdCXn0X6-7yaNgNgCIQC46bMs4FxhPdItnynBpxPf_YJRu24GqpSuKefSBfWvvQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAKbubo42espWwyXqhYIA2JsGWnPlVSTU3W8lUCyu_fa0AiEAkVDT6vEEbov8Hg8nxoJ32RtUh8LKrpEMjnqnXdDGvfQ%3D&alr=yes&cpn=xGqakL5lF0r0m2-t&cver=1.20211006.1.0&range=0-1840&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4e37561025c64c2269da691ddf910203f7f00992bb43c460e15a59b25cc9807b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 15:48:40 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1075
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 11 Oct 2021 15:48:40 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5edn6r.googlevideo.com/ Frame 5D6F 1009 B
2 KB 66ms
9ms XHR
text/plain 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1633988919&ei=11xkYeuOF8SU1gK-w4DIDg&ip=2a0f%3A9441%3A5%3A0%3Aea%3A%3A1&id=o-ALL5l0j9qqfKHrnPVAe8sbx2UYhcZgPoZH6hECR_pMSg&itag=251&source=youtube&requiressl=yes&mh=OK&mm=31%2C29&mn=sn-4g5edn6r%2Csn-4g5lznez&ms=au%2Crdu&mv=u&mvi=2&pl=48&vprv=1&mime=audio%2Fwebm&ns=JyGeGdojG5EvTmCFdK8PqCUG&gir=yes&clen=7833837&otfp=1&dur=471.321&lmt=1633584351394918&mt=1633967043&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=opgKLNXluHPyLg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgNKllYULjBLPVpiMN5WIweAQXYC0MaDSuLVgl6WrBb1wCIQCIcgtNTsgzWQeCgUEt_-rGgj29Sf58kf66oWlpuk3xJw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAKbubo42espWwyXqhYIA2JsGWnPlVSTU3W8lUCyu_fa0AiEAkVDT6vEEbov8Hg8nxoJ32RtUh8LKrpEMjnqnXdDGvfQ%3D&alr=yes&cpn=xGqakL5lF0r0m2-t&cver=1.20211006.1.0&range=0-1071&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4b810ae9691468886b442dffd8c8785232c5110f74082cee415ed045d6720e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 15:48:40 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1009
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 11 Oct 2021 15:48:40 GMT

GET
H2 200 captions.js Show response
www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/ Frame 5D6F 64 KB
24 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bb80a1f2fee957491db2ba20503e6b412e3f1d30852525e7c4d2d8f2a54716e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 01:10:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 311890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24466
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 00:21:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 08 Oct 2022 01:10:30 GMT

GET
H2 200 endscreen.js Show response
www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/ Frame 5D6F 26 KB
7 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c27dc46acdde2ae04a9c02a6e0944bd4a3c82b6e0af3f431f29e2bac0550d695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 01:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 311892
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7143
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 00:21:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 08 Oct 2022 01:10:28 GMT

POST
H2 200 next Show response
www.youtube.com/youtubei/v1/ Frame 5D6F 5 KB
1 KB 329ms
329ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

0a6157d712f9dd38bc6d8798e13e0bc10e95a909aa36591348d2c928b267ed9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211006.1.0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Goog-Visitor-Id: CgtDakN4VUVrZlFQUSjVuZGLBg%3D%3D
Content-Type: application/json

Response headers

date: Mon, 11 Oct 2021 15:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1202
x-xss-protection: 0
expires: Mon, 11 Oct 2021 15:48:40 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5edn6r.googlevideo.com/ Frame 5D6F 2 KB
3 KB 257ms
256ms XHR
video/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1633988919&ei=11xkYeuOF8SU1gK-w4DIDg&ip=2a0f%3A9441%3A5%3A0%3Aea%3A%3A1&id=o-ALL5l0j9qqfKHrnPVAe8sbx2UYhcZgPoZH6hECR_pMSg&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=JyGeGdojG5EvTmCFdK8PqCUG&gir=yes&clen=5214818&otfp=1&dur=471.299&lmt=1633584343589370&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=opgKLNXluHPyLg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgB4zzu4Lpy5QDVNsf99_Oi9FUp-NkdCXn0X6-7yaNgNgCIQC46bMs4FxhPdItnynBpxPf_YJRu24GqpSuKefSBfWvvQ%3D%3D&alr=yes&cpn=xGqakL5lF0r0m2-t&cver=1.20211006.1.0&redirect_counter=1&cm2rm=sn-4g5ekz7l&cms_redirect=yes&mh=OK&mm=34&mn=sn-4g5edn6r&ms=ltu&mt=1633967083&mv=u&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAL0vZI-WTIi0QSakKiSS61q6nzKJJU5WWdnP1eT9bWkwAiB6cb7oSvhqvx_1DRDdl062QhDfkkI_E31pz3tvkc8myQ%3D%3D&range=0-1840&rn=3&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

