dinheiro.osegredodaleidaatracao.com.br Open in urlscan Pro
213.136.68.210 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dinheiro.osegredodaleidaatracao.com.br/
Submission: On October 13 via automatic, source certstream-suspicious (October 13th 2021, 9:06:09 pm UTC) — Scanned from DE

Summary HTTP 136 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 25 domains to perform 136 HTTP transactions. The main IP is 213.136.68.210, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is dinheiro.osegredodaleidaatracao.com.br.
TLS certificate: Issued by R3 on August 15th 2021. Valid for: 3 months.

This is the only time dinheiro.osegredodaleidaatracao.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	213.136.68.210 213.136.68.210	51167 (CONTABO) (CONTABO)
2	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
5 5	172.67.185.33 172.67.185.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	172.67.221.31 172.67.221.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.16.136 172.217.16.136	15169 (GOOGLE) (GOOGLE)
1	191.252.140.63 191.252.140.63	27715 (Locaweb S...) (Locaweb Servicos de Internet SA)
2 4	104.16.106.139 104.16.106.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.198.22.192 34.198.22.192	14618 (AMAZON-AES) (AMAZON-AES)
14	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
10	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3	157.240.236.1 157.240.236.1	32934 (FACEBOOK) (FACEBOOK)
1 1	172.67.220.136 172.67.220.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	78.46.57.120 78.46.57.120	24940 (HETZNER-AS) (HETZNER-AS)
1 1	3.208.252.125 3.208.252.125	14618 (AMAZON-AES) (AMAZON-AES)
1	13.226.155.59 13.226.155.59	16509 (AMAZON-02) (AMAZON-02)
3	216.58.212.132 216.58.212.132	15169 (GOOGLE) (GOOGLE)
2	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
1	142.251.5.156 142.251.5.156	15169 (GOOGLE) (GOOGLE)
1	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
2	54.165.200.156 54.165.200.156	14618 (AMAZON-AES) (AMAZON-AES)
2	172.217.130.73 172.217.130.73	15169 (GOOGLE) (GOOGLE)
4	157.240.236.35 157.240.236.35	32934 (FACEBOOK) (FACEBOOK)
7	173.194.188.41 173.194.188.41	15169 (GOOGLE) (GOOGLE)
1	142.250.186.150 142.250.186.150	15169 (GOOGLE) (GOOGLE)
1	52.20.171.237 52.20.171.237	14618 (AMAZON-AES) (AMAZON-AES)
136	28

37 213.136.68.210 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: leadlovers.com

dinheiro.osegredodaleidaatracao.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.185.33 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

blob.llimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 172.67.221.31 (United States)

ASN13335 (CLOUDFLARENET, US)

blob.contato.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 191.252.140.63 (Brazil)

ASN27715 (Locaweb Servicos de Internet SA, BR)

www.mapamental.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.106.139 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

v2.zopim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.198.22.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-22-192.compute-1.amazonaws.com

launcher.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.74.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.220.136 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

static.whatshelp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.57.120 (Leipzig, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.120.57.46.78.clients.your-server.de

static.getbutton.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.252.125 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-252-125.compute-1.amazonaws.com

eduzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-59.dus51.r.cloudfront.net

cdn.eduzzcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.132 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f132.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.5.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.165.200.156 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-200-156.compute-1.amazonaws.com

identification.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.130.73 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s08-in-f9.1e100.net

r4---sn-2gb7sn7r.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 173.194.188.41 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s31-in-f9.1e100.net

r4---sn-4g5ednse.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.150 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.171.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-171-237.compute-1.amazonaws.com

tracking-api.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	osegredodaleidaatracao.com.br dinheiro.osegredodaleidaatracao.com.br	292 KB
28	contato.io blob.contato.io	2 MB
14	youtube.com www.youtube.com	735 KB
10	gstatic.com fonts.gstatic.com	192 KB
9	googlevideo.com r4---sn-2gb7sn7r.googlevideo.com r4---sn-4g5ednse.googlevideo.com	1 MB
5	hotmart.com launcher.hotmart.com identification.hotmart.com tracking-api.hotmart.com	9 KB
5	llimages.com 5 redirects blob.llimages.com	2 KB
4	facebook.com www.facebook.com	692 B
4	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net static.doubleclick.net	3 KB
4	zopim.com 2 redirects v2.zopim.com	246 KB
3	google.com www.google.com	14 KB
3	facebook.net connect.facebook.net	313 KB
3	googletagmanager.com www.googletagmanager.com	114 KB
2	google.de www.google.de	632 B
2	getbutton.io 1 redirects static.getbutton.io	85 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	zdassets.com static.zdassets.com ekr.zdassets.com	7 KB
2	googleapis.com fonts.googleapis.com	4 KB
1	ytimg.com i.ytimg.com	73 KB
1	ggpht.com yt3.ggpht.com	4 KB
1	eduzzcdn.com cdn.eduzzcdn.com	2 KB
1	eduzz.com 1 redirects eduzz.com	105 B
1	whatshelp.io 1 redirects static.whatshelp.io	593 B
1	googleadservices.com www.googleadservices.com	15 KB
1	mapamental.org www.mapamental.org	742 B
136	25

	Domain	Requested by
37	dinheiro.osegredodaleidaatracao.com.br	dinheiro.osegredodaleidaatracao.com.br
28	blob.contato.io	dinheiro.osegredodaleidaatracao.com.br
14	www.youtube.com	dinheiro.osegredodaleidaatracao.com.br www.youtube.com
10	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
7	r4---sn-4g5ednse.googlevideo.com	www.youtube.com
5	blob.llimages.com	5 redirects
4	www.facebook.com	dinheiro.osegredodaleidaatracao.com.br
4	v2.zopim.com	2 redirects dinheiro.osegredodaleidaatracao.com.br v2.zopim.com
3	www.google.com	dinheiro.osegredodaleidaatracao.com.br www.youtube.com
3	connect.facebook.net	dinheiro.osegredodaleidaatracao.com.br connect.facebook.net
3	www.googletagmanager.com	dinheiro.osegredodaleidaatracao.com.br www.googletagmanager.com
2	r4---sn-2gb7sn7r.googlevideo.com	www.youtube.com
2	identification.hotmart.com	launcher.hotmart.com dinheiro.osegredodaleidaatracao.com.br
2	www.google.de	dinheiro.osegredodaleidaatracao.com.br
2	static.getbutton.io	1 redirects dinheiro.osegredodaleidaatracao.com.br
2	googleads.g.doubleclick.net	www.googleadservices.com www.youtube.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	launcher.hotmart.com	dinheiro.osegredodaleidaatracao.com.br launcher.hotmart.com
2	fonts.googleapis.com	dinheiro.osegredodaleidaatracao.com.br
1	tracking-api.hotmart.com	launcher.hotmart.com
1	i.ytimg.com	dinheiro.osegredodaleidaatracao.com.br
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.eduzzcdn.com	dinheiro.osegredodaleidaatracao.com.br
1	eduzz.com	1 redirects
1	static.whatshelp.io	1 redirects
1	ekr.zdassets.com	v2.zopim.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.zdassets.com	dinheiro.osegredodaleidaatracao.com.br
1	www.mapamental.org	dinheiro.osegredodaleidaatracao.com.br
136	31

This site contains links to these domains. Also see Links.

Domain
pay.hotmart.com
pay.juno.com.br
wa.me
getbutton.io

Subject Issuer	Validity	Valid
dinheiro.osegredodaleidaatracao.com.br R3	`2021-08-15` - `2021-11-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-11` - `2022-07-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
mapamental.org cPanel, Inc. Certification Authority	`2021-08-04` - `2021-11-02`	3 months	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
data.hotmart.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-24` - `2021-10-22`	3 months	crt.sh
*.getbutton.io Sectigo RSA Domain Validation Secure Server CA	`2021-09-09` - `2022-09-25`	a year	crt.sh
cdn.eduzzcdn.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.zopim.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-25` - `2022-05-31`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-09-28` - `2021-12-07`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
hotmart.com Amazon	`2021-07-12` - `2022-08-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://dinheiro.osegredodaleidaatracao.com.br/
Frame ID: CE42FE46B85F06A4BD02DC105EAB09EF
Requests: 106 HTTP requests in this frame

Frame: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
Frame ID: F77F2830BEF81C8768A33BEA3E1623BA
Requests: 30 HTTP requests in this frame

Frame: https://v2.zopim.com/lib/20200610.071112/__$$__stringtable_lang_pt.js
Frame ID: CC2B455D4E4292C5DB5612A37B16CE15
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Treinamento O Segredo da Lei da Atração Para Dinheiro

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Checkout

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Zendesk Chat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

v2\.zopim\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

136
Requests

100 %
HTTPS

0 %
IPv6

25
Domains

31
Subdomains

28
IPs

4
Countries

5711 kB
Transfer

10438 kB
Size

13
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://pay.hotmart.com/H12822305D?checkoutMode=10
Title: QUERO MINHA VAGA COM R$ 370,00 DE DESCONTO AGORA!

