fxwinning-login-acess.shop Open in urlscan Pro
2606:4700:3033::ac43:a0df Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fxwinning-login-acess.shop/
Submission: On January 04 via automatic, source certstream-suspicious (January 4th 2023, 4:42:03 pm UTC) — Scanned from DE

Summary HTTP 86 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 17 domains to perform 86 HTTP transactions. The main IP is 2606:4700:3033::ac43:a0df, located in United States and belongs to CLOUDFLARENET, US. The main domain is fxwinning-login-acess.shop.
TLS certificate: Issued by E1 on January 4th 2023. Valid for: 3 months.

This is the only time fxwinning-login-acess.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3033::ac43:a0df	13335 (CLOUDFLAR...) (CLOUDFLARENET)
43	141.193.213.10 141.193.213.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4	2a00:1450:400... 2a00:1450:400d:805::200a	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.139.196.223 34.139.196.223	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	52.217.173.40 52.217.173.40	16509 (AMAZON-02) (AMAZON-02)
5	143.204.214.211 143.204.214.211	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	23.48.23.38 23.48.23.38	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:4f:1... 2620:1ec:4f:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
3	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.32.27.114 13.32.27.114	16509 (AMAZON-02) (AMAZON-02)
1	35.223.116.65 35.223.116.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.68.90.188 34.68.90.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	99.86.4.93 99.86.4.93	16509 (AMAZON-02) (AMAZON-02)
1	52.22.156.216 52.22.156.216	14618 (AMAZON-AES) (AMAZON-AES)
86	21

1 2606:4700:3033::ac43:a0df (United States)

ASN13335 (CLOUDFLARENET, US)

fxwinning-login-acess.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.pagaleve.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:805::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

white-label-ads.voxus.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.139.196.223 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.196.139.34.bc.googleusercontent.com

pagaleveprod.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.217.173.40 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.214.211 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-211.fra53.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.23.38 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-38.deploy.static.akamaitechnologies.com

iosite.reclameaqui.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:4f:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-114.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.223.116.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.116.223.35.bc.googleusercontent.com

pageview-notify.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.68.90.188 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.90.68.34.bc.googleusercontent.com

popups.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-93.fra6.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.156.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-156-216.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	pagaleve.com.br www.pagaleve.com.br	472 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1536 j.clarity.ms — Cisco Umbrella Rank: 11923 c.clarity.ms — Cisco Umbrella Rank: 2283	22 KB
5	cloudfront.net d335luupugsy2.cloudfront.net	66 KB
4	amazonaws.com s3.amazonaws.com	15 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	4 KB
3	gstatic.com fonts.gstatic.com	86 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
3	wpengine.com pagaleveprod.wpengine.com	12 KB
3	voxus.tv white-label-ads.voxus.tv	10 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 7508	199 KB
2	rdstation.com.br pageview-notify.rdstation.com.br — Cisco Umbrella Rank: 86549 popups.rdstation.com.br — Cisco Umbrella Rank: 75469	35 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 5280 api-iam.intercom.io — Cisco Umbrella Rank: 5223	7 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	115 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 444	555 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 179	447 B
1	reclameaqui.com.br iosite.reclameaqui.com.br — Cisco Umbrella Rank: 97929	3 KB
1	fxwinning-login-acess.shop fxwinning-login-acess.shop	19 KB
86	17

	Domain	Requested by
43	www.pagaleve.com.br	fxwinning-login-acess.shop www.pagaleve.com.br
5	d335luupugsy2.cloudfront.net	fxwinning-login-acess.shop d335luupugsy2.cloudfront.net
4	s3.amazonaws.com	fxwinning-login-acess.shop s3.amazonaws.com
4	fonts.googleapis.com	fxwinning-login-acess.shop s3.amazonaws.com d335luupugsy2.cloudfront.net
3	j.clarity.ms	www.clarity.ms
3	www.clarity.ms	www.googletagmanager.com fxwinning-login-acess.shop www.clarity.ms
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	fxwinning-login-acess.shop www.google-analytics.com
3	pagaleveprod.wpengine.com	fxwinning-login-acess.shop
3	white-label-ads.voxus.tv	fxwinning-login-acess.shop white-label-ads.voxus.tv
2	js.intercomcdn.com	widget.intercom.io
2	c.clarity.ms	1 redirects
2	www.googletagmanager.com	fxwinning-login-acess.shop d335luupugsy2.cloudfront.net
1	api-iam.intercom.io	js.intercomcdn.com
1	popups.rdstation.com.br	d335luupugsy2.cloudfront.net
1	pageview-notify.rdstation.com.br	d335luupugsy2.cloudfront.net
1	widget.intercom.io	fxwinning-login-acess.shop
1	c.bing.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	iosite.reclameaqui.com.br	s3.amazonaws.com
1	fxwinning-login-acess.shop
86	21

This site contains links to these domains. Also see Links.

Domain
www.pagaleve.com.br
app.pagaleve.com.br
wallet.pagaleve.com.br
play.google.com
apps.apple.com
pagaleveprod.wpengine.com
pagaleve.gupy.io
www.instagram.com
www.linkedin.com
www.facebook.com
www.reclameaqui.com.br

Subject Issuer	Validity	Valid
*.fxwinning-login-acess.shop E1	`2023-01-04` - `2023-04-04`	3 months	crt.sh
www.pagaleve.com.br Cloudflare Inc ECC CA-3	`2022-11-22` - `2023-11-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.wpengine.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.reclameaqui.com.br R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-05` - `2023-02-27`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh
*.rdstation.com.br Sectigo RSA Domain Validation Secure Server CA	`2022-08-29` - `2023-09-29`	a year	crt.sh
popups.rdstation.com.br R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.intercomcdn.com Amazon	`2022-12-31` - `2024-01-29`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://fxwinning-login-acess.shop/
Frame ID: FEEDD5B6390F82C84EE6DE711EB5DD60
Requests: 99 HTTP requests in this frame

Frame: https://white-label-ads.voxus.tv/inte/index.html?by_id=18
Frame ID: C6392B5B8CDAC63128B269D04E082868
Requests: 2 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.72b01918.js
Frame ID: C0817E8E514A9AFE046487F6396FECE4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pagaleve: Pix parcelado, sem juros e sem cartão de créditoFechar

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Material Design Lite (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href="[^"]*material(?:\.[\w]+-[\w]+)?(?:\.min)?\.css

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

RD Station (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

86
Requests

99 %
HTTPS

43 %
IPv6

17
Domains

21
Subdomains

21
IPs

4
Countries

1084 kB
Transfer

3294 kB
Size

12
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.pagaleve.com.br/

Search URL Search Domain Scan URL

URL: https://app.pagaleve.com.br/auth/phone
Title: Criar Conta

Search URL Search Domain Scan URL

URL: https://wallet.pagaleve.com.br/
Title: Minhas Compras

Search URL Search Domain Scan URL

URL: https://www.pagaleve.com.br/ajuda-consumidor/
Title: Consumidor

Search URL Search Domain Scan URL

URL: https://www.pagaleve.com.br/ajuda-varejista/
Title: Varejista

Search URL Search Domain Scan URL

URL: https://www.pagaleve.com.br/varejistas/
Title: Para Varejistas

Search URL Search Domain Scan URL

URL: https://www.pagaleve.com.br/lojas-parceiras/
Title: Lojas parceiras

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.pagaleve

Search URL Search Domain Scan URL

URL: https://apps.apple.com/br/app/pagaleve/id1610181738?l=en

Search URL Search Domain Scan URL

URL: https://pagaleveprod.wpengine.com/lojas
Title: Clique aqui

Search URL Search Domain Scan URL

URL: https://pagaleveprod.wpengine.com/ajuda/
Title: Saiba mais

Search URL Search Domain Scan URL

URL: https://www.pagaleve.com.br/index.php#primeiros-passos
Title: Como funciona

Search URL Search Domain Scan URL

URL: https://www.pagaleve.com.br/lojas/
Title: Onde comprar

Search URL Search Domain Scan URL

URL: https://www.pagaleve.com.br/termos-de-uso/
Title: Termos de uso

Search URL Search Domain Scan URL

URL: https://pagaleve.gupy.io/
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

URL: https://www.instagram.com/pagaleve/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/pagaleve/mycompany/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PagaleveBrasil

Search URL Search Domain Scan URL

URL: https://www.reclameaqui.com.br/empresa/pagaleve-tecnologia-financeira/?utm_source=referral&utm_medium=embbed&utm_campaign=ra_verificada&utm_term=horizontal
Title: Verificada por

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=290CA05AD48D428894D8684DE57302D3&RedC=c.clarity.ms&MXFR=05CB4E0A00B368E93F635C8504B36628 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=290CA05AD48D428894D8684DE57302D3&MUID=396A383F85E16FC73D7E2AB084336E84

86 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fxwinning-login-acess.shop/ 122 KB
19 KB 104ms
67ms Document
text/html 2606:4700:3033::ac43:a0df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a0df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.24
Resource Hash: 19e26309b44cfd758c681db9a999183ce82d44b2511a67a4ed9a7851c26bce9d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78456ca88b09693d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 04 Jan 2023 16:41:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
platform: hostinger
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnxUcUjf%2BEZETRtFwFtyOHAKpt1Pc0cPYFm%2B0KSA%2Fx3kCz4e36cWg5q076qvmfQsyeIIE28uSO%2B77YfuUg%2BP%2FNas8NzUOIehMv10evtq%2B5eo6ee53JpOSYl%2BJSl1%2FjZmuxTVM9qwea3SGBgtL5u6cOr3rZVJFtvzJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.0.24
x-turbo-charged-by: LiteSpeed