637eff87e96caaf67aeb64e9ccc062575511177844533ae32bb6457fe62452cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 15:48:40 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1841
Last-Modified: Thu, 07 Oct 2021 05:25:43 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 11 Oct 2021 15:48:40 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5edn6r.googlevideo.com/ Frame 5D6F 1 KB
2 KB 220ms
220ms XHR
audio/webm 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1633988919&ei=11xkYeuOF8SU1gK-w4DIDg&ip=2a0f%3A9441%3A5%3A0%3Aea%3A%3A1&id=o-ALL5l0j9qqfKHrnPVAe8sbx2UYhcZgPoZH6hECR_pMSg&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=JyGeGdojG5EvTmCFdK8PqCUG&gir=yes&clen=7833837&otfp=1&dur=471.321&lmt=1633584351394918&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=opgKLNXluHPyLg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgNKllYULjBLPVpiMN5WIweAQXYC0MaDSuLVgl6WrBb1wCIQCIcgtNTsgzWQeCgUEt_-rGgj29Sf58kf66oWlpuk3xJw%3D%3D&alr=yes&cpn=xGqakL5lF0r0m2-t&cver=1.20211006.1.0&redirect_counter=1&cm2rm=sn-4g5ekz7l&cms_redirect=yes&mh=OK&mm=34&mn=sn-4g5edn6r&ms=ltu&mt=1633967083&mv=u&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIOhofMBA5KRE4TkUoLi-1AvuAh6P-JruJvxymm_ZY7YAiAb_uID9Otzk0lU6rDM1gjSvHa3-lbCCU08LZP3z7W_zw%3D%3D&range=0-1071&rn=4&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7b64fe6e28adb436ed661378d3a122e9ceaed179c8d43f62627c55440b62ca14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 15:48:40 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1072
Last-Modified: Thu, 07 Oct 2021 05:25:51 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 11 Oct 2021 15:48:40 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5edn6r.googlevideo.com/ Frame 5D6F 64 KB
65 KB 143ms
143ms XHR
audio/webm 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1633988919&ei=11xkYeuOF8SU1gK-w4DIDg&ip=2a0f%3A9441%3A5%3A0%3Aea%3A%3A1&id=o-ALL5l0j9qqfKHrnPVAe8sbx2UYhcZgPoZH6hECR_pMSg&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=JyGeGdojG5EvTmCFdK8PqCUG&gir=yes&clen=7833837&otfp=1&dur=471.321&lmt=1633584351394918&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=opgKLNXluHPyLg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgNKllYULjBLPVpiMN5WIweAQXYC0MaDSuLVgl6WrBb1wCIQCIcgtNTsgzWQeCgUEt_-rGgj29Sf58kf66oWlpuk3xJw%3D%3D&alr=yes&cpn=xGqakL5lF0r0m2-t&cver=1.20211006.1.0&redirect_counter=1&cm2rm=sn-4g5ekz7l&cms_redirect=yes&mh=OK&mm=34&mn=sn-4g5edn6r&ms=ltu&mt=1633967083&mv=u&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIOhofMBA5KRE4TkUoLi-1AvuAh6P-JruJvxymm_ZY7YAiAb_uID9Otzk0lU6rDM1gjSvHa3-lbCCU08LZP3z7W_zw%3D%3D&range=1072-66607&rn=5&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

