www.riqueza-oculta.bellasmulheres.fun Open in urlscan Pro
192.185.223.123 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.riqueza-oculta.bellasmulheres.fun/
Submission: On June 08 via api (June 8th 2024, 5:02:48 am UTC) from US — Scanned from DE

Summary HTTP 34 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 34 HTTP transactions. The main IP is 192.185.223.123, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is www.riqueza-oculta.bellasmulheres.fun.
TLS certificate: Issued by R10 on June 7th 2024. Valid for: 3 months.

This is the only time www.riqueza-oculta.bellasmulheres.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	192.185.223.123 192.185.223.123	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
5	172.67.184.158 172.67.184.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.192.43 18.66.192.43	16509 (AMAZON-02) (AMAZON-02)
6	2a02:26f0:710... 2a02:26f0:7100::213:c673	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.73.156.111 52.73.156.111	14618 (AMAZON-AES) (AMAZON-AES)
1	65.108.75.112 65.108.75.112	24940 (HETZNER-AS) (HETZNER-AS)
1	54.91.142.155 54.91.142.155	14618 (AMAZON-AES) (AMAZON-AES)
2	172.67.71.12 172.67.71.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	11

13 192.185.223.123 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: br300-ip03.hostgator.com.br

www.riqueza-oculta.bellasmulheres.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
riqueza-oculta.bellasmulheres.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.184.158 (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-43.muc50.r.cloudfront.net

scripts.converteai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:7100::213:c673 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.converteai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.73.156.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-156-111.compute-1.amazonaws.com

a.vturb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.75.112 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: wtfismyip.com

ipv4.wtfismyip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.91.142.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-142-155.compute-1.amazonaws.com

api.vturb.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.71.12 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.123tapronto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userstat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	bellasmulheres.fun 1 redirects www.riqueza-oculta.bellasmulheres.fun riqueza-oculta.bellasmulheres.fun	862 KB
7	converteai.net scripts.converteai.net — Cisco Umbrella Rank: 140964 cdn.converteai.net — Cisco Umbrella Rank: 103568	3 MB
5	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 9923	279 KB
2	123tapronto.com analytics.123tapronto.com	739 B
2	vturb.net a.vturb.net — Cisco Umbrella Rank: 113675
1	userstat.net userstat.net — Cisco Umbrella Rank: 321013	664 B
1	wtfismyip.com ipv4.wtfismyip.com — Cisco Umbrella Rank: 356130	520 B
1	vturb.com.br api.vturb.com.br — Cisco Umbrella Rank: 139898 Failed
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	59 KB
34	9

	Domain	Requested by
12	www.riqueza-oculta.bellasmulheres.fun	1 redirects www.riqueza-oculta.bellasmulheres.fun
6	cdn.converteai.net	scripts.converteai.net cdn.converteai.net
5	fonts.cdnfonts.com	www.riqueza-oculta.bellasmulheres.fun fonts.cdnfonts.com
2	analytics.123tapronto.com	www.riqueza-oculta.bellasmulheres.fun
2	a.vturb.net	cdn.converteai.net
1	userstat.net	www.riqueza-oculta.bellasmulheres.fun
1	riqueza-oculta.bellasmulheres.fun
1	ipv4.wtfismyip.com	www.riqueza-oculta.bellasmulheres.fun
1	api.vturb.com.br	cdn.converteai.net
1	scripts.converteai.net	www.riqueza-oculta.bellasmulheres.fun
1	connect.facebook.net	www.riqueza-oculta.bellasmulheres.fun
34	11

This site contains links to these domains. Also see Links.

Domain
vturb.com
go.perfectpay.com.br

Subject Issuer	Validity	Valid
riqueza-oculta.bellasmulheres.fun R10	`2024-06-07` - `2024-09-05`	3 months	crt.sh
cdnfonts.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-17` - `2024-06-15`	3 months	crt.sh
*.converteai.net Amazon RSA 2048 M01	`2023-08-21` - `2024-09-18`	a year	crt.sh
converteai.net R3	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.vturb.net Amazon RSA 2048 M02	`2024-01-14` - `2025-02-12`	a year	crt.sh
wtfismyip.com GTS CA 1P5	`2024-05-11` - `2024-08-09`	3 months	crt.sh
*.vturb.com.br Amazon RSA 2048 M03	`2023-10-20` - `2024-11-17`	a year	crt.sh
123tapronto.com GTS CA 1P5	`2024-05-12` - `2024-08-10`	3 months	crt.sh
userstat.net GTS CA 1P5	`2024-05-19` - `2024-08-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.riqueza-oculta.bellasmulheres.fun/
Frame ID: 6431F305EC985FBB88EC95D2A534C7A8
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