Search URL Search Domain Scan URL

URL: https://pay.juno.com.br/checkout.html?code=C25BE51DF8746170
Title: QUERO MINHA VAGA!

Search URL Search Domain Scan URL

URL: https://wa.me/5531992225577
Title: Envie uma mensagem

Search URL Search Domain Scan URL

URL: http://getbutton.io/?utm_campaign=multy_widget&utm_medium=widget&utm_source=dinheiro.osegredodaleidaatracao.com.br
Title: GetButton

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://blob.llimages.com/machine-files/builder/menudrop.css HTTP 301
https://blob.contato.io/machine-files/builder/menudrop.css

Request Chain 12

https://blob.llimages.com/machine-files/builder/allpages.builder.css HTTP 301
https://blob.contato.io/machine-files/builder/allpages.builder.css

Request Chain 54

https://blob.llimages.com/machine-files/builder/navdropdown.js HTTP 301
https://blob.contato.io/machine-files/builder/navdropdown.js

Request Chain 55

https://blob.llimages.com/machine-files/builder/pop-exit.js HTTP 301
https://blob.contato.io/machine-files/builder/pop-exit.js

Request Chain 56

https://blob.llimages.com/machine-files/amodels/webflow.js HTTP 301
https://blob.contato.io/machine-files/amodels/webflow.js

Request Chain 64

https://v2.zopim.com/?4vRqRYlt7CgMWnBf05pK19kwWAr5fqWt HTTP 302
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 93

https://static.whatshelp.io/widget-send-button/js/init.js HTTP 301
https://static.getbutton.io/widget-send-button/js/init.js HTTP 302
https://static.getbutton.io/widget/bundle.js

Request Chain 94

https://eduzz.com/dev/js/ea.js?v=1.0 HTTP 301
https://cdn.eduzzcdn.com/myeduzz/assets/ea.js?v=1.0

Request Chain 109

https://v2.zopim.com/w?4vRqRYlt7CgMWnBf05pK19kwWAr5fqWt HTTP 302
https://v2.zopim.com/bin/v/widget_v2.329.js

136 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dinheiro.osegredodaleidaatracao.com.br/ 87 KB
26 KB 166ms
132ms Document
text/html 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cd4624d3b096b50fe90cf519cd60c2bed824519438411bbe57eb40a4cdfc09b1

Request headers

:method: GET
:authority: dinheiro.osegredodaleidaatracao.com.br
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
access-control-max-age: 1728000
set-cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u; path=/; HttpOnly; SameSite=Lax
x-aspnetmvc-version: 5.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
date: Wed, 13 Oct 2021 21:06:04 GMT
content-length: 26302

GET
H2 200 bootstrap.css
dinheiro.osegredodaleidaatracao.com.br/builder/elements/css/ 124 KB
17 KB 15ms
14ms Stylesheet
text/css 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/css/bootstrap.css
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: df8a155067aecf06bf7f9964cbee639e49a02155d4e4817a14bcdee351e5c205

Request headers

:path: /builder/elements/css/bootstrap.css
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 17604

GET
H2 200 style.css
dinheiro.osegredodaleidaatracao.com.br/builder/elements/css/ 54 KB
9 KB 16ms
14ms Stylesheet
text/css 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/css/style.css
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f94bac8b94343f0386b168f8ea7cc5c50248c3af785ed49612b0d6bb6f2628cd

Request headers

:path: /builder/elements/css/style.css
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 9519

GET
H2 200 font-awesome.css
dinheiro.osegredodaleidaatracao.com.br/Content/ 39 KB
7 KB 16ms
14ms Stylesheet
text/css 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/Content/font-awesome.css
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6081e5ab192226d10d4ccbb32070bd11f65a079467886afb905ee3b9440952e7

Request headers

:path: /Content/font-awesome.css
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
etag: "07e826ad4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:56 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 7449

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 91ms
35ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 20:16:10 GMT
server: ESF
date: Wed, 13 Oct 2021 21:06:03 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:06:03 GMT

GET
H2 200 magnific-popup.css
dinheiro.osegredodaleidaatracao.com.br/builder/elements/css/ 8 KB
2 KB 16ms
14ms Stylesheet
text/css 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/css/magnific-popup.css
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 47e64ab09c885f5bcaa836d772a08c2b50a0a8721bf9ef576199201cb36fdbc4

Request headers

:path: /builder/elements/css/magnific-popup.css
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1948

GET
H2 200 iconfont-style.css
dinheiro.osegredodaleidaatracao.com.br/builder/elements/css/ 15 KB
3 KB 17ms
15ms Stylesheet
text/css 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/css/iconfont-style.css
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 001d01ead141493411c7e856d3326adc22a2d4bad3ae4a57d32b85ac2b0dd7ae

Request headers

:path: /builder/elements/css/iconfont-style.css
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 2701

GET
H2 200 animate.css
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/animations/ 73 KB
4 KB 28ms
26ms Stylesheet
text/css 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/animations/animate.css
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 668b90c3bed422fa7ce2453a294ceb2fd81419d2ad13813d53e8501072d79f16

Request headers

:path: /builder/elements/scripts/animations/animate.css
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 4343

GET
H2 200 popup.css
dinheiro.osegredodaleidaatracao.com.br/builder/elements/css/ 4 KB
872 B 28ms
27ms Stylesheet
text/css 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/css/popup.css
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 02e9d246798b2321639215065e2b51bea3b04ce67de116f67ca9a941dcaa4f90

Request headers

:path: /builder/elements/css/popup.css
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 826

GET
H2

200

menudrop.css
blob.contato.io/machine-files/builder/
Redirect Chain

https://blob.llimages.com/machine-files/builder/menudrop.css
https://blob.contato.io/machine-files/builder/menudrop.css

2 KB
1 KB

437ms
108ms

Stylesheet
text/css

172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blob.contato.io/machine-files/builder/menudrop.css
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec917657f5942d1cf3f5fa060ceb125e1af952a06325fad19e0f08aeceef3cb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: JJNpfDzxKNCYrtCEEquVxA==
age: 5719
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Mon, 06 Mar 2017 18:37:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRozQ1E509VbL9x5hH0wle34KdP4aoNl8UL3IdgsKBOi%2BQWjQMkdjRrdGhgjnrkz9Beqf3pwGXE2uTDHTiKXOOw0i3GJ9nQ0bFU1q9CV4XoEtDPPSimczePqQbtveDQ38pk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-ms-request-id: 3a2e15b7-901e-0028-710c-983f4f000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 69db8795797e56d4-IAD

Redirect headers

date: Wed, 13 Oct 2021 21:06:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uswnx48v1J%2FbPwnAcrPHrDP0xX61m6uT%2BZ%2Bpeyw8zVyfqJj%2F1Elb7Dg0Oc9HgQJgHxAz3Yaj5aUC%2FHmzFwvZ4LBchB95R1Ou3HtN%2BwexZ5FSUT4pIp3eEHywLQty%2FU7%2Bc8mW6g%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://blob.contato.io/machine-files/builder/menudrop.css
cache-control: max-age=3600
cf-ray: 69db8792fcb1543f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 13 Oct 2021 22:06:03 GMT

GET
H2 200 jquery-1.11.2.min.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 94 KB
33 KB 28ms
27ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/jquery-1.11.2.min.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec

Request headers

:path: /builder/elements/scripts/jquery-1.11.2.min.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 33380