271b34ee201fc8ce4b571a3251cedbee709496e4d56d77db9d35885d6d0c2985

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 15:48:40 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 65536
Last-Modified: Thu, 07 Oct 2021 05:25:51 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 11 Oct 2021 15:48:40 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5edn6r.googlevideo.com/ Frame 5D6F 64 KB
65 KB 190ms
189ms XHR
video/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1633988919&ei=11xkYeuOF8SU1gK-w4DIDg&ip=2a0f%3A9441%3A5%3A0%3Aea%3A%3A1&id=o-ALL5l0j9qqfKHrnPVAe8sbx2UYhcZgPoZH6hECR_pMSg&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=JyGeGdojG5EvTmCFdK8PqCUG&gir=yes&clen=5214818&otfp=1&dur=471.299&lmt=1633584343589370&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=opgKLNXluHPyLg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgB4zzu4Lpy5QDVNsf99_Oi9FUp-NkdCXn0X6-7yaNgNgCIQC46bMs4FxhPdItnynBpxPf_YJRu24GqpSuKefSBfWvvQ%3D%3D&alr=yes&cpn=xGqakL5lF0r0m2-t&cver=1.20211006.1.0&redirect_counter=1&cm2rm=sn-4g5ekz7l&cms_redirect=yes&mh=OK&mm=34&mn=sn-4g5edn6r&ms=ltu&mt=1633967083&mv=u&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAL0vZI-WTIi0QSakKiSS61q6nzKJJU5WWdnP1eT9bWkwAiB6cb7oSvhqvx_1DRDdl062QhDfkkI_E31pz3tvkc8myQ%3D%3D&range=1841-67376&rn=6&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0934e646fb1f7f4d44bf68d8cd24870b5d951215d9991762dec84c5c238afa1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 15:48:40 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 65536
Last-Modified: Thu, 07 Oct 2021 05:25:43 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 11 Oct 2021 15:48:40 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5edn6r.googlevideo.com/ Frame 5D6F 1 KB
2 KB 118ms
118ms XHR
text/plain 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1633988919&ei=11xkYeuOF8SU1gK-w4DIDg&ip=2a0f%3A9441%3A5%3A0%3Aea%3A%3A1&id=o-ALL5l0j9qqfKHrnPVAe8sbx2UYhcZgPoZH6hECR_pMSg&itag=135&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&mh=OK&mm=31%2C29&mn=sn-4g5edn6r%2Csn-4g5lznez&ms=au%2Crdu&mv=u&mvi=2&pl=48&vprv=1&mime=video%2Fmp4&ns=JyGeGdojG5EvTmCFdK8PqCUG&otf=1&otfp=1&dur=0.000&lmt=1633584343407173&mt=1633967043&fvip=2&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=opgKLNXluHPyLg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJ5Wz6sBjmzZSi1JthWwuK-tKdkUv01T231bgsnflUTaAiB8kQqZSyIY4-Wo3aGMEYsiIEeCpqZcq0tEVVIXCut7dA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRgIhAKbubo42espWwyXqhYIA2JsGWnPlVSTU3W8lUCyu_fa0AiEAkVDT6vEEbov8Hg8nxoJ32RtUh8LKrpEMjnqnXdDGvfQ%3D&alr=yes&cpn=xGqakL5lF0r0m2-t&cver=1.20211006.1.0&sq=0&rn=7&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4af792c10bb075fead60829079b84c8b808732d1647e1439568e85d9eb7a1235

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 15:48:40 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1042
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 11 Oct 2021 15:48:40 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5edn6r.googlevideo.com/ Frame 5D6F 64 KB
65 KB 24ms
24ms XHR
audio/webm 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1633988919&ei=11xkYeuOF8SU1gK-w4DIDg&ip=2a0f%3A9441%3A5%3A0%3Aea%3A%3A1&id=o-ALL5l0j9qqfKHrnPVAe8sbx2UYhcZgPoZH6hECR_pMSg&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=JyGeGdojG5EvTmCFdK8PqCUG&gir=yes&clen=7833837&otfp=1&dur=471.321&lmt=1633584351394918&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=opgKLNXluHPyLg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgNKllYULjBLPVpiMN5WIweAQXYC0MaDSuLVgl6WrBb1wCIQCIcgtNTsgzWQeCgUEt_-rGgj29Sf58kf66oWlpuk3xJw%3D%3D&alr=yes&cpn=xGqakL5lF0r0m2-t&cver=1.20211006.1.0&redirect_counter=1&cm2rm=sn-4g5ekz7l&cms_redirect=yes&mh=OK&mm=34&mn=sn-4g5edn6r&ms=ltu&mt=1633967083&mv=u&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIOhofMBA5KRE4TkUoLi-1AvuAh6P-JruJvxymm_ZY7YAiAb_uID9Otzk0lU6rDM1gjSvHa3-lbCCU08LZP3z7W_zw%3D%3D&range=66608-132143&rn=8&rbuf=3779

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

11c0e86f19e7a76f471569396365a0bbac007d93f9d73794e647b7bc569c64b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 15:48:40 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 65536
Last-Modified: Thu, 07 Oct 2021 05:25:51 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 11 Oct 2021 15:48:40 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5edn6r.googlevideo.com/ Frame 5D6F 36 KB
37 KB 189ms
189ms XHR
video/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1633988919&ei=11xkYeuOF8SU1gK-w4DIDg&ip=2a0f%3A9441%3A5%3A0%3Aea%3A%3A1&id=o-ALL5l0j9qqfKHrnPVAe8sbx2UYhcZgPoZH6hECR_pMSg&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=JyGeGdojG5EvTmCFdK8PqCUG&gir=yes&clen=5214818&otfp=1&dur=471.299&lmt=1633584343589370&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=opgKLNXluHPyLg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgB4zzu4Lpy5QDVNsf99_Oi9FUp-NkdCXn0X6-7yaNgNgCIQC46bMs4FxhPdItnynBpxPf_YJRu24GqpSuKefSBfWvvQ%3D%3D&alr=yes&cpn=xGqakL5lF0r0m2-t&cver=1.20211006.1.0&redirect_counter=1&cm2rm=sn-4g5ekz7l&cms_redirect=yes&mh=OK&mm=34&mn=sn-4g5edn6r&ms=ltu&mt=1633967083&mv=u&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAL0vZI-WTIi0QSakKiSS61q6nzKJJU5WWdnP1eT9bWkwAiB6cb7oSvhqvx_1DRDdl062QhDfkkI_E31pz3tvkc8myQ%3D%3D&range=67377-103881&rn=9&rbuf=7535