GET
H2 200 blocks.style.build.css
www.pagaleve.com.br/wp-content/plugins/genesis-blocks/dist/ 45 KB
7 KB 73ms
24ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/plugins/genesis-blocks/dist/blocks.style.build.css?ver=1669131914
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 713b008aac6b77c51965a613042eb8bfca3be004146f1c9514922833c3a09d6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 15:45:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24166
etag: W/"637cee8a-b21f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWb7F%2BnT24S5aRMVC62%2F84xwSRhe055mJYL3QbgSNPMdzqo4Nc2ihdw9qAFZeRxaqPZDQv5%2BYxX0y9jFlQErrCurzoPzL4QeMi8kTsUsDiQWvgVHj%2BYFJBknhCMxaxw%2B3OW4CIE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca94b68913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
www.pagaleve.com.br/wp-includes/css/dist/block-library/ 93 KB
13 KB 82ms
33ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24166
etag: W/"636e62ad-172a9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBjnQBddYKqs4BqudEiVh1aTa1a2Se8AOm%2F7funokTDwjnGHsf9VUaS1p5G3m9g1pB2KnPbjU3BtOjczPHmx4NpKE2M4pbdL7Ieh%2BOP8N9%2FoK8%2FvfhTSW9Z0yT6zXBATiCnPoNc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca95b8c913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 classic-themes.min.css
www.pagaleve.com.br/wp-includes/css/ 217 B
471 B 79ms
30ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24166
etag: W/"6357e86c-d9"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhGlfOu1FXYWnDd%2Bio%2BhUMoV8m87WNsIaSJ9qPpbwykdGjYxUmnTr1Ukg6l7TYTNNpHqEyDhqmFiFSuIiQSR%2BXl4SSuDGY6FxiPKZC8hv4dO8W%2Btvun1lf5Eyn2xh2Cb%2FpCJdf0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca95b89913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 svgs-attachment.css
www.pagaleve.com.br/wp-content/plugins/svg-support/css/ 68 B
585 B 67ms
18ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/plugins/svg-support/css/svgs-attachment.css?ver=6.1.1
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5533874c2b0145642ca304f110240fcdb05253df388c2f7b97c053ad5eb69b65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 15:45:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24166
etag: W/"637cee87-44"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5k3JClmeQq7yQf3juQ3ezHlSh6o2h2HHIdclxbG9UPo5fd6kNzAEXceYeURXct%2FqTI%2FmxU5F9ebUN%2FbPeX8u60pvkUd88f%2Bo%2FIXDnc%2B3J6MNL6PaABfolu89SGmbUcoFcHr22GU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca94b6e913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-awesome-legacy.min.css
www.pagaleve.com.br/wp-content/themes/salient/css/ 49 KB
10 KB 80ms
31ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/css/font-awesome-legacy.min.css?ver=4.7.1
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7adb967745932b25c31da3ef4a92f2b8e166926a7a8476fe8c8c58fc84b95fa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 15:45:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24166
etag: W/"637cee82-c30f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FpOXqdoAS7scwGFG%2BBs9SdMsssXnI4J4EHaSDpqo5uCqQlYUf%2FqkFQhiDsCzxo4vfWWUjA%2B2yjsVVKOA1Vx3O1cYhYJ9boXI4n6q5IEFQqynzwy8c1o46liFqIbcdAgZuiX%2F2E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca94b79913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 grid-system.css
www.pagaleve.com.br/wp-content/themes/salient/css/build/ 21 KB
3 KB 73ms
25ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/css/build/grid-system.css?ver=14.0.5
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3b2531d6e76075cf19da71a57064e1c8685fc47e741f85d3a67b62a28af0e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 15:45:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24166
etag: W/"637cee84-548a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnCcZe91TRFUJJlZIKyuZm%2FHjp6FTvDu2%2BbehaSjHaa65BPeKQttHIEbQpYCdQX0qQmufJfGWTSyM7sy28AyqHnIPnmTo3AkQSD%2BwQcswGpXiDA0SLB7%2F8TI1pMY%2FyF3AjNLAYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca95b82913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
www.pagaleve.com.br/wp-content/themes/salient/css/build/ 211 KB
36 KB 83ms
34ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/css/build/style.css?ver=14.0.5
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be9ef1a87eb8bbd5da2cb8a9c678e25933fce6c41614814e22a1d6561dfa12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 15:45:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24166
etag: W/"637cee85-34b0f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIUv23CXG6tTgRzPuC2sehpBhGtz0rZvBJM98mHUp3b4pQSifnAzdKsG4wUF9QEs%2B9WKvUS1yY4lQBJULDYaDJm2T6ySckt8ueQobTuvT%2BVGuCRYSH6qGXldAhUGkZ27wigDmtQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca95b86913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 element-rotating-words-title.css
www.pagaleve.com.br/wp-content/themes/salient/css/build/elements/ 3 KB
879 B 77ms
29ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/css/build/elements/element-rotating-words-title.css?ver=14.0.5
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe997fa5d4ea4b8cd5854f8458941a27c12449d2d1a623dc22ae794776272658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 15:45:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24166
etag: W/"637cee84-a28"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zs0u1iaiKZkgNQhxvknCSDSjIf7xPPxZ4846l278huFnrQ8BGNlrqR%2FPpUA9KwyHJSYIgj%2BTKossB%2FarE0w0OleTE%2FQPUa2uWj3%2BLpH7wASlqfUBNJc1SAhl7tWGDHK4pnKfVLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca95b8b913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 189ms
70ms Stylesheet
text/css 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext

Requested by

Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:33:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Jan 2023 16:41:55 GMT

GET
H2 200 responsive.css
www.pagaleve.com.br/wp-content/themes/salient/css/build/ 38 KB
8 KB 67ms
19ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/css/build/responsive.css?ver=14.0.5
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0feed8c49be4364b55622b9ad28cc535bbfab76a6d81128255833e7634fa2aa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 15:45:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24166
etag: W/"637cee84-9963"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lccNRHSryi61wqI%2BAzpJ8qEqgkPERFlam%2BY6ACdK4%2Ff3heCnG3fJILDDxWm6Z85jIur4CRJ8kfQkDIN5ZO5BFCXvp%2F68jCRNiflfK2lp99AglIKSCOm%2F11AIZ6VvHg6bD0rY1WE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca94b74913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 skin-material.css
www.pagaleve.com.br/wp-content/themes/salient/css/build/ 59 KB
10 KB 70ms
22ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/css/build/skin-material.css?ver=14.0.5
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a1d01cc4e8dac0f0e4be7069dd8330189c84f11f700a86a81aee7b6baf40444

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 15:45:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24166
etag: W/"637cee83-eb59"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEfMEDJWRmDG7sbUwN7xoPEinpvZ0hb%2FZU9yHnb8hoHVonII%2BKb3q8Hd3XCT56yu7Zx8ccWOCdzG9Y%2F2eCzG%2BJStwhU9TN7oSRU5DnBz8j4I1ORLsYCG4wB%2Fdnhl86wAqQUrsoM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca94b75913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 menu-dynamic.css
www.pagaleve.com.br/wp-content/uploads/salient/ 4 KB
1019 B 473ms
425ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/uploads/salient/menu-dynamic.css?ver=81555
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 319f6ac36829b0a184068573ed03320b9bb52dad872f5d1ae4714510b59f5f53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 04 Jan 2023 12:58:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63b57800-e0e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mfjM6AkeeBo18QFFtVRznU3jUwesCYUlTIs166fUmLJM%2FaHwrvioReZ43%2FEPn5PrtvILNWH4jou%2Fw8dWcnMb9VwAoEqhI0WM0OK6%2BkA7y1z7P9ibdvp2pi6sANhU8kRYdR5m6M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca95b81913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js_composer.min.css
www.pagaleve.com.br/wp-content/plugins/js_composer_salient/assets/css/ 39 KB
7 KB 75ms
28ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/plugins/js_composer_salient/assets/css/js_composer.min.css?ver=6.7.1
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b4c3ad220c8d28533887965fbb1e6c1382588d200eb9d95250f929a567ba1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 15:45:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24166
etag: W/"637cee89-9b3a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sE4YnTUsn1DxJGVNzFZN8CQgPbD3TO6flPQK7AOFclo1HTaxaetIjGMcYTfx8FLgXmljEyFV0hd9MWUmcTuz37a0b0KhULu2fuvXb%2BbwBkGHYi20fwWzbLa3z5nH77K1Lq%2FYPlE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca94b71913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 salient-dynamic-styles.css
www.pagaleve.com.br/wp-content/themes/salient/css/ 142 KB
20 KB 73ms
26ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/css/salient-dynamic-styles.css?ver=34092
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e4e64192ca8ce005b907fa34c1b389a7c47406c361a02efef328ed8bd08887f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 23:37:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24166
etag: W/"63800057-238ab"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FHL%2F%2FBcdhIfKjH6etEKWY%2FYbQMeq1gczQ%2BaTkxupT41xbsIftkxXBAabH1RlvRujFBfq7k9vg%2FqQgKcHUmjxZsB2mXSJwwiJfoq3sQk4To2%2BDH97RcfmDVjpOXknf2RmzY3GPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca94b73913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
www.pagaleve.com.br/wp-content/themes/pagaleve/ 35 KB
8 KB 68ms
21ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/pagaleve/style.css?ver=14.0.5
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eb58c4d4c3533f2525e269440bf324ccb9a51573931787971205c89edf8db7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 15:45:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24166
etag: W/"637cee83-8af9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnTHBSgIN6LjOgeKWEVs35L8c9WidTo5LzU1Iz%2BKZyXGY5R4xrEANXSwWSpLdTKIGKfiRJiwaTZpdh7unICceAXsQmF%2Bu9bLLtoP3nEOtvdJad3kIa76%2B7WkHWfk7byLaI2e2GI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca94b70913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 3 KB
537 B 188ms
70ms Stylesheet
text/css 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand%3A600%2C500%2C700&ver=1669145085