34
Requests

91 %
HTTPS

20 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

4744 kB
Transfer

5191 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://vturb.com/?via=player
Title: Powered by Vturb

Search URL Search Domain Scan URL

URL: https://go.perfectpay.com.br/PPU38COGQ0T
Title: QUERO TER ACESSO AGORA

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.riqueza-oculta.bellasmulheres.fun/favicon.ico HTTP 302
https://riqueza-oculta.bellasmulheres.fun/wp-includes/images/w-logo-blue-white-bg.png

34 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.riqueza-oculta.bellasmulheres.fun/ 17 KB
7 KB 556ms
151ms Document
text/html 192.185.223.123
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riqueza-oculta.bellasmulheres.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.123 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br300-ip03.hostgator.com.br
Software: Apache /
Resource Hash: 9ad401635b426121313b0e14062b00cfb6a2e232d031da6a589ae0c065197805

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 6800
content-type: text/html
date: Sat, 08 Jun 2024 05:02:42 GMT
last-modified: Fri, 07 Jun 2024 19:52:30 GMT
server: Apache
vary: Accept-Encoding

GET
H3 200 poppins
fonts.cdnfonts.com/css/ 6 KB
861 B 102ms
54ms Stylesheet
text/css 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/poppins
Requested by: Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8df477302d2d039e12368028c0f626ea9077db22b39ede60b0f15d12a98e83c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6684136
cf-polished: origSize=7096
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 22 Mar 2024 20:20:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w3EgFhIfU6cxfh%2FXEMK8lzjjgbiGqRCRKkTnkbWZhHh4VCzgCpZdWAVu7uMWEFUqvfumfl9Ps8R7Xt%2BSrdiR4OuZCqPzm%2F%2BDs2hqI0RV%2B7X70DRSAGFAokhQgMVvJuNe61PpO5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 890654ca4b8218d2-FRA

GET
H2 200 fbevents.js Show response
www.riqueza-oculta.bellasmulheres.fun/js/ 219 KB
82 KB 150ms
149ms Script
application/javascript 192.185.223.123
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riqueza-oculta.bellasmulheres.fun/js/fbevents.js
Requested by: Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.123 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br300-ip03.hostgator.com.br
Software: Apache /
Resource Hash: 83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:42 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 19:52:32 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 player.js Show response
www.riqueza-oculta.bellasmulheres.fun/js/ 10 KB
5 KB 718ms
714ms Script
application/javascript 192.185.223.123
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riqueza-oculta.bellasmulheres.fun/js/player.js
Requested by: Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.123 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br300-ip03.hostgator.com.br
Software: Apache /
Resource Hash: 6eb62c21196bebdb49ff482b53f3dafca5d48e717d3645f10d8f3dc431c39fc0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:42 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 19:52:32 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5024

GET
H2 200 thumbnail.jpg
www.riqueza-oculta.bellasmulheres.fun/images/ 1 KB
1 KB 144ms
143ms Image
image/jpeg 192.185.223.123
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riqueza-oculta.bellasmulheres.fun/images/thumbnail.jpg
Requested by: Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.123 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br300-ip03.hostgator.com.br
Software: Apache /
Resource Hash: 6642495536e32f47ea222a95a574e8a1bfe96299cef38f80b531cc4470f68748

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:42 GMT
last-modified: Fri, 07 Jun 2024 19:52:36 GMT
server: Apache
accept-ranges: bytes
content-length: 1449
content-type: image/jpeg

GET
H2 200 123tapronto1714583906229-Imagem%2Bdo%2BWhatsApp%2Bde%2B2024-05-01%2B%C3%A0%28s%29%2B14.17.43_03685000.jpg
www.riqueza-oculta.bellasmulheres.fun/images/ 186 KB
186 KB 411ms
411ms Image
image/jpeg 192.185.223.123
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riqueza-oculta.bellasmulheres.fun/images/123tapronto1714583906229-Imagem%2Bdo%2BWhatsApp%2Bde%2B2024-05-01%2B%C3%A0%28s%29%2B14.17.43_03685000.jpg
Requested by: Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.123 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br300-ip03.hostgator.com.br
Software: Apache /
Resource Hash: 2196399293a8ae700a67361d312c9cfa7af3d04faf7bd3ef8b863636647f3356