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3debbf294e8abcfe16d7353a1611dee5c27274c003fe3963535620566af530dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 15:48:41 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 36505
Last-Modified: Thu, 07 Oct 2021 05:25:43 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21298
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 11 Oct 2021 15:48:41 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5edn6r.googlevideo.com/ Frame 5D6F 1 KB
2 KB 446ms
446ms XHR
video/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1633988919&ei=11xkYeuOF8SU1gK-w4DIDg&ip=2a0f%3A9441%3A5%3A0%3Aea%3A%3A1&id=o-ALL5l0j9qqfKHrnPVAe8sbx2UYhcZgPoZH6hECR_pMSg&itag=135&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=JyGeGdojG5EvTmCFdK8PqCUG&otf=1&otfp=1&dur=0.000&lmt=1633584343407173&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=opgKLNXluHPyLg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJ5Wz6sBjmzZSi1JthWwuK-tKdkUv01T231bgsnflUTaAiB8kQqZSyIY4-Wo3aGMEYsiIEeCpqZcq0tEVVIXCut7dA%3D%3D&alr=yes&cpn=xGqakL5lF0r0m2-t&cver=1.20211006.1.0&redirect_counter=1&cm2rm=sn-4g5ekz7l&cms_redirect=yes&mh=OK&mm=34&mn=sn-4g5edn6r&ms=ltu&mt=1633967083&mv=u&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAKWChCN_qCqUump2DcsPpkIcQJ6XLRdTszOm8XWDidpfAiBJDRbh3WFYgw57mMSSMvDm_LpzvX5trtw_jGxZe6l72g%3D%3D&sq=0&rn=10&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

94f94470b321a9dbe1568f3cee0a9a729e37db5d89a4944173ca22392b0a5771

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 15:48:41 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1296
Last-Modified: Thu, 07 Oct 2021 05:25:43 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21298
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 11 Oct 2021 15:48:41 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 5D6F 28 B
202 B 26ms
25ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
X-YouTube-Client-Version: 1.20211006.1.0
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtDakN4VUVrZlFQUSjVuZGLBg%3D%3D
X-YouTube-Ad-Signals: dt=1633967318324&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1000%2C563&vis=1&wgl=true&ca_type=image&bid=ANyPxKqxBjKoO0-OTh_pfo6MbsdvX28sGcURB2B59NX4CP0fiRQ7sSLm3Mu6DQG666F_ZjTaPe6uF7p99eNyYhyStkz1umXgWA

Response headers

date: Mon, 11 Oct 2021 15:48:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 11 Oct 2021 15:48:41 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5edn6r.googlevideo.com/ Frame 5D6F 128 KB
129 KB 157ms
157ms XHR
audio/webm 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1633988919&ei=11xkYeuOF8SU1gK-w4DIDg&ip=2a0f%3A9441%3A5%3A0%3Aea%3A%3A1&id=o-ALL5l0j9qqfKHrnPVAe8sbx2UYhcZgPoZH6hECR_pMSg&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=JyGeGdojG5EvTmCFdK8PqCUG&gir=yes&clen=7833837&otfp=1&dur=471.321&lmt=1633584351394918&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=opgKLNXluHPyLg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgNKllYULjBLPVpiMN5WIweAQXYC0MaDSuLVgl6WrBb1wCIQCIcgtNTsgzWQeCgUEt_-rGgj29Sf58kf66oWlpuk3xJw%3D%3D&alr=yes&cpn=xGqakL5lF0r0m2-t&cver=1.20211006.1.0&redirect_counter=1&cm2rm=sn-4g5ekz7l&cms_redirect=yes&mh=OK&mm=34&mn=sn-4g5edn6r&ms=ltu&mt=1633967083&mv=u&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIOhofMBA5KRE4TkUoLi-1AvuAh6P-JruJvxymm_ZY7YAiAb_uID9Otzk0lU6rDM1gjSvHa3-lbCCU08LZP3z7W_zw%3D%3D&range=132144-263445&rn=11&rbuf=7658