Requested by

Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7023f485052e7f0856571b8545fcf7745f0acbc326b27df672cc03440f9c46f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 16:41:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Jan 2023 16:41:55 GMT

GET
H2 200 jquery.min.js Show response
www.pagaleve.com.br/wp-includes/js/jquery/ 88 KB
32 KB 93ms
47ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24166
etag: W/"632879b8-15e54"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JASJX1CdCieHiaTb90x6EQbqAuYLJ6Zq24L4cNqjJw2KEaAf6cRK%2Flvk%2FKL6P%2FnQjnhaAmZi3tsSt4H0IDdSewITUnMddd3xFdNymChuSPgBYlX9BU0%2FYwGcd31ubVtwiYa46Os%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca95b8f913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
www.pagaleve.com.br/wp-includes/js/jquery/ 11 KB
5 KB 74ms
27ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24166
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsTh9jLH4KMNbq9Oy29B%2FH6gf0Tdm6jNoGuQfRWsFje9YchWW39RXAO2EA0SAN2sLOGH52NN6w4Qf1MtZEQOwstIYlBeiLexlEtLCRAjIPKvZS%2BGC1OYXqLg4KHRkcH%2FYUZajoY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456ca95b90913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 b18.js Show response
white-label-ads.voxus.tv/buyers/18/ 10 KB
4 KB 78ms
17ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://white-label-ads.voxus.tv/buyers/18/b18.js
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 217de3a8943db402ad370ace0a771d56c65c610288dc60c2df8f57474b6385fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9A0AM2K96AM3E4ET
age: 2429
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: fblb5DBmNYUJjCOzNTLxfgMUtTZ/ovby6WqB82b+0FKDOmRVh4GUbvTjfr8oQzPt1NmZKnQ3fqY=
last-modified: Fri, 23 Dec 2022 16:02:49 GMT
server: cloudflare
etag: W/"3d02072d0474fe1eb1b783d757fbfd7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dgNkJmpHGYzR1HwVfyh9uZZbutLekt9TZOs3uy459sbyrtOBW2Jzy9a%2BaJgSoUytYbk0DdF1Zpn8%2BAiEpgjyrtgLmQDe%2FKw0hl5tbR0hUbc9ZQoUn%2F%2Bk2BrKfCvtCQ2y3IQJ6UOL5U%2Fm74jWFh%2BArZoHR%2Fw2Pk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 78456cacc8f9bbf8-FRA

GET
H3 200 pagaleve-logo.svg
www.pagaleve.com.br/wp-content/uploads/2022/05/ 15 KB
7 KB 480ms
462ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pagaleve.com.br/wp-content/uploads/2022/05/pagaleve-logo.svg
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 303aa86d139c18870a1134746377da4cdc1ebe0e07b9201a5db00d43ebf5c552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee81-3ad7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WK2JPw%2Fox1TxXimY%2FCAJeYSDssrozgD5GQfdxLlbmCyVHo0BV9bAonhayaPHm0gnJ6OGomFJFdNQ16RMiuRJlgrzpCansFZ%2BTn9zKr6JdQITx01e%2F68tYiK2q2PGEqv6NOnJrHo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7e1a9004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 7d1081984ea29002678a.png
pagaleveprod.wpengine.com/wp-content/uploads/2022/07/ 6 KB
6 KB 459ms
118ms Image
image/png 34.139.196.223
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagaleveprod.wpengine.com/wp-content/uploads/2022/07/7d1081984ea29002678a.png
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.196.223 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 223.196.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 36fadd21b848feb23f31d2e7cf020bfaf8f98f4eff5b2e7894573bf08ee24a66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
last-modified: Tue, 22 Nov 2022 15:45:03 GMT
server: nginx
etag: "637cee7f-17d8"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6104

GET
H3 200 wp-emoji-release.min.js Show response
www.pagaleve.com.br/wp-includes/js/ 18 KB
5 KB 480ms
463ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62551487-48b9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09ZGkc1o1wSwrudopti1mJNSDNRnHYOjcslAdneU6%2BKmJ%2FsGZkR7pCwtLjoLBY3s4t56T3b%2F76aWvhQK1i%2BCYHnDXVtuP7mrZhZsIOjhnN%2BRUbHo2BdK%2B2kEIXxV0kcbfeVuLjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7e1c9004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK bundle.js Show response
s3.amazonaws.com/raichu-beta/ra-verified/ 4 KB
5 KB 341ms
117ms Script
application/javascript 52.217.173.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/raichu-beta/ra-verified/bundle.js
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.173.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 70bb7aa115ab6e7687d4ee5be8ff522efbc31bf07ace369bad5f20bfd935e127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 16:41:56 GMT
Last-Modified: Thu, 08 Aug 2019 22:09:31 GMT
Server: AmazonS3
x-amz-request-id: MDT1JF8Y3VR483QC
ETag: "a74593592f59cf877abaa26bf71d737b"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4389
x-amz-id-2: 5cg/jSyK3lVl+jHYE94ISZXlMZrTBAC1Xy9Q9/FDMbOSn4SHmdvd3GcUR17t8WPdeLjtsknn5/E=

GET
H2 200 heart-logo.svg
pagaleveprod.wpengine.com/wp-content/uploads/2022/05/ 2 KB
1 KB 556ms
216ms Image
image/svg+xml 34.139.196.223
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagaleveprod.wpengine.com/wp-content/uploads/2022/05/heart-logo.svg
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.196.223 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 223.196.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 56caa51d3aa2a561574273aa4499475a4a01ce6d5ef1d136040ff6dd6236c49a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
last-modified: Tue, 22 Nov 2022 15:45:05 GMT
server: nginx
etag: W/"637cee81-6e0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 5f5401ab-e169-4b7f-bb76-05327796aeb1-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 4 KB
2 KB 905ms
849ms Script
application/javascript 143.204.214.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/5f5401ab-e169-4b7f-bb76-05327796aeb1-loader.js
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-211.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f1b9d43b970ffa2598137eab8061da74aaae716f95110773a030b6774d5517b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: Ws_TCarNObY_GmVa9ilD2BcssPGVIUHB
content-encoding: gzip
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
date: Wed, 04 Jan 2023 16:41:57 GMT
last-modified: Thu, 15 Dec 2022 13:41:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"6692ffa5c597db6779a01b70a5d0ed7a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: G_E7lkVSveu_F-3Or0OvR0esmmvNlsWqlYCMPyRBTYV-d3k3cg6M3g==

GET
H2 200 animate.min.css
www.pagaleve.com.br/wp-content/plugins/js_composer_salient/assets/lib/bower/animate-css/ 51 KB
4 KB 22ms
20ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/plugins/js_composer_salient/assets/lib/bower/animate-css/animate.min.css?ver=6.7.1
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c3fbf3f4938451bc3b7781f832b7da84c23eec5b979ac7541ec754e67e3b6d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 15:45:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24165
etag: W/"637cee89-caa8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DM0TAVibIEhpdMmYmzMXA7Nisd8aqqDiQtIETaiN8tAzfAnrxAzTSUkmB8JnlGYTwSuBUaXFcMagaLGj9Fj23P92qxgRtBAgYszI7zjV5LZLcAwy1csUPmPNinb8JucUN9qdLZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac0910913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.fancybox.css
www.pagaleve.com.br/wp-content/themes/salient/css/build/plugins/ 14 KB
4 KB 431ms
430ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/css/build/plugins/jquery.fancybox.css?ver=3.3.1
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfd65a4d3d6dc823abdcf6a9b8f18c45c9cae0728d17688875f222747b5c775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee83-3649"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ClGNvGKFQOInFSfCjbyhwi%2FmFhUV95CqwabmPbdmSWwkZsHw9F%2BTFPWI8T%2F7NH4UPKmCnHfUgRG4aIkF1p5N8UbCOIu8L6jReKS7VbutxdDJnkmXIJC%2Bqd6k5Ugy64H29hhHc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac3da89004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 core.css
www.pagaleve.com.br/wp-content/themes/salient/css/build/off-canvas/ 22 KB
4 KB 448ms
429ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/css/build/off-canvas/core.css?ver=14.0.5
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3a541179fa2c1f5e6dc116505e6503d70d7ccea2bd164f34ebcaffc15185d7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee83-57ee"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izFSdY0D8J6ACDnKQigF%2FjtC8zb%2FO2H5NSPznYpv4h%2Bs%2BWo27k6qH2VMOy3FhZ8u4%2BybRRxgiXDlG%2BwwjiSDWYsAopKWPZ%2F8w4XMwmceuWkv0SRu7crowiK5ml7ox7GxtWxYDm8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7df19004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fullscreen-split.css
www.pagaleve.com.br/wp-content/themes/salient/css/build/off-canvas/ 8 KB
2 KB 470ms
449ms Stylesheet
text/css 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/css/build/off-canvas/fullscreen-split.css?ver=14.0.5
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4638956facfeff2b4d65d4a712b4a3dfdf8a9689ba645e8c2de950f51ac9b88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee83-1e3b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9um1U9AR%2BI%2F%2Fnjj1Tzao8UlSW9xUnFh1r1eaCGISP6BqTY4AzfNWFCs8VXMRqLwKhzbWtGCG1Kzz6H9p5OM7ra1Gqrb7AivqMWul4hIOj8sZqkjZJvbiyMrhwCf3Y9c232nPLCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7dfb9004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 dismiss.js Show response
www.pagaleve.com.br/wp-content/plugins/genesis-blocks/dist/assets/js/ 923 B
925 B 494ms
472ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/plugins/genesis-blocks/dist/assets/js/dismiss.js?ver=1669131914
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab326900e21f10d902070c93ca7824fb7f14e0901179b86631421e6bc4aaf257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee8a-39b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IX0pEanBGYY4cjS%2BeLWAU27cAHRRGKbyfhLMs7NZbhQgOYJ%2BlhbTtvQduxuBAJ3VV2wzv5jAiY7xpIBO5GPb4MB%2FmshWfdrDLFZ%2B6CSE0OUncTVqHEM8YTN9QFwVzVMXFIhy9Rg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7dfd9004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.easing.min.js Show response
www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/ 2 KB
1 KB 451ms
429ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/jquery.easing.min.js?ver=1.3
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15a71d32b340bf3641581ac5b4f37887b9cb3981477d5886ec5849749c8a36e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee82-958"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tx3WIWDLL1qrvBpNrotnuiF%2F4HlE6aeZvsII3r6ts6OGJKPrpcSYQ%2FdOcTWgvHVWLJYO3unV5Ay1N4AmY7aSYvDeL219oEnd53EMVynov%2FDxufW4Z5Pwgm8WKg9sYKccu1IqVaI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7dfe9004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.mousewheel.min.js Show response
www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/ 3 KB
2 KB 452ms
430ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/jquery.mousewheel.min.js?ver=3.1.13
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c962e74a0cd768609b29c247028bd61c3229a50bb3abe908feeaa98962eb0971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee83-a97"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6B3PEg1gsnx%2Fl84hWkTcWouOXrBLmOC%2BGeumHueYe0Qb46wzzSC4uthMMDUloTnYW1bfXfrFrmQMyt0Z46T5gJGOu90KBp6Ok6FIoCelTt68plimH0ngXx%2ByB4k7c%2FLxgdNOJg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7dff9004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 priority.js Show response
www.pagaleve.com.br/wp-content/themes/salient/js/build/ 2 KB
1 KB 483ms
462ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/js/build/priority.js?ver=14.0.5
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9c8cbcf0ed23e3ec2f71acc45d2c4836a1dd995cce5630964063c7a44b40283