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:42 GMT
last-modified: Fri, 07 Jun 2024 19:52:36 GMT
server: Apache
accept-ranges: bytes
content-length: 190659
content-type: image/jpeg

GET
H2 200 123tapronto1668873747172-l.webp
www.riqueza-oculta.bellasmulheres.fun/images/ 2 KB
2 KB 719ms
713ms Image
image/webp 192.185.223.123
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riqueza-oculta.bellasmulheres.fun/images/123tapronto1668873747172-l.webp
Requested by: Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.123 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br300-ip03.hostgator.com.br
Software: Apache /
Resource Hash: 84307880af58e1118fd7ca5126977f96fed4930887bdae6ced9a275134319b56

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:42 GMT
last-modified: Fri, 07 Jun 2024 19:52:34 GMT
server: Apache
accept-ranges: bytes
content-length: 1768
content-type: image/webp

GET
H2 200 123tapronto1668873735883-h.webp
www.riqueza-oculta.bellasmulheres.fun/images/ 2 KB
2 KB 468ms
463ms Image
image/webp 192.185.223.123
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riqueza-oculta.bellasmulheres.fun/images/123tapronto1668873735883-h.webp
Requested by: Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.123 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br300-ip03.hostgator.com.br
Software: Apache /
Resource Hash: e316b7ae03682a08588a54b4e0afad4c00bb9f87cf44986d84c83d71d317c0ae

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:42 GMT
last-modified: Fri, 07 Jun 2024 19:52:34 GMT
server: Apache
accept-ranges: bytes
content-length: 1702
content-type: image/webp

GET
H2 200 123tapronto1714583685433-Imagem%2Bdo%2BWhatsApp%2Bde%2B2024-05-01%2B%C3%A0%28s%29%2B14.11.34_b2e2eea8.jpg
www.riqueza-oculta.bellasmulheres.fun/images/ 158 KB
158 KB 718ms
713ms Image
image/jpeg 192.185.223.123
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riqueza-oculta.bellasmulheres.fun/images/123tapronto1714583685433-Imagem%2Bdo%2BWhatsApp%2Bde%2B2024-05-01%2B%C3%A0%28s%29%2B14.11.34_b2e2eea8.jpg
Requested by: Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.123 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br300-ip03.hostgator.com.br
Software: Apache /
Resource Hash: e24b724ac5fba2ca85911cb6b048480b1eec116bfe81b4faaf5107087e54199b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:42 GMT
last-modified: Fri, 07 Jun 2024 19:52:35 GMT
server: Apache
accept-ranges: bytes
content-length: 161963
content-type: image/jpeg

GET
H2 200 123tapronto1714583891317-Imagem%2Bdo%2BWhatsApp%2Bde%2B2024-05-01%2B%C3%A0%28s%29%2B14.17.41_519b80bf.jpg
www.riqueza-oculta.bellasmulheres.fun/images/ 197 KB
197 KB 718ms
713ms Image
image/jpeg 192.185.223.123
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riqueza-oculta.bellasmulheres.fun/images/123tapronto1714583891317-Imagem%2Bdo%2BWhatsApp%2Bde%2B2024-05-01%2B%C3%A0%28s%29%2B14.17.41_519b80bf.jpg
Requested by: Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.123 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br300-ip03.hostgator.com.br
Software: Apache /
Resource Hash: 80bbfb6f7a160b1f84345fc2e783f9d56a24564d9e7212e4e3c6ee71ebd6058e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:42 GMT
last-modified: Fri, 07 Jun 2024 19:52:36 GMT
server: Apache
accept-ranges: bytes
content-length: 201482
content-type: image/jpeg

GET
H2 200 123tapronto1714583724883-clecio.jpg
www.riqueza-oculta.bellasmulheres.fun/images/ 196 KB
196 KB 468ms
463ms Image
image/jpeg 192.185.223.123
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riqueza-oculta.bellasmulheres.fun/images/123tapronto1714583724883-clecio.jpg
Requested by: Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.123 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br300-ip03.hostgator.com.br
Software: Apache /
Resource Hash: 5625d849f7a75659ca12366c85c17daeb3086ff370be29dad06e416ec7b58bb7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:42 GMT
last-modified: Fri, 07 Jun 2024 19:52:35 GMT
server: Apache
accept-ranges: bytes
content-length: 200996
content-type: image/jpeg