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c06f59d93fdce5664791d2fd115711d62b011a47453c263e300fb9b8e89e4d42

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 15:48:41 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 131302
Last-Modified: Thu, 07 Oct 2021 05:25:51 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21298
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 11 Oct 2021 15:48:41 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5edn6r.googlevideo.com/ Frame 5D6F 60 KB
61 KB 192ms
192ms XHR
video/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1633988919&ei=11xkYeuOF8SU1gK-w4DIDg&ip=2a0f%3A9441%3A5%3A0%3Aea%3A%3A1&id=o-ALL5l0j9qqfKHrnPVAe8sbx2UYhcZgPoZH6hECR_pMSg&itag=134&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=JyGeGdojG5EvTmCFdK8PqCUG&gir=yes&clen=5214818&otfp=1&dur=471.299&lmt=1633584343589370&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=opgKLNXluHPyLg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgB4zzu4Lpy5QDVNsf99_Oi9FUp-NkdCXn0X6-7yaNgNgCIQC46bMs4FxhPdItnynBpxPf_YJRu24GqpSuKefSBfWvvQ%3D%3D&alr=yes&cpn=xGqakL5lF0r0m2-t&cver=1.20211006.1.0&redirect_counter=1&cm2rm=sn-4g5ekz7l&cms_redirect=yes&mh=OK&mm=34&mn=sn-4g5edn6r&ms=ltu&mt=1633967083&mv=u&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAL0vZI-WTIi0QSakKiSS61q6nzKJJU5WWdnP1eT9bWkwAiB6cb7oSvhqvx_1DRDdl062QhDfkkI_E31pz3tvkc8myQ%3D%3D&range=103882-165520&rn=12&rbuf=10567

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d8dd67c86bf6fbe2b8ead91819d7ffc77d009b027dcb7486971d534bd1b3a79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 15:48:41 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 61639
Last-Modified: Thu, 07 Oct 2021 05:25:43 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21298
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 11 Oct 2021 15:48:41 GMT

POST
H2 204 qoe
www.youtube.com/api/stats/ Frame 5D6F 0
58 B 15ms
14ms Ping
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=135&afmt=251&cpn=xGqakL5lF0r0m2-t&ei=11xkYeuOF8SU1gK-w4DIDg&el=embedded&docid=Evl3bJdQyr0&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24064555%2C24067854%2C24080738%2C24082661%2C24094826%2C24101841%2C24106092&cl=401352273&seq=2&cbr=Chrome&cbrver=93.0.4577.63&c=WEB_EMBEDDED_PLAYER&cver=1.20211006.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cat=otfp&ctmp=dompaused:t.905;promise;m.NotAllowedError&cmt=1.606:0.100,2.167:0.100&vps=1.606:N,2.167:N&vfs=2.167:135:135:134:r&view=2.167:1000:563&bwm=2.167:433389:2.156&bwe=2.167:414347&bat=2.167:1:1&bh=2.167:5.233&df=2.167:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/Evl3bJdQyr0?rel=0&controls=0&showinfo=0&enablejsapi=1&playsinline=1&mute=1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 15:48:41 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r2---sn-4g5edn6r.googlevideo.com/ Frame 5D6F 66 KB
67 KB 337ms
337ms XHR
video/mp4 2a00:1450:4001:e::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5edn6r.googlevideo.com/videoplayback?expire=1633988919&ei=11xkYeuOF8SU1gK-w4DIDg&ip=2a0f%3A9441%3A5%3A0%3Aea%3A%3A1&id=o-ALL5l0j9qqfKHrnPVAe8sbx2UYhcZgPoZH6hECR_pMSg&itag=135&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&vprv=1&mime=video%2Fmp4&ns=JyGeGdojG5EvTmCFdK8PqCUG&otf=1&otfp=1&dur=0.000&lmt=1633584343407173&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=opgKLNXluHPyLg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAJ5Wz6sBjmzZSi1JthWwuK-tKdkUv01T231bgsnflUTaAiB8kQqZSyIY4-Wo3aGMEYsiIEeCpqZcq0tEVVIXCut7dA%3D%3D&alr=yes&cpn=xGqakL5lF0r0m2-t&cver=1.20211006.1.0&redirect_counter=1&cm2rm=sn-4g5ekz7l&cms_redirect=yes&mh=OK&mm=34&mn=sn-4g5edn6r&ms=ltu&mt=1633967083&mv=u&mvi=2&pl=48&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAKWChCN_qCqUump2DcsPpkIcQJ6XLRdTszOm8XWDidpfAiBJDRbh3WFYgw57mMSSMvDm_LpzvX5trtw_jGxZe6l72g%3D%3D&sq=4&rn=13&rbuf=15900