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee82-758"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSRaoPSx5kj0FJ5%2FVMydENk%2BzIopUeGH6yKmw3ineAuj%2FNFPKkP7cHCzGP%2BLTvKqKj%2FJd8Cm4JnSbX7chIZsv54SU4vl9FD%2FbU%2F6vHiXuUDnr%2BskLZnuQusun3SaTd41ldW1gc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7e009004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 transit.min.js Show response
www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/ 7 KB
3 KB 452ms
432ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/transit.min.js?ver=0.9.9
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdcb39eec676f0d52a9647156d6e1c5e0668ebdbb1060cb8ff89d5b4ab4695e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee82-1cf8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2lyaXVcq%2BN5VtBA%2BWiDPV1haQg%2BNxgxPhdvtZni0s7ellRvxyfV1JIWrq1Q2glJJVPJu7D5Yj2yGmEVNYWRHvL6Gly2Py%2BMRQxbMKja4GEPfnqrBm10ngnq4yIghhHBvNENs8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7e029004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 waypoints.js Show response
www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/ 9 KB
3 KB 460ms
440ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/waypoints.js?ver=4.0.2
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2a730bfb474365a6a6f90da061620c69d4779a876ef88e3af0ca6febebc8f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee82-2293"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4mWpJy%2FNAiVD62Bjlk4bLAe900gkjuv2pLLhCyCbLRTnJ063sU%2F3dtqeLCRBtWSNLD3WgX6FJdi0tXJUGFOVMewJ4GafJnp9UCMsxRL8ELHVAajEph1D%2FKE8ffFrHzfbMJfi3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7e039004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 imagesLoaded.min.js Show response
www.pagaleve.com.br/wp-content/plugins/salient-portfolio/js/third-party/ 5 KB
2 KB 463ms
444ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/plugins/salient-portfolio/js/third-party/imagesLoaded.min.js?ver=4.1.4
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee88-15da"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1u6hd2lmc9RgF5E0soRU2ena0rJqASipxWQbDanak9scFLROkaGE6gprJAHhyX9rtsUmCPtvJySQAcbptnROU8DHkx%2FHNKzkJShqjREWDYIYoSrX7ktOtOlTcVkB2ToIox3LMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7e049004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 hoverintent.min.js Show response
www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/ 2 KB
1 KB 449ms
429ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/hoverintent.min.js?ver=1.9
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86a156b80c4342d46aa6bfdf42944e34cd85f5935e38c20bd58445006ca12a96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee82-8c5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbGHJg0xM1ISEKMvQuECVZhRdz7cSGpVf5kj8tTpnCOI8pjG%2Bpcnq3bAbHDPXjdhNavcgT9Oc4fK2HpK0Vq5x3874XFK28c1llvm0uaBwLJAzQzy19UaKUQBGofm42MGGfuY6ok%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7e059004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.fancybox.min.js Show response
www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/ 67 KB
22 KB 470ms
451ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/jquery.fancybox.min.js?ver=3.3.8
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2a63839c866ced03291d478b01bced52d2713b73b40949c4d54af5bd5af436f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee82-10a9d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86sJGKGyLdSi6nMvfcObs0s%2FEb4BfpbxApWogFbpwlWlbRXiJpEnfcO8JJe5C3KAsBifxLjPEOJT%2FnuRKguqz8a91Aj1NSws5q7K%2B4BRFR9pR5jXwSFpsTETJXs0s3h746pgNQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7e099004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 anime.min.js Show response
www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/ 17 KB
8 KB 477ms
457ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/anime.min.js?ver=4.5.1
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cbda29ea5096ac9404c59c77493a2f467d0eb4a27f16c750b61fc0d888dd716

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee82-454d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKR4W3k6rqCYcX3Koqf6WG3Hwuer3v5UAaR0lZP%2FTR9isNmdfwU9enlm2WsjlVl6oHZkKUlx8NCuuWf6GxDuIIy5IpTD3trniMe8mIJASDRGXcHraFnirazSaW9Z0I%2BmKT3BNE8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7e0d9004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 nectar-text-inline-images.js Show response
www.pagaleve.com.br/wp-content/themes/salient/js/build/elements/ 1 KB
984 B 496ms
477ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/js/build/elements/nectar-text-inline-images.js?ver=14.0.5
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1265bcf43c5aaa16cd6c24dce8833fa0b0e930d7456971aff75d7b0414c26cc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee83-42b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NWmQTKAdQobQ3rwWGcWi%2BSNCJ2T2SoPxL5bXGyDNYMlsUMownKlunSY5h5jCS7Q68EHCHLDm642GArU9qcGRNnkmeRuAv4h6Q0u2rntV5qS8tGmadAFkw4lsSkoMbli%2FKeDkms%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7e0e9004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 superfish.js Show response
www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/ 6 KB
3 KB 479ms
460ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/js/build/third-party/superfish.js?ver=1.5.8
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e40c49d2d7cfc035902c7b8471e9736b9a05b2adc59ed919567063676d3b793e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee82-163c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUBJIB7Bt1DUC5c1T9Kl4og%2FctEE7vMzqBbZr9ZXxU%2BUEhmphseO3A6yEn5LFF2JHIk9BJSmGd%2FafsSOb81ZC%2Bh%2BkTv3%2Bk4N6hF%2FJuqEmTXn4NJLFjNPEfqznb%2FspI0d8ZAIPUc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7e119004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 init.js Show response
www.pagaleve.com.br/wp-content/themes/salient/js/build/ 335 KB
73 KB 621ms
602ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/js/build/init.js?ver=14.0.5
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc701c532ecf787e3368d1aed33cf070b73edfaf573a7a989b67b2eb52d55355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee83-53da4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlEPn6LBc3WRpmK38wDSzyit3dqh1PmJE%2BdCXhViB68mwxE%2B%2BsJB70aKP2xYY6sY1Qo48WF7N8ET2kOvwbra34OErRHccqPO7ffkWNkiRDssRXgXu7NA8ZPsINaNtQ92DNzMt%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7e139004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 touchswipe.min.js Show response
www.pagaleve.com.br/wp-content/plugins/salient-core/js/third-party/ 9 KB
4 KB 458ms
439ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb225cbe89436bb47d3b4486cd9cee63db751cdaf60409f496253ca8be549dae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee88-249f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbSup6picxXYhn7eFNJP2d01jo%2FH8aoNezY6hxGhGXE8mePX2yURJpeHAvdZj%2BuozUmi2Np%2BHacBqO0J9RIaTFDGNLMkiMWGOLzmNM3svdiq%2BYsUIvtDF97XpRVjFqDe%2FwcowsY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7e159004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js_composer_front.min.js Show response
www.pagaleve.com.br/wp-content/plugins/js_composer_salient/assets/js/dist/ 28 KB
7 KB 450ms
432ms Script
application/javascript 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/plugins/js_composer_salient/assets/js/dist/js_composer_front.min.js?ver=6.7.1
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fccf7d38064bc3d0f77581e7623f4f20564dcc3e90e2f3978f09a8cdf0967ede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee89-6ef7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKHUlK7AOYrHy5JwYmqoGVE6JTBAYpvzdxCtXzdLJyJdLyCUNUAA2%2FM%2BDIinpd5Hy%2BaygpIHddNIVFz7D32g8OVlEDLdlQFJdjh6JXucQ9411J2aSPlnlsvJzwfW6OgMAUQacAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cac7e189004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 139ms
38ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Jan 2023 15:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4639
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 04 Jan 2023 17:24:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 215 KB
78 KB 155ms
55ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDFDKF4

Requested by

Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61d8be37306a0aaf1113a13584df450ca44f739aea5e2707f35169639e938175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79579
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Jan 2023 16:41:56 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v30/ 25 KB
26 KB 116ms
36ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand%3A600%2C500%2C700&ver=1669145085

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fxwinning-login-acess.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 12:09:41 GMT
x-content-type-options: nosniff
age: 361935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25672
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 12:09:41 GMT