GET
H2 200 googletagmanager.js Show response
www.riqueza-oculta.bellasmulheres.fun/js/ 51 KB
22 KB 718ms
714ms Script
application/javascript 192.185.223.123
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riqueza-oculta.bellasmulheres.fun/js/googletagmanager.js
Requested by: Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.223.123 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br300-ip03.hostgator.com.br
Software: Apache /
Resource Hash: addad606e8c71d7d2120ea8632b7ad36729d33f7eee73a8820757b9f91ce5fbb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:42 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2024 19:52:31 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 127ms
39ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 08 Jun 2024 05:02:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2818, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: rd2TxtiawQGPL69rhoZEle+Z0G3fHnsmHryYUiRkDzPwvKYZgO9xED0HMLfgSJgirVGak1+jEDYb4mslgWQd9w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 player.js Show response
scripts.converteai.net/7d7658a2-5d2c-4c15-8c95-b9397fd025e0/players/662835d1ece92700071c2177/ 10 KB
5 KB 572ms
463ms Script
text/javascript 18.66.192.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.converteai.net/7d7658a2-5d2c-4c15-8c95-b9397fd025e0/players/662835d1ece92700071c2177/player.js
Requested by: Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-43.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6eb62c21196bebdb49ff482b53f3dafca5d48e717d3645f10d8f3dc431c39fc0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:43 GMT
content-encoding: br
via: 1.1 ec12d3de4ccd821a7e749609dcc62010.cloudfront.net (CloudFront)
last-modified: Mon, 27 May 2024 20:04:40 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
etag: W/"e9ed1f30c32c5e6b97356a1169e9c137"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-cf-id: GfH1_Wd6XScxorkGY6CtzjxpoUsLVP-EOtHIH7478uwSeJeSYd28Ew==

GET
H3 200 Poppins-Italic.woff
fonts.cdnfonts.com/s/16009/ 75 KB
75 KB 301ms
249ms Font
font/woff 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/16009/Poppins-Italic.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/poppins
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22217e73d7c2a15683fd26f66769dc67bede36e640c794abefdb726dad731ae3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.cdnfonts.com/css/poppins
Origin: https://www.riqueza-oculta.bellasmulheres.fun
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:42 GMT
cf-cache-status: MISS
last-modified: Sat, 05 Feb 2022 02:00:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "12a1c-5d73bbbdfa26a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTuQ7cIGuXULMiNRpGXat9K8JG34%2Fk6lTwFg2Bv%2B2%2BwKvERxdFsxDTSFSFYHHR7fNUJsUcvCWjdTAoP5bMf2jzGy4KaHiMHz78H%2BSOKd1ye%2B8sf8scFSR8RGUrx1b0l%2F8iCrTWU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 890654cb18c068f5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 76316

GET
H3 200 Poppins-Regular.woff
fonts.cdnfonts.com/s/16009/ 65 KB
65 KB 287ms
236ms Font
font/woff 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/16009/Poppins-Regular.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/poppins
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b5ed244caeaa43c5e9c70566868cff1f8a9747b49cb7e28b155d14085136fb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.cdnfonts.com/css/poppins
Origin: https://www.riqueza-oculta.bellasmulheres.fun
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:42 GMT
cf-cache-status: MISS
last-modified: Sat, 05 Feb 2022 02:00:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "103a0-5d73bbbdfa652"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uY7o%2BBjjl0upgwkVnMw3QvU%2BnshqdtsUWbCmJ9PTAX37hJivBL97cbll1drffmvZxKBjDvXPqJCBaJ8s6ubk8YcZnq9NX6pa%2FOZzJkyNUgH2lyBDUv5qiuRyexKGQoOMFOIo0dM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 890654cb18be68f5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 66464

GET
H3 200 Poppins-BoldItalic.woff
fonts.cdnfonts.com/s/16009/ 73 KB
74 KB 130ms
80ms Font
font/woff 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/16009/Poppins-BoldItalic.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/poppins
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa7854cdb983d5000de9f43bb60aa78210f947120bc91afc68d128e021fb6738