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/920e4583/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:e::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7340e6fe505726db233564d92da1ac0829ee226a28e77ee1f2f7ffa20be1f239

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 15:48:41 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 67510
Last-Modified: Thu, 07 Oct 2021 05:25:43 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21298
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Mon, 11 Oct 2021 15:48:41 GMT

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 9nBODSZekec
.youtube.com/	1970-01-20 02:11:59	Name: VISITOR_INFO1_LIVE Value: CjCxUEkfQPQ
.google.com/	1970-01-20 02:16:18	Name: NID Value: 511=SDfZ8LLjPd8K52auAWq4L0DnGa7SsuJQJmZgQykim-ZCHMiyFPyfTFqrm8R7j4FIUznklOwmuiMcVJqbn1a_gw_cnsnPflM33-PCOCfm7MhQnxsch8RdY11eVyuJGTh-3MjmDWp7qEGrKmvsWeTK7qBkPmUAD4p5w3KZJBW48Ao
.doubleclick.net/	1970-01-20 07:14:23	Name: IDE Value: AHWqTUk-_o8lnLme-5dFlHtq7jMGIP1rLhNMH0nrAesYvoLAUHGf7VF0lfGCDF6Z
.www.destravandoseudinheiro.online/	1970-02-06 21:52:47	Name: hotid Value: eyJzaWQiOiI3Mjc3YmYzZmE3Nzg0MjQ1OTQ3NmY0M2U3YjYzMTE4NiIsImNpZCI6IjE2MzM5NjczMTg5MDA3NDA0MjQwNDIxOTE0NDAxMDAiLCJiaWQiOiIxNjMzOTY3MzE4OTAwNzQwNDI0MDQyMTkxNDQwMTAwIiwibG9jYXRpb25IcmVmIjoiaHR0cHMlM0ElMkYlMkZ3d3cuZGVzdHJhdmFuZG9zZXVkaW5oZWlyby5vbmxpbmUlMkYifQ==