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8946e71799801f6d8768a1c3f5415e65e3753f49d198be831f8113bd5b1e7358

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 563c9f27eeccd5399d58ae4ea94a59b41c5059cb761a3c8bf83a987243eee32c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f870e66fb3ca2dafd55bd9c316c363705f4bc600275868608516deb50e33881

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 62 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c679c55b7170a709694e91b0a77b256135f8f294fa7975abae64e8db5d5c2e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61abf470c28ca8dad651f4def0795e23feff525c0a6384dc4b9396ed69c8500f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34e2ce7a1e6a44addb2b66d0729eeab12e2a064f4905ea13b2ad7dd5a6ce8b9a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 006148983ad9394d5089b0cc88f84e7f28db2bbba8ab41210da5a00047356099

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e027f3859216e865481f339cd06a678da9c23bfa9eedcd4ceef7aae338349366

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85a362dcf85a201c8e4f3c8859d5285be3e11165d137c3861c38179e0072e614

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8925b83d0954de3aa7187ec0b18a37938798561b069bf4949751b04fc844230

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84bc3d6d69638febec26a9c141d182c599f00a261ca1b22fd22c9889f65d1ec6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15f0cd2425eb501595662208d9b299caaf259c0675e0963bc90d84dddebe7166

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84563da66ff59f774286201898c77dc4d894700d79dfee7af1806ecbcf3893de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 61 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bcd2c6f4aee75c70350d285fba0177a10ed6fc8796803b3f4140bc8257c1a49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 062397e195922ff24b725a1570bcef258e4eabe91f38012bb92dc58eb4a8600a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17cd8098feb91a69d8e37f0854afc427a46cda431ddd845cae49494bb628640b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8dc94ab448e3165dbdf07a336935797d512ed0f9724aa7084fef5bbed459554

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef3d6da2919be92f80a88cc59229b9cdec3396d15ad42972352472e7ddb689d6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK NkZ2MHUwT3I4aGMyOVhMUzpwYWdhbGV2ZS10ZWNub2xvZ2lhLWZpbmFuY2VpcmE= Show response
iosite.reclameaqui.com.br/raichu-io-site-v1/company/verified/hash/ 114 B
3 KB 737ms
644ms XHR
application/json 23.48.23.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://iosite.reclameaqui.com.br/raichu-io-site-v1/company/verified/hash/NkZ2MHUwT3I4aGMyOVhMUzpwYWdhbGV2ZS10ZWNub2xvZ2lhLWZpbmFuY2VpcmE=

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/raichu-beta/ra-verified/bundle.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.23.38 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-23-38.deploy.static.akamaitechnologies.com

Software

Reclameaqui /

Resource Hash

4182f5fba4398fae3d0db9d698076c474716fa7c5ab059d6741657d3bd0445b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains
Content-Encoding: gzip
x-content-type-options: nosniff
Date: Wed, 04 Jan 2023 16:41:56 GMT
x-envoy-upstream-service-time: 509
Connection: keep-alive
Content-Length: 114
x-xss-protection: 1; mode=block
Pragma: no-cache
Server: Reclameaqui
x-frame-options: DENY
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Disposition
Access-Control-Max-Age: 3600
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Vary: Accept-Encoding
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Authorization, Content-Disposition, Widget-Origin, Cookie
Expires: Wed, 04 Jan 2023 16:41:56 GMT

GET
H3 200 arrow-rotating.png
www.pagaleve.com.br/wp-content/themes/pagaleve/img/ 520 B
981 B 471ms
471ms Image
image/png 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pagaleve.com.br/wp-content/themes/pagaleve/img/arrow-rotating.png
Requested by: Host: www.pagaleve.com.br
URL: https://www.pagaleve.com.br/wp-content/themes/pagaleve/style.css?ver=14.0.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65434487bc9878610f06618a5aaf6e9e51f6db4b8cf767a3b7c0b41e18197ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pagaleve.com.br/wp-content/themes/pagaleve/style.css?ver=14.0.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "637cee84-208"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYI12QeH%2Bt5LOl%2BQOHL2ac3ANlBAk41kk1x5HdN7z97sv%2Fx83pGtwzQJE4Oug5%2Bw62o3VuAZJv8EKha%2FjGmtOvsl%2Bj945AzcS%2BYdBD42BPQirMYdluTFse0IGphcDYuqRjYAnn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78456cacdec39004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 520

GET
H3 200 nav-right.svg
www.pagaleve.com.br/wp-content/themes/pagaleve/img/ 2 KB
1 KB 437ms
437ms Image
image/svg+xml 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pagaleve.com.br/wp-content/themes/pagaleve/img/nav-right.svg
Requested by: Host: www.pagaleve.com.br
URL: https://www.pagaleve.com.br/wp-content/themes/pagaleve/style.css?ver=14.0.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fa80eeba9635e0a050d1a99149477add3e513dc63ba4893aa9c054adfabdcee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pagaleve.com.br/wp-content/themes/pagaleve/style.css?ver=14.0.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637cee83-60f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMRkgJ7yUHpEHr6kif7thSykn1hOHoUbSm2EvepNV3nfttQvgnopnVErMwhVsp5ASENu%2FUwI%2FkUrZWnAbgEOsnWmFLB7Kh97DTptXapkcVBJ3khur8jDxjHCHMNaCNwaqgXw%2BwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 78456cacded39004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fontawesome-webfont.woff
www.pagaleve.com.br/wp-content/themes/salient/css/fonts/ 96 KB
96 KB 589ms
575ms Font
font/woff 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pagaleve.com.br/wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2
Requested by: Host: www.pagaleve.com.br
URL: https://www.pagaleve.com.br/wp-content/themes/salient/css/font-awesome-legacy.min.css?ver=4.7.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://www.pagaleve.com.br/wp-content/themes/salient/css/font-awesome-legacy.min.css?ver=4.7.1
Origin: https://fxwinning-login-acess.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "637cee83-17ee8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rd5MT6oV3XPgiez4%2BltVHPT9aQJHXxDHkU7O4AB3cec4WopK4knCwF%2FHldFJJPWN286yfqKxuwRpWL3PR2vCm1P9qpFfYMAK9u%2BOX9CCfMxKoeiCUsbcOmZo6oG%2BUsfwCEgI%2FSE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78456cad1ff69122-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98024

GET
H2 200 045335299e3e723d8483.png
pagaleveprod.wpengine.com/wp-content/uploads/2022/07/ 4 KB
5 KB 375ms
133ms Image
image/png 34.139.196.223
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagaleveprod.wpengine.com/wp-content/uploads/2022/07/045335299e3e723d8483.png
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.139.196.223 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 223.196.139.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d2d26ba6b2cc7c0048f2d02898cdc48e4b43c640ff4621b1752adc973fcf3a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
last-modified: Tue, 22 Nov 2022 15:45:03 GMT
server: nginx
etag: "637cee7f-115a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4442

GET
H3 200 hero-2.png.webp
www.pagaleve.com.br/wp-content/webp-express/webp-images/uploads/2022/05/ 44 KB
45 KB 509ms
508ms Image
image/webp 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pagaleve.com.br/wp-content/webp-express/webp-images/uploads/2022/05/hero-2.png.webp
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbb8718ff28f7be953781e5c88310a78f0e5fe5752ec894a00fe236e78b52633

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:44:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "637cee7a-b19e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0RIk7ue5t9eppRVfpsRjFFq9isS5M9CQEQm3DtAnivq0d11cAYT6ghYdRErLL4Qg1SwYuGO4TDY6fagIOrCy6ovBrGeggoFxkGiq1ifvBClXTw9yYGnLj5dQwpAjPqOJO8Hz78%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78456cad0f2c9004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45470

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 127ms
46ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=290808703&t=pageview&_s=1&dl=https%3A%2F%2Ffxwinning-login-acess.shop%2F&ul=en-us&de=UTF-8&dt=Pagaleve%3A%20Pix%20parcelado%2C%20sem%20juros%20e%20sem%20cart%C3%A3o%20de%20cr%C3%A9dito&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1260424957&gjid=112380090&cid=240510500.1672850516&tid=G-FMQGQTHEZN&_gid=543284169.1672850516&_r=1&_slc=1&z=469546840

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fxwinning-login-acess.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 16:41:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fxwinning-login-acess.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
45ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=290808703&t=pageview&_s=1&dl=https%3A%2F%2Ffxwinning-login-acess.shop%2F&ul=en-us&de=UTF-8&dt=Pagaleve%3A%20Pix%20parcelado%2C%20sem%20juros%20e%20sem%20cart%C3%A3o%20de%20cr%C3%A9dito&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=664760273&gjid=27281375&cid=240510500.1672850516&tid=UA-207939543-1&_gid=543284169.1672850516&_r=1&gtm=2wgbu0NDFDKF4&z=1717627384

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fxwinning-login-acess.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 16:41:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fxwinning-login-acess.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dvqyw0zhk2 Show response
www.clarity.ms/tag/ 675 B
958 B 220ms
103ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/dvqyw0zhk2?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDFDKF4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ea47ffea3c5821ebf6c054e2414a3caa2eaae86ecac98f5dccff4df72a13f8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/x-javascript
date: Wed, 04 Jan 2023 16:41:55 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0VKy1YwAAAABEPDeOuD+FT4/HdBjPXQttRlJBMzFFREdFMDkxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 dvqyw0zhk2 Show response
www.clarity.ms/tag/ 721 B
1 KB 212ms
98ms Script
application/x-javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/dvqyw0zhk2?ref=gtm2
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: de00db04a6026c535c99a7205b8b57151fac0e933a72d9b95ddc9d6f6898751d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: application/x-javascript
date: Wed, 04 Jan 2023 16:41:55 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0VKy1YwAAAADvYbY0S8psRJD6q92LCo8kRlJBMzFFREdFMDkxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
447 B 72ms
25ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-207939543-1&cid=240510500.1672850516&jid=664760273&gjid=27281375&_gid=543284169.1672850516&_u=aEDAAUABAAAAACAAI~&z=1135509963