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.cdnfonts.com/css/poppins
Origin: https://www.riqueza-oculta.bellasmulheres.fun
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:42 GMT
cf-cache-status: MISS
last-modified: Sat, 05 Feb 2022 02:00:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "124a0-5d73bbbdf9a9a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rgz%2BGlTLwG3gSS3uHcE1ei9BGhmVkooEQ2FyMsP0hZdXwtxpXkECDCAr3Gm2k%2FvjkiBWicjnD%2FQ2fbXw7Y0Ask7lt%2FW2g5bxaBjJxkOWdYGFCyZsmEsCwO5jcYh4hnCV0NgZmg8%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 890654cb18ba68f5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 74912

GET
H3 200 Poppins-Bold.woff
fonts.cdnfonts.com/s/16009/ 64 KB
65 KB 121ms
70ms Font
font/woff 172.67.184.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/16009/Poppins-Bold.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/poppins
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a11b45f950168e9b74999a7fdb9d76f7eb2b08c045992ba1f9ae0b995be5cb9e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.cdnfonts.com/css/poppins
Origin: https://www.riqueza-oculta.bellasmulheres.fun
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:42 GMT
cf-cache-status: MISS
last-modified: Sat, 05 Feb 2022 02:00:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "10024-5d73bbbdf9a9a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=htlcisGlEY4Ve9wz6bA108PgSnAIwD0f3iDVIXkLPYGpgCALXbgrXXZf%2F0LBhrpINI06Y62qKjf5nujBbpNu8xzVFy7%2BIWjA02c%2BQ2nnA%2B5I2ClKcvZiItm1rCnMZdcHyJYPBKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 890654cb18bd68f5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 65572

GET
H/1.1 200
OK smartplayer.min.js Show response
cdn.converteai.net/lib/js/smartplayer/v1/ 658 KB
658 KB 302ms
47ms Script
application/x-javascript 2a02:26f0:7100::213:c673
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Requested by: Host: scripts.converteai.net
URL: https://scripts.converteai.net/7d7658a2-5d2c-4c15-8c95-b9397fd025e0/players/662835d1ece92700071c2177/player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::213:c673 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6c44835c3943b1dbe37378105d4470fe2b74db86d7c9abaf9e4d53090a0b5970

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 08 Jun 2024 05:02:43 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 673316
Last-Modified: Fri, 10 May 2024 16:57:04 GMT
Server: AkamaiNetStorage
ETag: "9d2429e7242a19c5e94fe0a2153c4b2f:1715360224.56772"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30033779
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H/1.1 200
OK main.m3u8 Show response
cdn.converteai.net/7d7658a2-5d2c-4c15-8c95-b9397fd025e0/662835a605334f0008a06b82/ 496 B
1 KB 284ms
196ms XHR
application/x-mpegurl 2a02:26f0:7100::213:c673
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/7d7658a2-5d2c-4c15-8c95-b9397fd025e0/662835a605334f0008a06b82/main.m3u8
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::213:c673 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 245a886854b254f3ec8b5e7279d7f7339afc9c30b8ea7633be9eb332041e56da

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 08 Jun 2024 05:02:43 GMT
Content-Encoding: gzip
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 247
Last-Modified: Tue, 23 Apr 2024 22:33:16 GMT
Server: AkamaiNetStorage
ETag: "10afaf980dfaf5b316d42445c55de9f8:1713911608.373615"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31475513
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
DATA 200
OK truncated
/ 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 x
a.vturb.net/ 0
0 123ms
122ms Fetch 52.73.156.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vturb.net/x
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.156.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-156-111.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sat, 08 Jun 2024 05:02:43 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94c2a9b8734dc2142c15374e6c87677a8255baf404747008dcbffaaefc787299

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST check
api.vturb.com.br/vturb/ 0
0

GET
H2 200 json Show response
ipv4.wtfismyip.com/ 325 B
520 B 328ms
123ms XHR
application/json 65.108.75.112
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv4.wtfismyip.com/json
Requested by: Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/js/googletagmanager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.75.112 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: wtfismyip.com
Software: /
Resource Hash: 8d515bc7c9f74ca24504ae02507b541951da47027b6668987f586218c3719976