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.destravandoseudinheiro.online/www.powr.io/powr1047.js?platform=html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.destravandoseudinheiro.online/www.powr.io/powr1047.js?platform=html Message: Failed to load resource: the server responded with a status of 404 ()
deprecation	warning	URL: https://www.destravandoseudinheiro.online/(Line 3) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
network	error	URL: https://www.destravandoseudinheiro.online/ev.braip.com/js/braip-boosterec92.js?v=1633967317644 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apis.google.com
art.klickpages.com.br
bam-cell.nr-data.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.postimg.cc
i.ytimg.com
identification.hotmart.com
js-agent.newrelic.com
launcher.hotmart.com
r2---sn-4g5edn6r.googlevideo.com
static-public.klickpages.com.br
static.doubleclick.net
tracking-api.hotmart.com
www.destravandoseudinheiro.online
www.google.com
www.youtube.com
yt3.ggpht.com
141.94.130.128
151.101.194.137
162.247.243.147
18.210.132.130
2600:9000:223f:ac00:14:796:1e80:93a1
2606:4700:3033::ac43:ac3f
2a00:1450:4001:802::200a
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::2006
2a00:1450:4001:813::2016
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:831::200a
2a00:1450:4001:e::7
2a02:4780:1:273:0:285c:4a16:51
2a03:2880:f01c:8012:face:b00c:0:3
34.198.22.192
54.165.200.156
0934e646fb1f7f4d44bf68d8cd24870b5d951215d9991762dec84c5c238afa1c
09f83d1849f369a9127fc1d33f9b968997a31bd65c3c4fe5498371865ffad57d
0a6157d712f9dd38bc6d8798e13e0bc10e95a909aa36591348d2c928b267ed9d
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
11c0e86f19e7a76f471569396365a0bbac007d93f9d73794e647b7bc569c64b8
139a656c69f435e196337975d7a247e6ec7d3bc5dfdc4a78794aa1d52358811a
14f0ea9b34702f261b48208eed1e3dc77981083b7c1355419a0bcb0f7fb4ad2a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1690d9be98a0d0eae94c70bac71dbe9a8ba67fd946fb4f5ef3245d2c09253c27
19eadf2cdfeb8bda793665e73372a9a7a79a153ff4e317fab2b249c9b5cd2236
1ba940a0f632a3567aa7493e66f016f845f58f3faff42bea7940df2e9fff5efd
1d729b2f70f453fcaf0d5574d79f4c18bc9844bcba4e6b9db51ee58d37187b4d
203a6d5ff9305eebe14a4615e38e4fba9cfe3e236609284ee02a037971239666
231faa57db334b38f668bd4e8a7c67bb18d007cac245f4a4ad0ed4a3394f259f
271b34ee201fc8ce4b571a3251cedbee709496e4d56d77db9d35885d6d0c2985
2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2b3eb28ae5971df9a54e1aad701d727b100a4b9c8b3d9d955e6dc8876fec4eaf
2c1ae0d9f6961bac9b4c4230dec7e92be4fb7874c07d226daac698acd91154c7
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
30f00b76cbd0c5950a91dcc6bfaa009a46e092e1b5f6f2cae924445915a10cab
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
3a1fcf8bb63a30a91bdadf7448d15d23d1407c984b7bd47eb91c9187f35fbf2c
3debbf294e8abcfe16d7353a1611dee5c27274c003fe3963535620566af530dc
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41555928210575101175ea0102028541dc0371ac593d46e612f6ef8956301e3c
42a06c9ecbad8f2eae36c9cec331518384cf0157031899a65764a08d704441c4
45bdd9e12e86b2e2256f1f701388c71422ca0f5c1613c913557c7551cb492042
468b365fbbe1ede8df6a31fd2d4f60ebaf28d219d96383ea550613cc108ab3b1
49c5387a25f5b4e357d8279db3d01795cbe7edf0fb8022d7a2ad9e507baed6dc
4af792c10bb075fead60829079b84c8b808732d1647e1439568e85d9eb7a1235
4b810ae9691468886b442dffd8c8785232c5110f74082cee415ed045d6720e74
4e37561025c64c2269da691ddf910203f7f00992bb43c460e15a59b25cc9807b
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559339a07cd23571b589312dcefcf75378e0031240cab99744f607da551ab35a
57df14e3a9e2c26c6608c094f81fda7a060a839a0721f5336e2b2b9c07e156ad
597d29c545d7a79da6b84b08603de509450bb81d0e88d3d9766b3cfae368120e
5b45b05226968154752109d02af36615c63f2cbfd6752ab83b5bc55eec89b8ca
5bb80a1f2fee957491db2ba20503e6b412e3f1d30852525e7c4d2d8f2a54716e
617e66d2c35ccf3d0c228710ef97a3e1c4133a4edfc57f80e81ce7196f6fbaca
637eff87e96caaf67aeb64e9ccc062575511177844533ae32bb6457fe62452cb
66ef3db3b0f8d51696ee2e0edb86f39624e22d04d8e073cef9fe20573c9929d0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
682df476e7f851ac04c015c7fcc688b8888e2d0f69544fde9832248830d28803
6e9be33442a32609456c1ef0aa754cb485ff55f52e64fdc63364b17dc5aa7503
7340e6fe505726db233564d92da1ac0829ee226a28e77ee1f2f7ffa20be1f239
76c034ceaf5f5f958530b5c59d3341255c524200248fd47e7c7f0d54b4f8a85c
77d6bcbe1be94252e8eef57092e4be2696896b4439c6d11b809371ad1a41a275
7b1a2062491a408f460d82f8d3cc0f06927c930d15d5864ea7266a91296a3073