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fxwinning-login-acess.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 04 Jan 2023 16:41:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fxwinning-login-acess.shop
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-d/s/0.7.1/ 55 KB
19 KB 10ms
10ms Script
application/javascript 2620:1ec:4f:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-d/s/0.7.1/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dvqyw0zhk2?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:55 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0x3W1YwAAAAAdKeFouRj1QKk3ql7DvxbfRlJBMjMxMDUwNDE3MDI1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d913c18f6c839e"
x-azure-ref: 0VKy1YwAAAACur7psxNKkTpy4mVMnWEfbRlJBMzFFREdFMDkxNQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 index.html Show response
white-label-ads.voxus.tv/inte/ Frame C639 6 KB
2 KB 266ms
239ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://white-label-ads.voxus.tv/inte/index.html?by_id=18
Requested by: Host: white-label-ads.voxus.tv
URL: https://white-label-ads.voxus.tv/buyers/18/b18.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b24559fe3fc9801c2a73a5da0d67b963ec1c1c23a7c89dfe32003257d6d33c13

Request headers

Referer: https://fxwinning-login-acess.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78456cb0dc24bbb0-FRA
content-encoding: br
content-type: text/html
date: Wed, 04 Jan 2023 16:41:56 GMT
last-modified: Thu, 04 Aug 2022 16:13:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1cKGYpgkfbmcaZEhU8RJsXYen29RyEDU%2Bs4muaB4d%2BOij%2BF3KrwjO9rwgOi%2BvMWzkBjDzoDJQCG1nchoI3DSYGQWZ0cuBgL4wU5erWZb6jNcwr5i3H%2FZpiFq8gelq0IImEZW5G9sWejGTIgUTOymyr9d3mS5B0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: uwZsBSBsLMXNgH74CLNy+RjjUE6sPGnd1Zd+ZPjHy1p9trI/MvKARnGzLpugigle9LmIs0jUWzk=
x-amz-request-id: 2TNSYV4NSMJ8SAB2

POST
H2 204 collect Show response
j.clarity.ms/ 0
173 B 336ms
107ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-d/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fxwinning-login-acess.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://fxwinning-login-acess.shop
date: Wed, 04 Jan 2023 16:41:56 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H/1.1 200
OK styles.css
s3.amazonaws.com/raichu-beta/ra-verified/ 4 KB
5 KB 116ms
115ms Stylesheet
text/css 52.217.173.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/raichu-beta/ra-verified/styles.css
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/raichu-beta/ra-verified/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.173.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5673186677d911f6099461c3dda99700ed06c60982da907e51b64dc1e0f73064

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 16:41:57 GMT
Last-Modified: Thu, 08 Aug 2019 22:09:31 GMT
Server: AmazonS3
x-amz-request-id: 2TNVKEMWD1X4SPCC
ETag: "ca391c77018e8db8f86f11ec0401e501"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4295
x-amz-id-2: C8F53yi0dIkAFcyev0Ly9mWVhMblbTZENzUScOk57TsgOA4ZQggwTb+5yI2aVPKmfYoj/6qFZd4=

GET
H/1.1 200
OK verified.svg
s3.amazonaws.com/raichu-beta/ra-verified/assets/images/ 1 KB
2 KB 230ms
114ms Image
image/svg+xml 52.217.173.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/raichu-beta/ra-verified/assets/images/verified.svg
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.173.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 091f1bd626a671be4998b0704d48fc8afd16016e8c413d81e3e4d396636b3e67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 16:41:57 GMT
Last-Modified: Thu, 08 Aug 2019 22:09:31 GMT
Server: AmazonS3
x-amz-request-id: 2TNNCRNH91A3XEP9
ETag: "90d3b233734f52da890a5f59db191c83"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1351
x-amz-id-2: 65mRh73Vse7vcGb/KvDQVCdRICnywWkq2LU5/W3SMh91EzEHbs28SBSKMrkga2bwngInsGSLQvM=

GET
H/1.1 200
OK ra-logo.svg
s3.amazonaws.com/raichu-beta/ra-verified/assets/images/ 4 KB
4 KB 324ms
114ms Image
image/svg+xml 52.217.173.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/raichu-beta/ra-verified/assets/images/ra-logo.svg
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.173.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f12f86a606e0e191c06c5d15a06760869d21641a9c52aec47c13ccc2a3f8291a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 04 Jan 2023 16:41:57 GMT
Last-Modified: Thu, 08 Aug 2019 22:09:31 GMT
Server: AmazonS3
x-amz-request-id: 2TNR5QXEAY52SJ6N
ETag: "f53251f0187c12ae324654e48395a03a"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 4135
x-amz-id-2: J6suska8K13aLtestbb66EgIT2W1HzsnyuiqNjLvjpDBtFbOsnIGw4Q9eISav85dmOZI+Um0tz8=

GET
H3 200 arrow-up-1.png
www.pagaleve.com.br/wp-content/uploads/2022/05/ 2 KB
3 KB 431ms
430ms Image
image/png 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pagaleve.com.br/wp-content/uploads/2022/05/arrow-up-1.png
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83a7a243789a092a1353fe0dc7da029ed9def170f32757e2ec572bb3b501a74b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:57 GMT
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "637cee81-9aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcjuO%2Fu85c%2F5AHPXYtR2YplKW0wI9WjUlTPqhNuVcfQG5J%2BxlnLBi924j5nKtQ2gk%2BrVuq%2FOewvnsXNicU%2BdPlUDvU4EMYX9H5hLo82Iz0HR%2B2otaFdnK9BOe7awNUXw9dhvY%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78456cb1af4c9004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2474

GET
H3 200 bg-hero-pagaleve.png
www.pagaleve.com.br/wp-content/uploads/2022/05/ 7 KB
8 KB 433ms
433ms Image
image/png 141.193.213.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pagaleve.com.br/wp-content/uploads/2022/05/bg-hero-pagaleve.png
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dfaa2eea270002a51e9be230a8d07560699e34a44ce033ed81373110140109f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:57 GMT
cf-cache-status: MISS
last-modified: Tue, 22 Nov 2022 15:45:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "637cee81-1ded"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOIYvIZ%2Fm0Zij4lqfNsCEgifKWSaKV0LjMlEjBNr97SgG4UV1p3BTta6GzdnvYh5rjFXztE4rD3DOD5Wsy0YW64q9mH0sWiwLBhhokTdP%2FXWDQaulcwjaKNgLUhED3G9O3W9%2BFM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 78456cb1af569004-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7661

GET
H2 200 lead-tracking.min.js Show response
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 2 KB
1 KB 8ms
7ms Script
application/javascript 143.204.214.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/5f5401ab-e169-4b7f-bb76-05327796aeb1-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-211.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
content-encoding: gzip
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
date: Wed, 04 Jan 2023 08:29:19 GMT
last-modified: Mon, 17 Aug 2020 12:56:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 29558
etag: W/"361325c86c17ebc03ff0f4d88d267a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: yucVGnYQKg6sjwEeuP4WTYmC9OgMQFqtC5fnN-E-3MQMFny8OTEqCg==

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 9ms
8ms Script
application/javascript 143.204.214.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/5f5401ab-e169-4b7f-bb76-05327796aeb1-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-211.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a700f834d4539a4edfcd428adc332217c53a0cf7bdb9436e4703d25b6cde2cf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: _DcRcF.3JZ4tSr0ScmnT0Msp3iEBkteK
content-encoding: gzip
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
date: Wed, 04 Jan 2023 09:35:25 GMT
last-modified: Thu, 17 Nov 2022 14:58:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 25592
etag: W/"60c4a92725ecad7b22391e314ecef104"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: JNWQHqVkZ1LVC0GMtV8WBjq5EVcOT88PZuCOY_HzQOwrJxe4GcsWGw==

GET
H3 200 css
fonts.googleapis.com/ 8 KB
712 B 166ms
69ms Stylesheet
text/css 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/raichu-beta/ra-verified/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cfdcbbbafe5f910c243c4e87bbbc98934f1531814fd140f2bdff38ea5ab62ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 16:33:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Jan 2023 16:41:56 GMT

GET
H3 200 rocket-loader.min.js Show response
white-label-ads.voxus.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame C639 12 KB
4 KB 18ms
17ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://white-label-ads.voxus.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: white-label-ads.voxus.tv
URL: https://white-label-ads.voxus.tv/inte/index.html?by_id=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://white-label-ads.voxus.tv/inte/index.html?by_id=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Dec 2022 16:36:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63a1e484-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7PuLEi522nxZi9RTmzTsxxe9ex0K0iiugSxwbudvYTeUk9QKu%2BuZoPuG2ku0EY1cfgATDVXjIWYz5WyQl4MYFegL9DPa0AFLLV1O%2F4TNejdyM5fDlf0MUOJgYsXAIOxZbSrAo7zuvgajEtl%2BhwFYfYo2J89tjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 78456cb29f36bbb0-FRA
expires: Fri, 06 Jan 2023 16:41:56 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 109ms
36ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fxwinning-login-acess.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 18:50:24 GMT
x-content-type-options: nosniff
age: 165093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 18:50:24 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=290CA05AD48D428894D8684DE57302D3&RedC=c.clarity.ms&MXFR=05CB4E0A00B368E93F635C8504B36628
https://c.clarity.ms/c.gif?CtsSyncId=290CA05AD48D428894D8684DE57302D3&MUID=396A383F85E16FC73D7E2AB084336E84