GET
H2 200 html5shiv.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 2 KB
2 KB 29ms
28ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/html5shiv.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3217cc8b501b86b92da66d9e9d2b3f598adbf7c3e16087c0c69e2102a82ae8fe

Request headers

:path: /builder/elements/scripts/html5shiv.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
etag: "5876596ad4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1574

GET
H2 200 respond.min.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 4 KB
2 KB 28ms
27ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/respond.min.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9f08735bf3fd827bd630f3a6f3830af01cd045131d8bc8aeb7132e62c61c3a0c

Request headers

:path: /builder/elements/scripts/respond.min.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 2227

GET
H2

200

allpages.builder.css
blob.contato.io/machine-files/builder/
Redirect Chain

https://blob.llimages.com/machine-files/builder/allpages.builder.css
https://blob.contato.io/machine-files/builder/allpages.builder.css

62 KB
10 KB

440ms
112ms

Stylesheet
text/css

172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blob.contato.io/machine-files/builder/allpages.builder.css
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b592cff0f9570c871bad97f9f51f58741b8cb30269d4a5408cc2804e19470091

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: XyTqW8HhCCJvbF7ufs+/zA==
age: 5500
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Thu, 11 Feb 2021 22:04:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMcJUX7%2F8Ni%2BU5sP5lWv1RuoVC1zyRntstxS7Lx7DDlVWt8QdeyKw0xHZ4co6jsidlriJEdET1m%2Fv6dsR6NOtcDU380zllgwNiEwRzemrurkC43nJA%2BYkdIcRn7bJK5iBzc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-ms-request-id: db602b47-d01e-0042-5e0b-9863e4000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 69db8795798256d4-IAD

Redirect headers

date: Wed, 13 Oct 2021 21:06:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhPCQ60HEWZghh9uCQ76XHcqLX0%2FFEu0qnzcV6SOSu%2BYFcV4RLJWmWjRzlSGYouJN6IsRx%2BW1fmkIMTUL1fQ%2FpQJAA4CnI1rP3Ju2vrjeJoqNZXSD06CYW5RBYm4a6e0VVHB1A%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://blob.contato.io/machine-files/builder/allpages.builder.css
cache-control: max-age=3600
cf-ray: 69db8792fcb2543f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 13 Oct 2021 22:06:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 89ms
37ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1020728123

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c423e412ad267cb49e3917d240f6237f978f29f7fd8f8c0a239b4029e9475067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39112
x-xss-protection: 0
expires: Wed, 13 Oct 2021 21:06:03 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 108ms
57ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5346736-31

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bde2d438b75926f92b81fb17e3f5fbf58e3c38bf444c0c0a1373ba94b325c8ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38623
x-xss-protection: 0
expires: Wed, 13 Oct 2021 21:06:03 GMT

GET
H2 200 img-306606-20180708221951.png
blob.contato.io/machine-user-images/ 19 KB
19 KB 530ms
523ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-306606-20180708221951.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aa3a4358606d29a00a882124ca983cbe0fab884b8875e41ad005e142f1ec151

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: nNqFNFwcY/E2UKJ9QEiXvQ==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19207
x-ms-lease-status: unlocked
last-modified: Mon, 09 Jul 2018 01:22:24 GMT
server: cloudflare
etag: 0x8D5E53A6D70D719
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9WSIC1%2BqwyfDTod7nchPSoE8ZenNf6eaoOqddu4PDgz6IwP0JwspuXyyATuPVB0w%2FU0ySvoyG1r9rAg82Xih5EQqqUmMFhDxjESyxK2yQOezUZ6TmN2E6ITISEc9Zhz6mo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 64069bc7-501e-0058-2276-c04c8b000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db87964af556d4-IAD

GET
H2 200 coment%C3%A1rios-plataforma-25-09-img-306606-20180925160157.png
blob.contato.io/machine-user-images/ 279 KB
279 KB 445ms
438ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/coment%C3%A1rios-plataforma-25-09-img-306606-20180925160157.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e9a1d5e3a2bee09c0181ac471bc67d186975eae53b8d35290c9f42f930ade53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: 0IC6Xoshru56LCXZMetogA==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 285441
x-ms-lease-status: unlocked
last-modified: Tue, 25 Sep 2018 19:01:58 GMT
server: cloudflare
etag: 0x8D623195E8FF152
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fh8%2BOpophQZHnWQ3uOpjiQ40rDK3ce8ANNlZZoSmuDJ74kc4tJelTlSZhtacy2ioSlwujC9I7Jg9gCBY6Ikt4HUN5s3YnRdk%2FDekmgXW%2FwwKhH%2FgW%2FCdEkiugehra%2FZOR1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 4b56a860-201e-0018-4276-c06565000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db87964af856d4-IAD

GET
H2 200 coment%C3%A1rios-plataforma-25-09-1-img-306606-20180925161153.png
blob.contato.io/machine-user-images/ 212 KB
213 KB 529ms
522ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/coment%C3%A1rios-plataforma-25-09-1-img-306606-20180925161153.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7381aa21e062cf90c6e859a33680ff6ae1ba5b55bdead62f8f577fa58f970e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: +tL3MBZ0/oLwgfeQy96gSw==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 216998
x-ms-lease-status: unlocked
last-modified: Tue, 25 Sep 2018 19:11:55 GMT
server: cloudflare
etag: 0x8D6231AC22AC7EE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYr4ksrJZLydLmZdX9%2FkQFol7HsIGguqoefWbWVRIkoph90ASxca5h4m2cc2Vya0WYyzsz1n647vO1VYZ8ZQ9bxxZGbo2L3zAaXHai9er75dhC3mRZVtNkC%2BRZg2%2FcSG1bQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 29eb0462-501e-003e-6076-c0fed1000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db87964b0a56d4-IAD

GET
H2 200 img-306606-20161225202333.png
blob.contato.io/machine-user-images/ 22 KB
23 KB 530ms
523ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-306606-20161225202333.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91a84b180b27ebbadb9ac78e22a48bd669d65a6f9b91a055744b01598951f3ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: 88jdwzH3z+dzSOnA5iqV0w==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22808
x-ms-lease-status: unlocked
last-modified: Sun, 25 Dec 2016 22:24:32 GMT
server: cloudflare
etag: 0x8D42D14CD18B7DB
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srj8Rs%2FQK19Jqd%2FblnoAUX6O2A%2BFpRWNOI3DliadE5ChqA8usycdvBllLggvsVPcBRsoa1wyM97A2wGA4I74PzVPcnlmUVOtiam99xXlW4vRCkkP0r4N2qMCyrOyY3GQWBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: e50883dd-301e-0048-6f76-c07a6d000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db87964b0b56d4-IAD

GET
H2 200 img-306606-20161225202350.png
blob.contato.io/machine-user-images/ 6 KB
7 KB 427ms
420ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-306606-20161225202350.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03df59091850c3eb88d1154e26e754e85c3628ed12acd1f5e5bc92f3a85f447b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: 99NA2l96RzOmU6FIJl8aPw==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6420
x-ms-lease-status: unlocked
last-modified: Sun, 25 Dec 2016 22:24:49 GMT
server: cloudflare
etag: 0x8D42D14D6F92579
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptLLXR32%2BYHeV8tuCcrakDaNyolsuLIohwqTjbMQzlgDCpuDcglE82F7dZvu28AEBLxpTK3Oi5VeOK4vlJK5Cs5odzg9gcX0uzWBzzAeEM30SIsDY9VjxkcWhiG7YPdkCgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 8b4d2fe7-c01e-003b-7976-c00aae000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db87964b0c56d4-IAD

GET
H2 200 img-306606-20180710120357.png
blob.contato.io/machine-user-images/ 47 KB
47 KB 649ms
642ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-306606-20180710120357.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 025231adce6ea3cd87e1c13c8cfea0cbfd8829afd3623519838eb53491292ee0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: slv3uayh/V6n7wvB41eTsw==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 48176
x-ms-lease-status: unlocked
last-modified: Tue, 10 Jul 2018 15:06:24 GMT
server: cloudflare
etag: 0x8D5E676B3D35F30
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Si9HDMf2JUfBI1h9HpZ2eEBo44i%2Bhaz%2F7C5Mxmln7VBFiO%2FCt6RZrqSseu0VJywkkVGKsjIdeM96BwXH5ddPpPcyE0G2YhddKrsQLTRVFta%2BwDJVnnQ%2BACo7m%2BGdVIb7bsg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 72c3afa7-d01e-0024-4b76-c0d1be000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db87964b0d56d4-IAD