7b64fe6e28adb436ed661378d3a122e9ceaed179c8d43f62627c55440b62ca14
7ce2f8643f80018e1c4f5dae8adadbd552256fbab5e4409672cb2e060aada574
7d6f2bd7a39b9ca2dbf668bb8c072b3ddf90a9c7bf8e17c372c1a48191e60e7a
7fcc9de29f940489104d0b7744765939b2f50b3a6cfc9cf5e6adf725d97442be
8026dc75e3d1abfa3b388e34207632d58179a2426ed68ea992f110ce61c61ce0
815b6cd84edbe8cd0896ef3c6cdafafd868e21a9426cb94c3c11ddd3b27013bb
8688491562f2663822cf013daaf499c97f870d0584360bed309172a2791be571
87c4d81d0302a445ee8da4ddb6eb2cf099d46fd9f5f7d52bb3067ede46e70dec
88d3546c7edc1eb6e861c3f1eefc3c80c185ae091d8fb2cda8df256aadbcd5c9
8b7380d988cd271119390848e1d5b74febf5eec1026e52d23ed4b7421092031a
8c0e5c2f898c9c6ae0c1aff2eca3068d28c9545f8b8c4458d912b27f93d7280a
8d0740ef41550b949b01041cce40096fee3f03656925029ddac36a63c38d9a50
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d827b35779977f28c453fdb6fae7c713dd1760865a56c9e593200a462082871
92a1a293cddcd20be36a6568764bd880c76e7d8b59cd2bad7b58146994d7a968
94f94470b321a9dbe1568f3cee0a9a729e37db5d89a4944173ca22392b0a5771
967f32071b62b6339e4207159b75d5dbf6defabcc12848a02603370816f9ee89
9b94c2e3a253fa14b542c9c6045d09ee0fe3f49986c0703fa1db991ff6f459b6
9e6a1289b2fb7bd233e5e4059914e562f3e946435fdaf54bd66e9fa17f5158b5
a052d3e9c53ad6057303e0c5d7e2104c8ef8cc45674a83ce99a42acda6a51778
a1c2fe5cb5a4cd9e3bb88043a1a3b3801ae15db9733c92d7fad533a860444991
a311a481bddbecb80122f5af71c086365952074e82224660f63cd5e00bd5a7cd
a3278520b1b98aaf6a0d67e6c5235450eff3ba1e5a050c48c436164e618dd58a
a4a2681a774708a859774e5718609b0fc8030e8934de1a5273d45bd4fe556521
a524a5961ae8c3fedc122b30aae06fff29963cde8769d166babb2a5631da7898
a87663d841c57e6e47bbb042a26432717d0794543f6333bd61c09702a7c36837
aae8ccbf5e6302013ce9d2b19d37c2a5caf810897c1314da5d073f7e4d831b41
ad0d99ab66d0e7ef994cd87cbca6c5f798af142b566fb904327b8f24cc3c7572
ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49
b68e2f058e7e4923da3ce4d2bdaa3469c419ef2a08967e3baf7689319d054e92
b95bbf9c424ea81bfdb45df933b92ea830af02edfb2d72e578a64ed9b72f4dbe
c02fec4fdbd688353b305453e1c71569b6794a67bb6e4b80d4bf084b300fedba
c06f59d93fdce5664791d2fd115711d62b011a47453c263e300fb9b8e89e4d42
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c27dc46acdde2ae04a9c02a6e0944bd4a3c82b6e0af3f431f29e2bac0550d695
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
c5b7b16da6f2cd236fb4da993395d0f19916249424f5ceb0671c9b8aeed312a8
cc68b7865e219dc633272e26e690a33d92dbb038778f3d21a5dfdcb80e54e38d
ce710940f97c50df4202d458a4a1b1202eed740aad31caf74254e40b74a6745e
cf4aa82a277dcc9151be7cad6bec03563daf4ac182b606f652b6265fdd010157
d1cf8704918df988fa4273b5c79bf8aba67820254f6dae1d05bec755145dcdea
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8dd67c86bf6fbe2b8ead91819d7ffc77d009b027dcb7486971d534bd1b3a79e
daaa5c952389d8878ea2020d0741da82d97fda1dce08b1af725da60ae81ca04b
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e0704d8993268ceebd1d8eab32e2094cecdc8095cdbc29af0ff48e44c0e358ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b1f3f0afa4421018ef0bb8d614e0b7115885482155b4827c2a58331e177933
e5c85e0a6c4be2aa4a6880effe874a973eae35378e876527bd14e150f00e2ff5
e7c1511b26b40f8f09e0a8f9acf79d926d5fd3f54093763384c86834f03af577
e923acfb1678f1372427e09a6c742f7c7a53db29c74b1aa2ee3d92aca77638db
ebab6485b76bbc3d808027f9ba3dd4726d1839c738aa4ffb6dfca1db9a9b51fe
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0737d388d326571cf85a834d326bb87cd896c0c2c9be490e034d3065b595aa6
f0e3b876ac223c9263e924d757a752b8ffb595ffb8143633c243d6cbce3b2343
f15ebd465228a4af7f7aa83b2c8ef6ffbfd6b55009f833c2f51c0ac7f6f2dbce
f1a1aa3ad89d1990b1899aa5b0a3b7aac179304ee146d5d8cb1083c74d3ca2db
f3c29f6b8d91aaa897dbf5683f31b2c93077b2ab39be68b0f63fa2617ef7f88d
f71d800809ede53b7fd0bbecb0cf9c6d268c8f1442f4c73339a52ac4bec4a2d9
fad783aaa175dff38aaaf42ac9b07a4fb583d1486011e9456e27b8297a776dec

www.destravandoseudinheiro.online Open in urlscan Pro 2a02:4780:1:273:0:285c:4a16:51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

123 Requests

100 %HTTPS

71 %IPv6

15 Domains

21 Subdomains

22 IPs

3 Countries

3737 kBTransfer

7512 kBSize

5 Cookies

1 Outgoing links

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.destravandoseudinheiro.online Open in urlscan Pro
2a02:4780:1:273:0:285c:4a16:51 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

100 %
HTTPS

71 %
IPv6

15
Domains

21
Subdomains

22
IPs

3
Countries

3737 kB
Transfer

7512 kB
Size

5
Cookies

123 HTTP transactions
1 data transactions