42 B
391 B

27ms
27ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=290CA05AD48D428894D8684DE57302D3&MUID=396A383F85E16FC73D7E2AB084336E84
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 16:41:57 GMT
last-modified: Mon, 12 Dec 2022 18:28:34 GMT
server: Microsoft-IIS/10.0
etag: "ea79178b57ed91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 04 Jan 2023 16:41:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1FB26788E4EE4C9B9A29E2D18B97F6A1 Ref B: FRAEDGE1207 Ref C: 2023-01-04T16:41:57Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=290CA05AD48D428894D8684DE57302D3&MUID=396A383F85E16FC73D7E2AB084336E84
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 qtffoygi Show response
widget.intercom.io/widget/ 18 KB
7 KB 427ms
391ms Script
application/javascript 13.32.27.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/qtffoygi
Requested by: Host: fxwinning-login-acess.shop
URL: https://fxwinning-login-acess.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d57162e5e368a81904eff4b335d30762d0670b39be45a0a9f98bfc0f409225f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 0HkMVZtmuVij8.yoQbiEfSx_Snizp883
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
date: Wed, 04 Jan 2023 16:22:58 GMT
x-amz-cf-pop: FRA56-C2
age: 1199
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6169
last-modified: Tue, 03 Jan 2023 11:15:08 GMT
server: AmazonS3
etag: "805067f6d1f97f38b0804d299b0341a9"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: NQxpgKjx_ytL0xQ5ZcVJ731rca2SgtFKFM8AOhHUGRnoWEMro7UiXQ==

POST
H2 200 send Show response
pageview-notify.rdstation.com.br/ 36 B
601 B 454ms
136ms XHR
text/html 35.223.116.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pageview-notify.rdstation.com.br/send

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.116.223.35.bc.googleusercontent.com

Software

Resource Hash

996b23be9885a566304df0f2a5d1beb5bc047925bae0c611930e18cdc4ffdabd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fxwinning-login-acess.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 04 Jan 2023 16:41:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: https://fxwinning-login-acess.shop
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length: 36
x-xss-protection: 1; mode=block

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 191ms
191ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-d/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fxwinning-login-acess.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://fxwinning-login-acess.shop
date: Wed, 04 Jan 2023 16:41:57 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 203 KB
56 KB 9ms
8ms Script
application/javascript 143.204.214.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/5f5401ab-e169-4b7f-bb76-05327796aeb1-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-211.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c98d58b66b5fd07bd05e3f8d8dbd038cf7ac60165a3bfb761ade1942cdffffac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 7oSxp.VyXFn1opjxafVUEz1schBCjMdC
content-encoding: gzip
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
date: Wed, 04 Jan 2023 05:48:46 GMT
last-modified: Fri, 02 Dec 2022 14:05:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 39192
etag: "2a828be04895e6d8c11a79bb3476e3f4"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 56909
x-amz-cf-id: qLMp2044j8jvJYzvaXJosTL406DxUvSoCG2L2jBRIg-PcGO3HO9lxg==

GET
H2 200 rd-js-integration.min.js Show response
d335luupugsy2.cloudfront.net/js/integration/stable/ 14 KB
5 KB 16ms
15ms Script
application/javascript 143.204.214.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/5f5401ab-e169-4b7f-bb76-05327796aeb1-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-211.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d90b54433ae9944b0986c244d76712a935aa2936176822f901dccb2fb94a82b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: EFK6hy2tasKcabJ9JHnpmDSfRZbvtSM9
content-encoding: gzip
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
date: Wed, 04 Jan 2023 07:10:52 GMT
last-modified: Mon, 14 Mar 2022 19:11:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 34266
etag: "037b8303bce609f3647bd079508031b2"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
content-length: 5126
x-amz-cf-id: KZYBm7SxGwXqE-myXnOcFFPbsRAyp36lXbAjrRadJ35E2nf6pkHNbA==

GET
H2 200 show.json Show response
popups.rdstation.com.br/popup/ 34 KB
34 KB 523ms
115ms XHR
application/json 34.68.90.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://popups.rdstation.com.br/popup/show.json?account_id=445370&uniq=_t4bhfuoug&ref=aHR0cHM6Ly9meHdpbm5pbmctbG9naW4tYWNlc3Muc2hvcC8%3D

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

188.90.68.34.bc.googleusercontent.com

Software

Resource Hash

15c729bfdcedc060d7c42b583083fb05439451741dee8f89dd4579be6967f015

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=7776000
date: Wed, 04 Jan 2023 16:41:57 GMT
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
content-length: 34825

GET
H2 200 frame-modern.72b01918.js Show response
js.intercomcdn.com/ Frame C081 460 KB
126 KB 157ms
9ms Script
application/javascript 99.86.4.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.72b01918.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/qtffoygi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-93.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c7828f5d477ca4e760b6d4a2a9b892d9593b8d7bac43b2094a4b1f98ed93509b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 9q8n.v764Il3sV4GeE5MChFlSMkK6S23
content-encoding: gzip
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
date: Wed, 04 Jan 2023 15:43:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA6-C1
age: 3494
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 127831
last-modified: Tue, 03 Jan 2023 11:13:42 GMT
server: AmazonS3
etag: "139408b154c1a208cf6c15873618fd74"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 2xNcV3ntJuLsvBhKdXNiOGC9zIJ_lpKhVlvYszaE5jhBbGFLJ_W11Q==

GET
H2 200 vendor-modern.f25dd2ad.js Show response
js.intercomcdn.com/ Frame C081 236 KB
73 KB 172ms
24ms Script
application/javascript 99.86.4.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.f25dd2ad.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/qtffoygi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-93.fra6.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1c43cbb6e3f43bd664d2b7935e1c00d8324c8aebeaa9c6f9f9cdff45cc924536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 14:44:32 GMT
content-encoding: gzip
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-version-id: FeR44LGjc8gsNhrafFZ4yc2EdY.HYZmu
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA6-C1
age: 7046
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74428
last-modified: Tue, 03 Jan 2023 11:13:42 GMT
server: AmazonS3
etag: "33755b7e22d2696a67cc096c468e0ad1"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: nU35m8561nVhe1CQlvItGkgsw82CcJLMxVDCX4mX1SMvnsli022KAQ==

POST
H2 403 ping Show response
api-iam.intercom.io/messenger/web/ Frame C081 166 B
812 B 416ms
191ms XHR
application/json 52.22.156.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.72b01918.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.22.156.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-22-156-216.compute-1.amazonaws.com

Software

nginx /

Resource Hash

607d571f40b505cc56997c0e242ff9dfdc90d5591651533aa7524d08460ecb11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 04 Jan 2023 16:41:58 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
status: 403 Forbidden
x-xss-protection: 1; mode=block
x-request-id: 003l1ga2t6cpn66k673g
x-runtime: 0.044544
server: nginx
x-ratelimit-remaining: 13329
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fxwinning-login-acess.shop
x-intercom-version: 86651788c089777a7e26ff97ff663fc0d5d9ec95
cache-control: no-cache
access-control-allow-credentials: true
x-ratelimit-reset: 1672850520
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 145ms
63ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=null

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0eeb57b1e281f3b281a8e4772be0f8907ecaf223f5934576f33d8ed4c3ea0d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:41:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37423
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 04 Jan 2023 16:41:58 GMT

GET
H3 200 css
fonts.googleapis.com/ 16 KB
1 KB 72ms
72ms Stylesheet
text/css 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dab5241f2900b5765983ae17ef6637ad7714cb34056e783bf5a1a845a9cd910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fxwinning-login-acess.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Jan 2023 16:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 16:38:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Jan 2023 16:41:58 GMT