GET
H2 200 img-306606-20170812001118.png
blob.contato.io/machine-user-images/ 4 KB
4 KB 422ms
415ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-306606-20170812001118.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf7221373593c0e4a65faa4c287d7ffb1e72ad132657afce892f394ca012fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: WRi87W0/oVZsWrK66S4O3w==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3735
x-ms-lease-status: unlocked
last-modified: Sat, 12 Aug 2017 03:12:25 GMT
server: cloudflare
etag: 0x8D4E12FF526FE67
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3TVoxQvD9QslH3bn9YajuRWA17UWY8Cd3tC4BDdIlzOmDx9%2BjSNdUu3o8q6sw1jgI0g9uLknFFh2EszRKDO0Jdf6dw7uevvNVVjaPzwGsNWT6DTjMqJMVWmnIp1o2TGl90%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 64fe5b5f-001e-0062-3d76-c00f28000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db87965b0f56d4-IAD

GET
H2 200 img-306606-20170812001032.png
blob.contato.io/machine-user-images/ 3 KB
4 KB 435ms
429ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-306606-20170812001032.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65d1f4107edac074187a9860cd5b04c7ccdbb8ce826ce02d123ac73e3fa417e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: LVRA5Qec3kqLy05viqMMag==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3351
x-ms-lease-status: unlocked
last-modified: Sat, 12 Aug 2017 03:11:40 GMT
server: cloudflare
etag: 0x8D4E12FD9D01B1A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGQPfW4cF82%2BobtnkFpD%2FT4IJkW88dhzFZff3%2BL0tuI42k08b5pJC5WLG6FMV63JfykIKa5kAulRRIsS%2FQotAeFlXyChaWck5c5%2FtzYBYOFvX9%2BEhM5%2FxnovNT31MUgpqys%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: ca077a1f-901e-004e-0876-c08d15000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db87965b1156d4-IAD

GET
H2 200 img-306606-20170812001056.png
blob.contato.io/machine-user-images/ 4 KB
4 KB 433ms
427ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-306606-20170812001056.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da23668bd9fe558ee9a709ffbccc92f80f66bc9e8cc4575e3663ab2338da136f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: wPf9NVPbuj6+35NyUl4G3g==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4028
x-ms-lease-status: unlocked
last-modified: Sat, 12 Aug 2017 03:12:03 GMT
server: cloudflare
etag: 0x8D4E12FE81BA72F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbFoCBnAwKnWZ9y%2FDwX32KMpzhaXlKHLsrtEkU0KBb%2B9xvXNaGRNhbYlOqn9bsszMAuaRcIdOxMoLiI%2BFSsxMsQQ%2FBsNMhX1ekc9z6ERwU6FQCH%2B9RRi4Se3VKmOaTX%2BBeg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 4640bc83-001e-000f-2376-c0a506000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db87965b1256d4-IAD

GET
H2 200 img-306606-20170812004832.png
blob.contato.io/machine-user-images/ 4 KB
4 KB 525ms
519ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-306606-20170812004832.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf3710ca42851be21ee425f876a5551d572ff4cc2d184bfee679286efaae0c83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: d6T2tcMbmWyMlvtniDkr8A==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3763
x-ms-lease-status: unlocked
last-modified: Sat, 12 Aug 2017 03:49:39 GMT
server: cloudflare
etag: 0x8D4E13528C0BB24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgkT0qisSHZM4f0so0IAaYnbcP8awTXK1TO6z8yE49DlS%2BxfADYkre1PbEaHFQKkBSQQG1QnMtdF2d41FF5tGRvrWES8W9PUpZRAWScyWT3334o9KOimc4%2FKcPgw%2FsoaLnM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 6bacccc3-801e-005a-7b76-c04e71000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db8796aba356d4-IAD

GET
H2 200 img-306606-20171004011553.jpg
blob.contato.io/machine-user-images/ 31 KB
32 KB 330ms
324ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-306606-20171004011553.jpg
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8a0f6dac1867d481bc092876107d3e74a90796c731ffd832fe1223f497a748a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: s6GBHjVUsLu1zzKJyiOcgA==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31661
x-ms-lease-status: unlocked
last-modified: Wed, 04 Oct 2017 04:17:23 GMT
server: cloudflare
etag: 0x8D50ADED02E059C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJRmd4WPg8e13R8eTuffC6vsL1os8zHPBlFOtC7eZPv3PB68CI9KFhPsthIPqOZYxIAlozd4CA90Wzn8B%2Bv3WPQLewzs2zsSg3qfZsrKbmAypQnBYpbqXaL1TMxEFSky%2FoE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: a9400e06-f01e-001a-4576-c0679f000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db8796aba656d4-IAD

GET
H2 200 img-306606-20171004012408.jpg
blob.contato.io/machine-user-images/ 13 KB
13 KB 313ms
307ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-306606-20171004012408.jpg
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4d385cd8529ac74ffacc1d9be04b4a4429da56b0ee53babb9c84912670d3873

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: N/7kOgpGgFVH/anU4erpiw==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12881
x-ms-lease-status: unlocked
last-modified: Wed, 04 Oct 2017 04:25:38 GMT
server: cloudflare
etag: 0x8D50ADFF74FC78C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POi35iUHsbEOI97%2Fs3TPsbOL76OrqSb%2F7y557%2FvIM5eQhD%2FzQmAMnJ3kpHubovK%2FlLVE6mD3TzJ5Vt9pp3gbngBW4id7pg8nLyxC1H6x5QaKmFfvW%2Ftgye1mthxbgF1ugvY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 06403573-601e-0014-6d76-c08b94000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db8796aba856d4-IAD

GET
H2 200 img-306606-20171004012424.jpg
blob.contato.io/machine-user-images/ 127 KB
127 KB 713ms
707ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-306606-20171004012424.jpg
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 532cc506a6fe497917a6b1907e99c35dbe089da8702423cea82d89fb3d684428

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: mRhZjZ+O+X9FTOGIga8/Wg==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 129584
x-ms-lease-status: unlocked
last-modified: Wed, 04 Oct 2017 04:25:54 GMT
server: cloudflare
etag: 0x8D50AE000AFB5C1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqSVL%2BQYH%2F%2B8OvTZqI%2FACulVPs4YGZRaFXOVPXn2%2FBchp3aQH3m6aZKYHagqu7urC%2Bb7Mb%2FSz5xjFh8FKAeDDe2UZ2GNkh%2FFb%2B2SEePTyEbFMGod1B3KWDmRtIFZQYMZS0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: ed528330-001e-0040-2476-c0611e000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db8796abaa56d4-IAD

GET
H2 200 img-306606-20170621011936.jpg
blob.contato.io/machine-user-images/ 352 KB
353 KB 912ms
906ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-306606-20170621011936.jpg
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eba9d539df6ae72f35176cdb5bebf48fd5f4ad1106367f01fc5b80e147d4ff70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: cCg86bf8BcBiS7WQtz8+Lg==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 360305
x-ms-lease-status: unlocked
last-modified: Wed, 21 Jun 2017 04:20:27 GMT
server: cloudflare
etag: 0x8D4B85CD839E42E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HhE%2BVraD4m4rtFhkIEOaJB8Ew1%2B%2Ful4Cz829aSLWBcpjrxB%2FU2fxR5ffMIT908CE9TSqMe1MKM%2B%2BQu0sJNKXM1n8OmPHdRctzYUZ5bRuArp7YTLKO6IbkOOyB7rBzzuVQA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 8b4d3001-c01e-003b-0e76-c00aae000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db8796abac56d4-IAD