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 08 Jun 2024 05:02:43 GMT
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-fortune: It's going to be a fucking glorious day
content-length: 325
expires: 0

GET
H/1.1 200
OK original_360p.m3u8 Show response
cdn.converteai.net/7d7658a2-5d2c-4c15-8c95-b9397fd025e0/662835a605334f0008a06b82/ 11 KB
1 KB 232ms
231ms XHR
application/x-mpegurl 2a02:26f0:7100::213:c673
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/7d7658a2-5d2c-4c15-8c95-b9397fd025e0/662835a605334f0008a06b82/original_360p.m3u8
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::213:c673 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 36a8ff1031e964bf34d5b07d53a60ecd9251ee526e531d5fe303dbb1139d1e69

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 08 Jun 2024 05:02:43 GMT
Content-Encoding: gzip
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 740
Last-Modified: Tue, 23 Apr 2024 22:33:16 GMT
Server: AkamaiNetStorage
ETag: "d571540f4aba06509959f262dbef4f4e:1713911608.636996"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31155719
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

OPTIONS
H2 204 x
a.vturb.net/ 0
0 429ms
116ms Preflight 52.73.156.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vturb.net/x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.156.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-156-111.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.riqueza-oculta.bellasmulheres.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,Content-Length,Content-Type
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 43200
date: Sat, 08 Jun 2024 05:02:43 GMT

OPTIONS
H2 403 check
api.vturb.com.br/vturb/ 0
0 430ms
119ms Preflight
text/html 54.91.142.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.vturb.com.br/vturb/check
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.91.142.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-142-155.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.riqueza-oculta.bellasmulheres.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

content-length: 520
content-type: text/html
date: Sat, 08 Jun 2024 05:02:43 GMT
server: awselb/2.0

GET
H2

200

w-logo-blue-white-bg.png
riqueza-oculta.bellasmulheres.fun/wp-includes/images/
Redirect Chain

https://www.riqueza-oculta.bellasmulheres.fun/favicon.ico
https://riqueza-oculta.bellasmulheres.fun/wp-includes/images/w-logo-blue-white-bg.png

4 KB
4 KB

266ms
146ms

Other
image/png

192.185.223.123
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://riqueza-oculta.bellasmulheres.fun/wp-includes/images/w-logo-blue-white-bg.png
Protocol: H2
Server: 192.185.223.123 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: br300-ip03.hostgator.com.br
Software: Apache /
Resource Hash: 6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Sat, 08 Jun 2024 05:02:45 GMT
last-modified: Tue, 16 Nov 2021 08:34:02 GMT
server: Apache
accept-ranges: bytes
content-length: 4119
content-type: image/png

Redirect headers

location: https://riqueza-oculta.bellasmulheres.fun/wp-includes/images/w-logo-blue-white-bg.png
date: Sat, 08 Jun 2024 05:02:43 GMT
server: Apache
link: <https://riqueza-oculta.bellasmulheres.fun/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
content-length: 0
content-type: text/html; charset=UTF-8

POST
H3 201 access Show response
analytics.123tapronto.com/ 0
739 B 160ms
160ms XHR
text/plain 172.67.71.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.123tapronto.com/access

Requested by

Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/js/googletagmanager.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sat, 08 Jun 2024 05:02:44 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8BRZ7TPualr4XPTGeHP3OcG9pS%2B%2B1P1myLtoT4K4n4ORwfyHOsYoDF54S8V72Z5XC63R9%2F10OPpCSukPHPLTEPBGzH8giW9wwg%2FaJp0ed6Dsbt6ZqAUBHBRiZgzimVcpCuNASQiYJ35LBoE%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
cf-ray: 890654d62ccabbd4-FRA

OPTIONS
H3 204 access
analytics.123tapronto.com/ 0
0 331ms
256ms Preflight 172.67.71.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.123tapronto.com/access