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
16 KB 40ms
37ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fxwinning-login-acess.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 07:06:46 GMT
x-content-type-options: nosniff
age: 380112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 07:06:46 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 95ms
95ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-d/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://fxwinning-login-acess.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: https://fxwinning-login-acess.shop
date: Wed, 04 Jan 2023 16:41:58 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fxwinning-login-acess.shop/	1970-01-20 18:16:50	Name: _ga Value: GA1.2.240510500.1672850516
.fxwinning-login-acess.shop/	1970-01-20 08:42:16	Name: _gid Value: GA1.2.543284169.1672850516
.fxwinning-login-acess.shop/	1970-01-20 08:40:50	Name: _gat Value: 1
.fxwinning-login-acess.shop/	1970-01-20 08:40:50	Name: _gat_UA-207939543-1 Value: 1
www.clarity.ms/	1970-01-20 17:26:26	Name: CLID Value: a418d275737c44259d69f965e23f8ac3.20230104.20240104
.fxwinning-login-acess.shop/	1970-01-20 17:26:26	Name: _clck Value: d69du4\|1\|f7z\|0
.fxwinning-login-acess.shop/	1970-01-20 08:42:16	Name: _clsk Value: cvnw7k\|1672850516927\|1\|1\|j.clarity.ms/collect
.c.bing.com/	1970-01-20 18:02:26	Name: SRM_B Value: 396A383F85E16FC73D7E2AB084336E84
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 18:02:26	Name: MUID Value: 396A383F85E16FC73D7E2AB084336E84
.c.clarity.ms/	1970-01-20 08:40:51	Name: ANONCHK Value: 0
.fxwinning-login-acess.shop/	1970-01-20 17:26:26	Name: rdtrk Value: %7B%22id%22%3A%2231530ca5-ab7f-4559-be46-999c418d0089%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api-iam.intercom.io/messenger/web/ping Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
c.bing.com
c.clarity.ms
d335luupugsy2.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fxwinning-login-acess.shop
iosite.reclameaqui.com.br
j.clarity.ms
js.intercomcdn.com
pagaleveprod.wpengine.com
pageview-notify.rdstation.com.br
popups.rdstation.com.br
s3.amazonaws.com
stats.g.doubleclick.net
white-label-ads.voxus.tv
widget.intercom.io
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
www.pagaleve.com.br
13.32.27.114
141.193.213.10
143.204.214.211
20.234.93.27
20.85.30.134
23.48.23.38
2606:4700:3033::ac43:a0df
2620:1ec:4f:1::45
2620:1ec:c11::200
2a00:1450:4001:809::200e
2a00:1450:4001:813::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9a
2a00:1450:400d:805::200a
2a06:98c1:3120::3
34.139.196.223
34.68.90.188
35.223.116.65
52.217.173.40
52.22.156.216
99.86.4.93
006148983ad9394d5089b0cc88f84e7f28db2bbba8ab41210da5a00047356099
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
062397e195922ff24b725a1570bcef258e4eabe91f38012bb92dc58eb4a8600a
091f1bd626a671be4998b0704d48fc8afd16016e8c413d81e3e4d396636b3e67
0f870e66fb3ca2dafd55bd9c316c363705f4bc600275868608516deb50e33881
0feed8c49be4364b55622b9ad28cc535bbfab76a6d81128255833e7634fa2aa1
1265bcf43c5aaa16cd6c24dce8833fa0b0e930d7456971aff75d7b0414c26cc4
15a71d32b340bf3641581ac5b4f37887b9cb3981477d5886ec5849749c8a36e7
15c729bfdcedc060d7c42b583083fb05439451741dee8f89dd4579be6967f015
15f0cd2425eb501595662208d9b299caaf259c0675e0963bc90d84dddebe7166
17cd8098feb91a69d8e37f0854afc427a46cda431ddd845cae49494bb628640b
19e26309b44cfd758c681db9a999183ce82d44b2511a67a4ed9a7851c26bce9d
1c3fbf3f4938451bc3b7781f832b7da84c23eec5b979ac7541ec754e67e3b6d2
1c43cbb6e3f43bd664d2b7935e1c00d8324c8aebeaa9c6f9f9cdff45cc924536
217de3a8943db402ad370ace0a771d56c65c610288dc60c2df8f57474b6385fa
2dab5241f2900b5765983ae17ef6637ad7714cb34056e783bf5a1a845a9cd910
303aa86d139c18870a1134746377da4cdc1ebe0e07b9201a5db00d43ebf5c552
319f6ac36829b0a184068573ed03320b9bb52dad872f5d1ae4714510b59f5f53
34e2ce7a1e6a44addb2b66d0729eeab12e2a064f4905ea13b2ad7dd5a6ce8b9a
36fadd21b848feb23f31d2e7cf020bfaf8f98f4eff5b2e7894573bf08ee24a66
4182f5fba4398fae3d0db9d698076c474716fa7c5ab059d6741657d3bd0445b9
4dfaa2eea270002a51e9be230a8d07560699e34a44ce033ed81373110140109f
5533874c2b0145642ca304f110240fcdb05253df388c2f7b97c053ad5eb69b65
563c9f27eeccd5399d58ae4ea94a59b41c5059cb761a3c8bf83a987243eee32c
5673186677d911f6099461c3dda99700ed06c60982da907e51b64dc1e0f73064
56caa51d3aa2a561574273aa4499475a4a01ce6d5ef1d136040ff6dd6236c49a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5bcd2c6f4aee75c70350d285fba0177a10ed6fc8796803b3f4140bc8257c1a49
5be9ef1a87eb8bbd5da2cb8a9c678e25933fce6c41614814e22a1d6561dfa12b
5cbda29ea5096ac9404c59c77493a2f467d0eb4a27f16c750b61fc0d888dd716
5e4e64192ca8ce005b907fa34c1b389a7c47406c361a02efef328ed8bd08887f
607d571f40b505cc56997c0e242ff9dfdc90d5591651533aa7524d08460ecb11
61abf470c28ca8dad651f4def0795e23feff525c0a6384dc4b9396ed69c8500f
61d8be37306a0aaf1113a13584df450ca44f739aea5e2707f35169639e938175
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
65434487bc9878610f06618a5aaf6e9e51f6db4b8cf767a3b7c0b41e18197ed6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
7023f485052e7f0856571b8545fcf7745f0acbc326b27df672cc03440f9c46f4
70bb7aa115ab6e7687d4ee5be8ff522efbc31bf07ace369bad5f20bfd935e127
713b008aac6b77c51965a613042eb8bfca3be004146f1c9514922833c3a09d6f
7adb967745932b25c31da3ef4a92f2b8e166926a7a8476fe8c8c58fc84b95fa3
83a7a243789a092a1353fe0dc7da029ed9def170f32757e2ec572bb3b501a74b
84563da66ff59f774286201898c77dc4d894700d79dfee7af1806ecbcf3893de
84bc3d6d69638febec26a9c141d182c599f00a261ca1b22fd22c9889f65d1ec6
85a362dcf85a201c8e4f3c8859d5285be3e11165d137c3861c38179e0072e614
86a156b80c4342d46aa6bfdf42944e34cd85f5935e38c20bd58445006ca12a96
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8946e71799801f6d8768a1c3f5415e65e3753f49d198be831f8113bd5b1e7358
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
8eb58c4d4c3533f2525e269440bf324ccb9a51573931787971205c89edf8db7b
8fa80eeba9635e0a050d1a99149477add3e513dc63ba4893aa9c054adfabdcee
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
996b23be9885a566304df0f2a5d1beb5bc047925bae0c611930e18cdc4ffdabd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a1d01cc4e8dac0f0e4be7069dd8330189c84f11f700a86a81aee7b6baf40444
9bfd65a4d3d6dc823abdcf6a9b8f18c45c9cae0728d17688875f222747b5c775
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a2a730bfb474365a6a6f90da061620c69d4779a876ef88e3af0ca6febebc8f79
a2b4c3ad220c8d28533887965fbb1e6c1382588d200eb9d95250f929a567ba1a
a700f834d4539a4edfcd428adc332217c53a0cf7bdb9436e4703d25b6cde2cf4
a8dc94ab448e3165dbdf07a336935797d512ed0f9724aa7084fef5bbed459554
a9c8cbcf0ed23e3ec2f71acc45d2c4836a1dd995cce5630964063c7a44b40283
ab326900e21f10d902070c93ca7824fb7f14e0901179b86631421e6bc4aaf257
b24559fe3fc9801c2a73a5da0d67b963ec1c1c23a7c89dfe32003257d6d33c13
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b3a541179fa2c1f5e6dc116505e6503d70d7ccea2bd164f34ebcaffc15185d7f
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c679c55b7170a709694e91b0a77b256135f8f294fa7975abae64e8db5d5c2e6e
c7828f5d477ca4e760b6d4a2a9b892d9593b8d7bac43b2094a4b1f98ed93509b
c962e74a0cd768609b29c247028bd61c3229a50bb3abe908feeaa98962eb0971
c98d58b66b5fd07bd05e3f8d8dbd038cf7ac60165a3bfb761ade1942cdffffac
cb225cbe89436bb47d3b4486cd9cee63db751cdaf60409f496253ca8be549dae
cbb8718ff28f7be953781e5c88310a78f0e5fe5752ec894a00fe236e78b52633
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfdcbbbafe5f910c243c4e87bbbc98934f1531814fd140f2bdff38ea5ab62ac7
d0eeb57b1e281f3b281a8e4772be0f8907ecaf223f5934576f33d8ed4c3ea0d7
d2a63839c866ced03291d478b01bced52d2713b73b40949c4d54af5bd5af436f
d2d26ba6b2cc7c0048f2d02898cdc48e4b43c640ff4621b1752adc973fcf3a07
d4638956facfeff2b4d65d4a712b4a3dfdf8a9689ba645e8c2de950f51ac9b88
d57162e5e368a81904eff4b335d30762d0670b39be45a0a9f98bfc0f409225f3
d90b54433ae9944b0986c244d76712a935aa2936176822f901dccb2fb94a82b3
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
de00db04a6026c535c99a7205b8b57151fac0e933a72d9b95ddc9d6f6898751d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e027f3859216e865481f339cd06a678da9c23bfa9eedcd4ceef7aae338349366
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40c49d2d7cfc035902c7b8471e9736b9a05b2adc59ed919567063676d3b793e
e8925b83d0954de3aa7187ec0b18a37938798561b069bf4949751b04fc844230
ea47ffea3c5821ebf6c054e2414a3caa2eaae86ecac98f5dccff4df72a13f8ab
ef3d6da2919be92f80a88cc59229b9cdec3396d15ad42972352472e7ddb689d6
f12f86a606e0e191c06c5d15a06760869d21641a9c52aec47c13ccc2a3f8291a
f1b9d43b970ffa2598137eab8061da74aaae716f95110773a030b6774d5517b9
f3b2531d6e76075cf19da71a57064e1c8685fc47e741f85d3a67b62a28af0e1b
fc701c532ecf787e3368d1aed33cf070b73edfaf573a7a989b67b2eb52d55355
fccf7d38064bc3d0f77581e7623f4f20564dcc3e90e2f3978f09a8cdf0967ede
fdcb39eec676f0d52a9647156d6e1c5e0668ebdbb1060cb8ff89d5b4ab4695e8
fe997fa5d4ea4b8cd5854f8458941a27c12449d2d1a623dc22ae794776272658

fxwinning-login-acess.shop Open in urlscan Pro 2606:4700:3033::ac43:a0df Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

99 %HTTPS

43 %IPv6

17 Domains

21 Subdomains

21 IPs

4 Countries

1084 kBTransfer

3294 kBSize

12 Cookies

19 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fxwinning-login-acess.shop Open in urlscan Pro
2606:4700:3033::ac43:a0df Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

99 %
HTTPS

43 %
IPv6

17
Domains

21
Subdomains

21
IPs

4
Countries

1084 kB
Transfer

3294 kB
Size

12
Cookies

86 HTTP transactions
18 data transactions