GET
H2 200 img-18341-20160818165038.png
blob.contato.io/machine-user-images/ 6 KB
7 KB 416ms
411ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-18341-20160818165038.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d90ddefb489dd4d741a230f68b449de08b029fc17bbfb998fd46a0312f244e55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: u9H1uYTUvjMZV3MAS10+Hg==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6438
x-ms-lease-status: unlocked
last-modified: Thu, 18 Aug 2016 19:50:34 GMT
server: cloudflare
etag: 0x8D3C7A0EB089036
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYQP6Puun8zUWcFstiX4l%2BVd9x9pWBK%2B2oHD0QYtKdz3h1c8er4UxuHxvr1e274eJ30fM7xVmviF07ESuQnKBF%2BCIy5rEv5nnPNNcLuyfS%2F6Ycm%2BfzxVNN1QTIT3rx4t7jY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: e4638ba8-e01e-0005-3d7b-a5bc8f000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db8796abae56d4-IAD

GET
H2 200 img-18341-20160818165143.png
blob.contato.io/machine-user-images/ 6 KB
6 KB 182ms
176ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-18341-20160818165143.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d17764c5c6330d2505802be54e047fce4bcd7ec8d26869827f8e4972efbefec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: LtQtUbvufyyMnBgpjRERwA==
age: 6179
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6127
x-ms-lease-status: unlocked
last-modified: Thu, 18 Aug 2016 19:51:38 GMT
server: cloudflare
etag: 0x8D3C7A111851F33
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zi%2Fho2tiHeIq%2BXV80o%2FRvuBxBE7fsUUPimHg9uSzsJo6ovbvOwyx01P3uqhIx7ZNtQMqzJuFrftfkJ78E1Xn6xf2YXoCbvxaeGCkDqr2%2FmVng2pJMCcyfzFCnWz1TDBilgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 4224e9f8-a01e-0020-1072-b0243c000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db8796abaf56d4-IAD

GET
H2 200 img-18341-20160818165241.png
blob.contato.io/machine-user-images/ 4 KB
4 KB 439ms
434ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-18341-20160818165241.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 629fe75d41f76ad17942620890170b3900c141f9b3361f80c0ed6713bf090bb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: LgCJzMXwgUBjHoOoNgGdEQ==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4081
x-ms-lease-status: unlocked
last-modified: Thu, 18 Aug 2016 19:52:37 GMT
server: cloudflare
etag: 0x8D3C7A13498FAC7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8w0toSTdzMqN775tK6Mhkq825Hjs9RMvn2GwrNDAlplS%2B1vJwMHT6f6LX9Y0ceXc1Gdc2SxKH2XqK39oi%2BZLmQZOBv69g0%2BZWaU0o9CrSV2xi0VTBuiuV6ya9kK%2FvG%2F6GjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: a495358c-101e-001b-1c7b-a56662000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db8796abb156d4-IAD

GET
H2 200 img-18341-20160818165348.png
blob.contato.io/machine-user-images/ 5 KB
6 KB 527ms
522ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-18341-20160818165348.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 772396b93bbc2b49886865d6d6a8bd735ddcb0f93c0524f3b0f06a07b81e3b3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: pBDOgcpUTxVq0uyawiz6rw==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5340
x-ms-lease-status: unlocked
last-modified: Thu, 18 Aug 2016 19:53:43 GMT
server: cloudflare
etag: 0x8D3C7A15BFB805D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KMCTDKsStlzy54oGXzgVStXCvHhxivawW3m3gBi24G6ArRbwz4zlO3sdrKmmYOxVu90imVsbzYiG3EPM0E5arscdGMhgXDVUPMBhYHCtypO9720cQ%2Fsw1IShLA%2FORxOvWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: c4bcf45d-801e-0037-7876-98e45f000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db8796abb256d4-IAD

GET
H/1.1 200
OK seta-laranja.png
www.mapamental.org/curso/imgs/ 500 B
742 B 1858ms
244ms Image
image/png 191.252.140.63
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mapamental.org/curso/imgs/seta-laranja.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 191.252.140.63 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: 8bf8e13b3faec71a23e3747a41298a6299de8e80c81d720994f34e1329d5d2db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:06:05 GMT
Last-Modified: Sun, 04 Mar 2018 18:59:38 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 500

GET
H2 200 mockup-plataforms-hotmart-sdlad-img-306606-20190415184729.png
blob.contato.io/machine-user-images/ 385 KB
386 KB 523ms
518ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/mockup-plataforms-hotmart-sdlad-img-306606-20190415184729.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95dc7e6f49a67c65d925ae9492f80efa1c423cdce0f017755cf7fea0a79b0fb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: she1zHNv7Vixhj7pd9wy+A==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 394749
x-ms-lease-status: unlocked
last-modified: Mon, 15 Apr 2019 21:47:30 GMT
server: cloudflare
etag: 0x8D6C1EBF5A5145B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1r%2FI9XtRlXk4nPJbo2elIpGln%2BSs3g1yb2BqJe4Cz7gFt3EUKJUKpllAB12qfCfnChKU8j3%2B257KTxRRglmlZ3wYp192PgvHeEdfiTwKVmteSyMebveaqWg3%2Fjp%2FfzT4vo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 94d79a19-701e-004f-5476-c08ce8000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db8796abb556d4-IAD

GET
H2 200 img-306606-20180407202440.png
blob.contato.io/machine-user-images/ 42 KB
43 KB 713ms
708ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-306606-20180407202440.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 291903734c8af7a8ab03810fe944b962cf0e448bddb397ee6076c1c6c2b40d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: 4tsvIEJcbMVBu59aUpP0ig==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43144
x-ms-lease-status: unlocked
last-modified: Sat, 07 Apr 2018 23:25:50 GMT
server: cloudflare
etag: 0x8D59CDEE664E994
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdNwHWOERhZT9bSBajzdLZRGhmNbE7qAgrrh8nytyir0HVaj8qBB9mBVrbG457j4fTKq9j5EpeFxzq3Qem019wwNgJc9yEeesjevKhTM7LMmp5RJ7acywrACC6v6i%2BOA8o4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: c619ad85-601e-0036-2476-c0e5a2000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db8796abb756d4-IAD

GET
H2 200 img-306606-20161226011756.png
blob.contato.io/machine-user-images/ 5 KB
5 KB 323ms
319ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-306606-20161226011756.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ca793464ecdeb8522092dd482d894a44f63557b43076193a6d2e09c095ec48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: 5L4xJySqsXUPu2qCpN2g+Q==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4651
x-ms-lease-status: unlocked
last-modified: Mon, 26 Dec 2016 03:18:56 GMT
server: cloudflare
etag: 0x8D42D3DED36E64E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MhrxK1aXFEmTwisKRbEg7AzxwT9buYRpR2rb8STF%2BqKhUCYI1J068MkGKnH9t1OYBxhQykLu08TnAJJRWHW2VTUwJ%2FBZkYN3OkPnwnDQI%2BL7RmVLqOVM2fInCawfEICGUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: b8f961a8-a01e-004d-7676-c08e12000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db8796abb856d4-IAD

GET
H2 200 bootstrap.min.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 26 KB
7 KB 14ms
14ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/bootstrap.min.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 775b421c7ab418f51a4d3ab68341a2c3fa4339b486962b116518ae4a6d87ba39

Request headers

:path: /builder/elements/scripts/bootstrap.min.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 7129

GET
H2 200 jquery.validate.min.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 21 KB
6 KB 14ms
14ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/jquery.validate.min.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 806e0db9e5c58e0fb3216872f36b577c05fd85c132d2857effd68bf617c93b20

Request headers

:path: /builder/elements/scripts/jquery.validate.min.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 6523

GET
H2 200 smoothscroll.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 26 KB
7 KB 15ms
10ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/smoothscroll.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 934d76b68d78cf2c296cf8b3bd875d92252d2ef860863d06d327e21e22024c92

Request headers

:path: /builder/elements/scripts/smoothscroll.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 6951

GET
H2 200 jquery.smooth-scroll.min.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 3 KB
1 KB 37ms
29ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/jquery.smooth-scroll.min.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: be6207609e93dfb0c9bf8eaf578101c27e43f1df0fede33a6ed838743cb3bc9f

Request headers

:path: /builder/elements/scripts/jquery.smooth-scroll.min.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1326

GET
H2 200 placeholders.jquery.min.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 5 KB
2 KB 38ms
28ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/placeholders.jquery.min.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4e22e1fc1d6409db889ea80e639f9ac3ce16b23c35b23bf89ebb06e52cb8963f

Request headers

:path: /builder/elements/scripts/placeholders.jquery.min.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1756