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.riqueza-oculta.bellasmulheres.fun
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 890654d49b9abbd4-FRA
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sat, 08 Jun 2024 05:02:44 GMT
expect-ct: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IbXeCh5eJ09zFL2N7Im9kvjen9YVLUX7oeQZN%2B6zXg1ZD3sB%2FOFefyqLpV9QBcYhpYev5WFazemj%2B1YM8Pug4cqKCQONaElVOZvMifKiduYKmCGMLw2Rex1FNiuYJoZyyx5xUt21rRpRD1k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H/1.1 200
OK segment__00001.ts Show response
cdn.converteai.net/7d7658a2-5d2c-4c15-8c95-b9397fd025e0/662835a605334f0008a06b82/original_360p/ 512 KB
513 KB 126ms
126ms XHR
video/mp2t 2a02:26f0:7100::213:c673
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/7d7658a2-5d2c-4c15-8c95-b9397fd025e0/662835a605334f0008a06b82/original_360p/segment__00001.ts
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::213:c673 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 948b9e9e05b0129d44162b63f0fc5cfa39a52af51dd31b6cbf3fb11f8bd831de

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 08 Jun 2024 05:02:44 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 524708
Last-Modified: Tue, 23 Apr 2024 22:28:12 GMT
Server: AkamaiNetStorage
ETag: "1f0c1671f08aa8fdd43bb3533bd22331:1713911609.038142"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30869932
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
BLOB 200
OK 2a65eec5-7b47-4a18-bb92-b01048a1cbe5
https://www.riqueza-oculta.bellasmulheres.fun/ 80 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.riqueza-oculta.bellasmulheres.fun/2a65eec5-7b47-4a18-bb92-b01048a1cbe5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be2a02e27dddc8e2811b4cb346e192b8167d92f058576eb4f6120a68168e6d63

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 81521
Content-Type: text/javascript

GET
H/1.1 200
OK original_720p.m3u8 Show response
cdn.converteai.net/7d7658a2-5d2c-4c15-8c95-b9397fd025e0/662835a605334f0008a06b82/ 11 KB
1 KB 129ms
129ms XHR
application/x-mpegurl 2a02:26f0:7100::213:c673
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/7d7658a2-5d2c-4c15-8c95-b9397fd025e0/662835a605334f0008a06b82/original_720p.m3u8
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::213:c673 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4a102522b85d2e9d029f16227691898582cbe769f7b051d03bf1cc72880b29d5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 08 Jun 2024 05:02:44 GMT
Content-Encoding: gzip
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 740
Last-Modified: Tue, 23 Apr 2024 22:33:16 GMT
Server: AkamaiNetStorage
ETag: "0ca7c79a761b294fc9b43b8eb35f9cb4:1713911608.904526"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=30900131
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H3 200 script.js Show response
userstat.net/get/ 129 B
664 B 148ms
89ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userstat.net/get/script.js?referrer=https://www.riqueza-oculta.bellasmulheres.fun/
Requested by: Host: www.riqueza-oculta.bellasmulheres.fun
URL: https://www.riqueza-oculta.bellasmulheres.fun/js/googletagmanager.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: 15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 05:02:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.riqueza-oculta.bellasmulheres.fun
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMWg6CMiZuvEm1Rjk7rdwhJ7ulnC207p6ls9CLYNwbGk4jjznHQpTU%2FYCBEjS7dNi6t4r%2FVAttzLyv%2Fbd9GLHDs8JGlAvb%2Fi6EoY3aKAJDedhlB3eip8GfzeEtW%2BvhQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 890654d8a9a02c37-FRA
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK segment__00002.ts Show response
cdn.converteai.net/7d7658a2-5d2c-4c15-8c95-b9397fd025e0/662835a605334f0008a06b82/original_720p/ 2 MB
2 MB 126ms
126ms XHR
video/mp2t 2a02:26f0:7100::213:c673
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.converteai.net/7d7658a2-5d2c-4c15-8c95-b9397fd025e0/662835a605334f0008a06b82/original_720p/segment__00002.ts
Requested by: Host: cdn.converteai.net
URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::213:c673 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bc910f7ea7b76dd10c52262b1a5511d544f5b5c9daac206978405d0a3575d4e2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.riqueza-oculta.bellasmulheres.fun/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 08 Jun 2024 05:02:46 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1429301
Content-Length: 2416740
Last-Modified: Tue, 23 Apr 2024 22:28:13 GMT
Server: AkamaiNetStorage
ETag: "c47132032c5faa8edd683440629912ac:1713911674.672681"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: max-age=31099406
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.vturb.com.br
URL: https://api.vturb.com.br/vturb/check

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.riqueza-oculta.bellasmulheres.fun/	1970-01-20 21:11:02	Name: PHPREFS Value: full