GET
H2 200 jquery.magnific-popup.min.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 20 KB
7 KB 38ms
28ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/jquery.magnific-popup.min.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 29649dd5311ae06eb0639f2655f35be5da744bf41556d1a1c32d326994d77869

Request headers

:path: /builder/elements/scripts/jquery.magnific-popup.min.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 7618

GET
H2 200 jquery.counterup.min.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 1 KB
806 B 39ms
29ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/jquery.counterup.min.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3145a2ee536ea38dbcb2563fe7dad866ca2bceff859249e069cf33224f43b7cd

Request headers

:path: /builder/elements/scripts/jquery.counterup.min.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "5876596ad4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 760

GET
H2 200 waypoints.min.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 8 KB
3 KB 39ms
30ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/waypoints.min.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 41ff0d2c210b6caac0f4f59e66664beb5ab04b5c2baa360247b3de36bea014d6

Request headers

:path: /builder/elements/scripts/waypoints.min.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 2608

GET
H2 200 video.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 54 KB
17 KB 40ms
31ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/video.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5c1e7d38cca25d3d96821bd6d1285c66de1e98954d561868cd7681463dfb2e6b

Request headers

:path: /builder/elements/scripts/video.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 17084

GET
H2 200 bigvideo.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 11 KB
3 KB 41ms
31ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/bigvideo.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ddfa2698d0e94f34f301d26846e802529fdfba70a57255c3f544d2907b21d757

Request headers

:path: /builder/elements/scripts/bigvideo.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3174

GET
H2 200 wow.min.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/animations/ 8 KB
3 KB 41ms
32ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/animations/wow.min.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3162b6468674133d7b6c903e4b8a06f7faf51216d1e7f8b3edc8f326b1bfe461

Request headers

:path: /builder/elements/scripts/animations/wow.min.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 2706

GET
H2 200 jquery.jCounter-0.1.4.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 13 KB
4 KB 41ms
32ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/jquery.jCounter-0.1.4.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0e7ab1755ecdc85e26a65cc22ff6478029287611f5db6f704ce0600f8710de9d

Request headers

:path: /builder/elements/scripts/jquery.jCounter-0.1.4.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3600

GET
H2 200 jquery.autogrow-textarea.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 3 KB
1 KB 42ms
32ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/jquery.autogrow-textarea.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 677c86ee3a81750a39c1e559ac20f04712d0b05e684352a6a10bc2cbab01857b

Request headers

:path: /builder/elements/scripts/jquery.autogrow-textarea.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1075

GET
H2 200 globalize.js Show response
dinheiro.osegredodaleidaatracao.com.br/scripts/globalize/ 46 KB
13 KB 42ms
33ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/scripts/globalize/globalize.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 408e3f1a55e260698dc0586dd08c84ec6652acdcbaa6a6abb1437b59efd61449

Request headers

:path: /scripts/globalize/globalize.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "80141b6bd4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 13217

GET
H2 200 globalize.culture.pt-BR.js Show response
dinheiro.osegredodaleidaatracao.com.br/scripts/globalize/cultures/ 2 KB
1 KB 45ms
36ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/scripts/globalize/cultures/globalize.culture.pt-BR.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0a40474f9f620a7a5a5548360f379e3419e9d307b119a79bbbbb8931d9b7ceb0

Request headers

:path: /scripts/globalize/cultures/globalize.culture.pt-BR.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "8c4c8f6bd4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1159

GET
H2 200 custom.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 9 KB
2 KB 44ms
36ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/custom.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d99f385f57bce4688948238f5f2decb63505ed31708ff1c3d13db67a02091b27

Request headers

:path: /builder/elements/scripts/custom.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 2215

GET
H2 200 popup.js Show response
dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/ 10 KB
3 KB 45ms
37ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/popup.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fe3da02f63adf8e78681160fad93c693496c0a81285be102dc9f79b36088b821

Request headers

:path: /builder/elements/scripts/popup.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
etag: "80e7e969d4bed71:0"
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 2860

GET
H3

200

navdropdown.js Show response
blob.contato.io/machine-files/builder/
Redirect Chain

https://blob.llimages.com/machine-files/builder/navdropdown.js
https://blob.contato.io/machine-files/builder/navdropdown.js

2 KB
1 KB

102ms
101ms

Script
application/javascript

172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blob.contato.io/machine-files/builder/navdropdown.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae867e5416ea1b36fc3639fa34e0f05d0479564476dbcc070b53002f99e6f314

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: x4bwYb8liVm/Lv/38O5IOw==
age: 6203
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Fri, 08 Jun 2018 21:05:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmNxQ6cj5PzFkymHqe5%2Fs2aiaVZ2H3dfpudlFiCgd8n62YK%2FOXEi%2F8i2nZnk4M0YtEDsniFw5vhwiUsnM5p%2FFwsi14uZPl85BbE8sRqTaD16sMc%2F18PYhfgGdur32sGbGqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-ms-request-id: f5da6db3-b01e-001d-7024-2a911a000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 69db87971def5b1d-IAD

Redirect headers

date: Wed, 13 Oct 2021 21:06:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfXe0CrdX9QbgzH8hple21MYppDH%2BkWhJMEs3x3ElK5V%2B6Tj4J32L9SkDAVytP4sk%2BeZjtknkTnIaGXZLigPB4%2FNz2QAJuNbsS56%2FW4WGvWvvNEQJRaMUESdLhguZ0pXxJqueQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://blob.contato.io/machine-files/builder/navdropdown.js
cache-control: max-age=3600
cf-ray: 69db879609b7543f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 13 Oct 2021 22:06:03 GMT

GET
H3

200

pop-exit.js Show response
blob.contato.io/machine-files/builder/
Redirect Chain

https://blob.llimages.com/machine-files/builder/pop-exit.js
https://blob.contato.io/machine-files/builder/pop-exit.js

23 KB
9 KB

194ms
193ms

Script
application/javascript

172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blob.contato.io/machine-files/builder/pop-exit.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e179dda9a748b1407483b8cb1eefe85fa2e0fea0e665bc44d3c7a9eb3ed84bf4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: DLU2tqrmTJQ4yPRZNaLG1w==
age: 7127
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 08 Mar 2017 14:39:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9nl57zpgGuyBpjaCZQYfiPwv%2FILEWIwMwmtu0AQnJCc0l3HkCs1DFuFyYZXfWpukUrziSz0Jf4W0of7%2FRz%2BkO0xL3uLtjKngjYY7g4gNue0VLdx4rYFDZkygPgS1AC26N8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-ms-request-id: 64007232-801e-005a-2f24-2a4e71000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 69db87971df35b1d-IAD

Redirect headers

date: Wed, 13 Oct 2021 21:06:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4mdAbI9Vj6ifb0Q4yL%2F3D%2FM7ORk53unRqnI0rT7h9j8rk6i5b3iGU5Kg73q0EdRFVf6BI95nwORchV6gr6EcpkredgJEsa%2FUkcMPULZJQztvglu%2F%2BVbxO2fcybtFVceHtVXkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://blob.contato.io/machine-files/builder/pop-exit.js
cache-control: max-age=3600
cf-ray: 69db879609b9543f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 13 Oct 2021 22:06:03 GMT

GET
H3

200

webflow.js Show response
blob.contato.io/machine-files/amodels/
Redirect Chain

https://blob.llimages.com/machine-files/amodels/webflow.js
https://blob.contato.io/machine-files/amodels/webflow.js

51 KB
19 KB

105ms
104ms

Script
application/javascript

172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blob.contato.io/machine-files/amodels/webflow.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 511b02628ff5d0b2b4e8bef0191762da4c79143829e21709570bf275213df05f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: 8ojJQjWogAVDId5h3RqYTw==
age: 1656
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 11 Dec 2018 19:34:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6Oh6YWWHoG0DQsrLu%2BiqtalJjBvZRe7Y9n62tyCRMBn%2FsQ7c7nVmkRD8d5dhG6WcbMjesB0FH1BOzWPsHp5KbsbaNqulhblqiQBvGIlYkQmMpuHiQ2K9Htv9pfsd%2FPpcj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-ms-request-id: ef360582-501e-0035-5724-2ae6a5000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 69db87971df85b1d-IAD

Redirect headers

date: Wed, 13 Oct 2021 21:06:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uj74yZgMGWwC9VIkT3KOxyv%2FIZz1Q2iAykLxKWSLCQQHBQqcc4ZYjRXqVk%2F%2FDefhRwNRvGARvjIueCSI8%2BD18nQF4HGLn3aHDg8TFiu%2Fm70HXYANTAw0feQv1qq35vGAFcagPw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://blob.contato.io/machine-files/amodels/webflow.js
cache-control: max-age=3600
cf-ray: 69db879609ba543f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 13 Oct 2021 22:06:03 GMT

GET
H2 200 carousel.v2.css
dinheiro.osegredodaleidaatracao.com.br/Content/ 5 KB
1 KB 45ms
37ms Stylesheet
text/css 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/Content/carousel.v2.css
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 48b225ccf2070f53a914e5f01200de1887d532cdd3eaef69552b90f44b149dfb

Request headers

:path: /Content/carousel.v2.css
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 19:15:56 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "07e826ad4bed71:0"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 984

GET
H2 200 page-advertising
dinheiro.osegredodaleidaatracao.com.br/Contents/ 3 KB
1 KB 50ms
42ms Stylesheet
text/css 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/Contents/page-advertising?v=OIjdLiP3zDbbwyGzc4HCP78v7aQq62NmROEun6odIEE1
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 160dbd2ee21a3e66aabaa25009faf56558ede3d2d3926d7b2f44627a072b062b

Request headers

:path: /Contents/page-advertising?v=OIjdLiP3zDbbwyGzc4HCP78v7aQq62NmROEun6odIEE1
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 21:06:05 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public
access-control-allow-headers: *
content-length: 954
expires: Thu, 13 Oct 2022 21:06:05 GMT

GET
H2 200 globalize Show response
dinheiro.osegredodaleidaatracao.com.br/bundles/ 22 KB
9 KB 52ms
47ms Script
text/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/bundles/globalize?v=Z7dQo83eosj7yLn2TxGEoPKpiluP65U_S4JHNU9GjkM1
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 660f26906289cf284b8ff2fe63b91605ca4cded25cc2d4e411b4aa0ab76daa15

Request headers

:path: /bundles/globalize?v=Z7dQo83eosj7yLn2TxGEoPKpiluP65U_S4JHNU9GjkM1
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 21:06:05 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public
access-control-allow-headers: *
content-length: 9649
expires: Thu, 13 Oct 2022 21:06:05 GMT

GET
H2 200 page-views Show response
dinheiro.osegredodaleidaatracao.com.br/bundles/ 357 B
405 B 48ms
43ms Script
text/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/bundles/page-views?v=RFS_9pcQpAX3kK36TH6nfMX6edR9IzqGFT5-MduLznc1
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 730458e207108233af8e957278708556f83f3ea6288c700da49a410d5ada78f8

Request headers

:path: /bundles/page-views?v=RFS_9pcQpAX3kK36TH6nfMX6edR9IzqGFT5-MduLznc1
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 21:06:05 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public
access-control-allow-headers: *
content-length: 355
expires: Thu, 13 Oct 2022 21:06:05 GMT

GET
H2 200 jquery.form.js Show response
dinheiro.osegredodaleidaatracao.com.br/scripts/ 44 KB
12 KB 42ms
38ms Script
application/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/scripts/jquery.form.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: afcaa42bb195222c7256c171ce771cdbd5feaa48db36fd8a314ae170e981d94d

Request headers

:path: /scripts/jquery.form.js
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
last-modified: Mon, 11 Oct 2021 19:15:57 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "80141b6bd4bed71:0"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12255

GET
H2 200 page-capform Show response
dinheiro.osegredodaleidaatracao.com.br/bundles/ 6 KB
3 KB 47ms
42ms Script
text/javascript 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/bundles/page-capform?v=SVH637SNt3fyGAlW1ZceE5_N7LET8ioMGXdH_7trJZE1
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 052a9808fb9024ecf5d6564168d6efc211d7e312dae963ae474f8699e2e3b5a0

Request headers

:path: /bundles/page-capform?v=SVH637SNt3fyGAlW1ZceE5_N7LET8ioMGXdH_7trJZE1
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 21:06:05 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: public
access-control-allow-headers: *
content-length: 2493
expires: Thu, 13 Oct 2022 21:06:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 35 KB
2 KB 73ms
35ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

584fff3df47d9723f3bfef48ce73d2383cc69dffcfa9435af90ac188928605f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 21:06:03 GMT
server: ESF
date: Wed, 13 Oct 2021 21:06:03 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Wed, 13 Oct 2021 21:06:03 GMT

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/
Redirect Chain

https://v2.zopim.com/?4vRqRYlt7CgMWnBf05pK19kwWAr5fqWt
https://static.zdassets.com/ekr/asset_composer.js

20 KB
6 KB

47ms
22ms

Script
application/javascript

104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-amz-request-id: 7R60D29VD5WXRAT1
x-amz-id-2: N5c4rzPUplHeYST2CS/TjJ5ZFEMVbnhyJK6vhOlLgu66lo7gX603lJG09iJVamdlTfqQ/1yCLls=
last-modified: Wed, 09 Jun 2021 00:08:58 GMT
server: cloudflare
etag: W/"cc904f41324148b571599b3b02fdec0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u1b1N8jnOiobwjsNLzRREPat1pWvyj6QPGyaZnkkaCnOSYNwV0%2FSS6mqpHBejML4zZB8Z%2FBzHgbBuvRn%2BrslTh1fKCC6aJMO5Wg302Z%2BeOH3GvGM0Flk7WbNKa3ei4SOeF4eNTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: K3SnbkxF6hLvuoHLDwjJyrnNVVhjkbLm
cf-ray: 69db8796da248766-DUS

Redirect headers

date: Wed, 13 Oct 2021 21:06:03 GMT
cf-cache-status: MISS
server: cloudflare
etag: "5ee9874c-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
location: https://static.zdassets.com/ekr/asset_composer.js
cache-control: max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray: 69db87964f56fadc-DUS
content-length: 0
expires: Thu, 14 Oct 2021 01:06:03 GMT

GET
H2 200 launcher.js Show response
launcher.hotmart.com/ 6 KB
3 KB 299ms
97ms Script
application/javascript 34.198.22.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://launcher.hotmart.com/launcher.js

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.198.22.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-22-192.compute-1.amazonaws.com

Software

Resource Hash

1690d9be98a0d0eae94c70bac71dbe9a8ba67fd946fb4f5ef3245d2c09253c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 21:06:04 GMT
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, no-store
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 2619
x-xss-protection: 1; mode=block
expires: Wed, 13 Oct 2021 21:06:04 GMT

GET
H2 200 koCduUs5c6g Show response
www.youtube.com/embed/ Frame F77F 57 KB
25 KB 144ms
81ms Document
text/html 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

7b3be0d7ef8e61c876771ee9f98e6c4f8371e42ba75df2a957797125afa130aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dinheiro.osegredodaleidaatracao.com.br/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 13 Oct 2021 21:06:03 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=6VIhMlCu24Q; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=oINHJmEhEc0; Domain=.youtube.com; Expires=Mon, 11-Apr-2022 21:06:03 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+438; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 background-img-306606-20190412165239.jpg
blob.contato.io/machine-user-images/ 282 KB
283 KB 707ms
706ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/background-img-306606-20190412165239.jpg
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9911f73f950714d87676b1ff3c4685c89a46d7d9c6415e6a8d62ff5baff3d594

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: 8/gUpQmNJQchb+HhINuyFw==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 289106
x-ms-lease-status: unlocked
last-modified: Fri, 12 Apr 2019 19:52:40 GMT
server: cloudflare
etag: 0x8D6BF806BAB25AE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbyzxIlRvIO8Q5WvDPwZvzHPbwPm7B1373NNMbkEcRXxM98tumuOIpmuWe9ZikDtG0fiuk6cI1Rt51IShTRlKef%2F1WzHdBsXwnSoCbO2oJ7TCgOyl%2Bmpl8IdM8XPtUVVoLw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: a61e15d4-601e-0050-2e76-c057f8000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db8796abbc56d4-IAD