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://cdn.converteai.net/lib/js/smartplayer/v1/smartplayer.min.js Message: Specifying 'overflow: visible' on img, video and canvas tags may cause them to produce visual content outside of the element bounds. See https://github.com/WICG/view-transitions/blob/main/debugging_overflow_on_images.md for details.
javascript	error	URL: https://www.riqueza-oculta.bellasmulheres.fun/ Message: Access to XMLHttpRequest at 'https://api.vturb.com.br/vturb/check' from origin 'https://www.riqueza-oculta.bellasmulheres.fun' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.vturb.com.br/vturb/check Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vturb.net
analytics.123tapronto.com
api.vturb.com.br
cdn.converteai.net
connect.facebook.net
fonts.cdnfonts.com
ipv4.wtfismyip.com
riqueza-oculta.bellasmulheres.fun
scripts.converteai.net
userstat.net
www.riqueza-oculta.bellasmulheres.fun
api.vturb.com.br
172.67.184.158
172.67.71.12
18.66.192.43
188.114.96.3
192.185.223.123
2a02:26f0:7100::213:c673
2a03:2880:f084:d:face:b00c:0:3
52.73.156.111
54.91.142.155
65.108.75.112
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67
16b5ed244caeaa43c5e9c70566868cff1f8a9747b49cb7e28b155d14085136fb
2196399293a8ae700a67361d312c9cfa7af3d04faf7bd3ef8b863636647f3356
22217e73d7c2a15683fd26f66769dc67bede36e640c794abefdb726dad731ae3
245a886854b254f3ec8b5e7279d7f7339afc9c30b8ea7633be9eb332041e56da
36a8ff1031e964bf34d5b07d53a60ecd9251ee526e531d5fe303dbb1139d1e69
4a102522b85d2e9d029f16227691898582cbe769f7b051d03bf1cc72880b29d5
5625d849f7a75659ca12366c85c17daeb3086ff370be29dad06e416ec7b58bb7
6642495536e32f47ea222a95a574e8a1bfe96299cef38f80b531cc4470f68748
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
6c44835c3943b1dbe37378105d4470fe2b74db86d7c9abaf9e4d53090a0b5970
6eb62c21196bebdb49ff482b53f3dafca5d48e717d3645f10d8f3dc431c39fc0
80bbfb6f7a160b1f84345fc2e783f9d56a24564d9e7212e4e3c6ee71ebd6058e
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
84307880af58e1118fd7ca5126977f96fed4930887bdae6ced9a275134319b56
8d515bc7c9f74ca24504ae02507b541951da47027b6668987f586218c3719976
948b9e9e05b0129d44162b63f0fc5cfa39a52af51dd31b6cbf3fb11f8bd831de
94c2a9b8734dc2142c15374e6c87677a8255baf404747008dcbffaaefc787299
9ad401635b426121313b0e14062b00cfb6a2e232d031da6a589ae0c065197805
a11b45f950168e9b74999a7fdb9d76f7eb2b08c045992ba1f9ae0b995be5cb9e
aa7854cdb983d5000de9f43bb60aa78210f947120bc91afc68d128e021fb6738
addad606e8c71d7d2120ea8632b7ad36729d33f7eee73a8820757b9f91ce5fbb
bc910f7ea7b76dd10c52262b1a5511d544f5b5c9daac206978405d0a3575d4e2
be2a02e27dddc8e2811b4cb346e192b8167d92f058576eb4f6120a68168e6d63
e24b724ac5fba2ca85911cb6b048480b1eec116bfe81b4faaf5107087e54199b
e316b7ae03682a08588a54b4e0afad4c00bb9f87cf44986d84c83d71d317c0ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8df477302d2d039e12368028c0f626ea9077db22b39ede60b0f15d12a98e83c

www.riqueza-oculta.bellasmulheres.fun Open in urlscan Pro 192.185.223.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

34 Requests

91 %HTTPS

20 %IPv6

9 Domains

11 Subdomains

11 IPs

4 Countries

4744 kBTransfer

5191 kBSize

1 Cookies

2 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

www.riqueza-oculta.bellasmulheres.fun Open in urlscan Pro
192.185.223.123 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

91 %
HTTPS

20 %
IPv6

9
Domains

11
Subdomains

11
IPs

4
Countries

4744 kB
Transfer

5191 kB
Size

1
Cookies

34 HTTP transactions
2 data transactions