GET
H2 200 marker-arrow-left-dark.png
dinheiro.osegredodaleidaatracao.com.br/builder/elements/images/ 3 KB
3 KB 41ms
41ms Image
image/png 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/images/marker-arrow-left-dark.png
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 043a8dd5af92cccfa0d98025013c41c2f0a957507498e384cae5b4d7ea482b46

Request headers

:path: /builder/elements/images/marker-arrow-left-dark.png
pragma: no-cache
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
last-modified: Mon, 11 Oct 2021 19:15:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "3af4e6ad4bed71:0"
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3005

GET
H2 200 img-306606-20161225195207.jpg
blob.contato.io/machine-user-images/ 282 KB
282 KB 799ms
799ms Image
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-user-images/img-306606-20161225195207.jpg
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa8294e964a3825c3b9d6d9f0656985293b9c75c6b73dbe8ecb4885f1e831b42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: Z5D+Zn5IfHY9YBSR6MOa+Q==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 288433
x-ms-lease-status: unlocked
last-modified: Sun, 25 Dec 2016 21:53:06 GMT
server: cloudflare
etag: 0x8D42D1068BFF6E1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulo0SmvdbmWzjkVoQ103Dfe0rMmH7SdCyapkp%2B1wExov28rp0MNn9O0KIyYCgbP3PWRZnxR3DMyYNIRcoxhF3DIFe4kTYxlZ%2FJRNlW8BFiIt7dZkBK1kYwkl2m8a1B8N9MA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 31ba676a-101e-005f-1c76-c0ba0e000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69db8796abbe56d4-IAD

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 108ms
59ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dinheiro.osegredodaleidaatracao.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 01:25:05 GMT
x-content-type-options: nosniff
age: 70858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 01:25:05 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 71ms
22ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dinheiro.osegredodaleidaatracao.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 07:30:39 GMT
x-content-type-options: nosniff
age: 221724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 07:30:39 GMT

GET
H2 200 5aU19_a8oxmIfLZcERySjQ.woff2
fonts.gstatic.com/s/hind/v11/ 16 KB
16 KB 98ms
49ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v11/5aU19_a8oxmIfLZcERySjQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

824a9d9843640ecfecb8a65c0634d1e434e1e1734a627ee3b61a8865a77b51d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dinheiro.osegredodaleidaatracao.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:48:15 GMT
x-content-type-options: nosniff
age: 209868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16604
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:36 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 10:48:15 GMT

GET
H2 200 fontawesome-webfont.woff2
dinheiro.osegredodaleidaatracao.com.br/fonts/ 75 KB
76 KB 33ms
32ms Font
application/font-woff2 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/Content/font-awesome.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-fetch-mode: cors
origin: https://dinheiro.osegredodaleidaatracao.com.br
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u
:path: /fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/Content/font-awesome.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://dinheiro.osegredodaleidaatracao.com.br/Content/font-awesome.css
Origin: https://dinheiro.osegredodaleidaatracao.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
last-modified: Mon, 11 Oct 2021 19:15:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f927886cd4bed71:0"
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/font-woff2
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 77160

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 90ms
42ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dinheiro.osegredodaleidaatracao.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:45 GMT
x-content-type-options: nosniff
age: 16458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:45 GMT

GET
H2 200 5aU19_a8oxmIfMJaERySjQ.woff2
fonts.gstatic.com/s/hind/v11/ 15 KB
16 KB 128ms
80ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v11/5aU19_a8oxmIfMJaERySjQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

47ee68145b529d601247e82604b9c3de7a0b44a0e1d95d9470424271994f548e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dinheiro.osegredodaleidaatracao.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 10:52:12 GMT
x-content-type-options: nosniff
age: 296031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15848
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:04 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 10 Oct 2022 10:52:12 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 114ms
66ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dinheiro.osegredodaleidaatracao.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 17:03:52 GMT
x-content-type-options: nosniff
age: 532931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 07 Oct 2022 17:03:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 124ms
76ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dinheiro.osegredodaleidaatracao.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:32:14 GMT
x-content-type-options: nosniff
age: 16429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:32:14 GMT

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 102ms
82ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dinheiro.osegredodaleidaatracao.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:32:14 GMT
x-content-type-options: nosniff
age: 16429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15712
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:32:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 102ms
87ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dinheiro.osegredodaleidaatracao.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 16462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:41 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 79ms
27ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1020728123

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

8e170827cf6b2dfdb810cef652d70f9cbd9ff58f4242cb735622833b5ff69bd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14427
x-xss-protection: 0
server: cafe
etag: 14346040707932117602
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 21:06:04 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 62ms
39ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5346736-31&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1020728123

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a538fb95b058754402a193f6a0e990f52f8c1951c5eac2ec92816de4ad5e1caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38613
x-xss-protection: 0
expires: Wed, 13 Oct 2021 21:06:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 73ms
20ms Script
text/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5346736-31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 21:34:48 GMT
server: Golfe2
age: 3898
date: Wed, 13 Oct 2021 20:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
expires: Wed, 13 Oct 2021 22:01:06 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/387dfd49/ Frame F77F 335 KB
46 KB 69ms
27ms Stylesheet
text/css 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/387dfd49/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

6c07e912d567c9f50f9e4eadba1832f41a64d8176e33cda0c9f7c7215dd23e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:52:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46906
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 00:14:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Oct 2022 15:52:45 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/387dfd49/www-embed-player.vflset/ Frame F77F 208 KB
68 KB 90ms
49ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/387dfd49/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

0454780736bf4ef09e7738f2e2a12fb7fe03dca778e550c57d20f6d6ef6d3874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:52:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69594
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 00:14:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Oct 2022 15:52:45 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/ Frame F77F 2 MB
511 KB 64ms
24ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

c9f2439380568573d9ceb4699da81f1567fb19ad32abc048fd6692a8afefff9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 523469
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 00:14:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Oct 2022 15:54:11 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/387dfd49/fetch-polyfill.vflset/ Frame F77F 8 KB
3 KB 63ms
24ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/387dfd49/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:52:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 00:14:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Oct 2022 15:52:45 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F77F 15 KB
15 KB 50ms
21ms Font
font/woff2 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 176871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 19:58:13 GMT

GET
H2 200 4vRqRYlt7CgMWnBf05pK19kwWAr5fqWt Show response
ekr.zdassets.com/compose/zopim_chat/ 194 B
905 B 228ms
203ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/zopim_chat/4vRqRYlt7CgMWnBf05pK19kwWAr5fqWt

Requested by

Host: v2.zopim.com
URL: https://v2.zopim.com/?4vRqRYlt7CgMWnBf05pK19kwWAr5fqWt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

914702be95867005465e8c2af8e61288a042038d21da262907e92541f52c417d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-request-id: 7092861c-ef9a-4c7c-9ad8-b7089ef589a1
x-runtime: 0.003350
server: cloudflare
etag: W/"914702be95867005465e8c2af8e61288"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GfKRLw1zHCVUX%2BvbQ6YH3oMGP3hVLrKiYteykhps%2FLR9ynBqUcwXA3eGXClL3GsSXg9Uea%2BIGxEsWa5TPwBn4WpWKIC%2BWkqs4zfMLrrtCSwXbN6T7RvDDa%2FgyDhyQMcv%2BfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 69db8797aafd21ab-DUS

GET
H2 200 load-js Show response
launcher.hotmart.com/rest/v1/module/ 48 B
486 B 282ms
98ms XHR
application/json 34.198.22.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://launcher.hotmart.com/rest/v1/module/load-js?hotid=eyJzaWQiOiJhM2ZiYmEyNDg3NTA0OWQyYTI4NjRjNDVjYWMwNzdmYSIsInBhZ2V2aWV3X2lkIjoiUFZreGVpOGFtNXQ4a3VxMDY4eXQiLCJ0cmFjZV9pZCI6IkxUMjJsYmg5aXN4NGlrdXEwNjh5dCJ9&locationHref=https%3A%2F%2Fdinheiro.osegredodaleidaatracao.com.br%2F&account=97f97129-35d6-398a-9205-01adf0849c85

Requested by

Host: launcher.hotmart.com
URL: https://launcher.hotmart.com/launcher.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.198.22.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-198-22-192.compute-1.amazonaws.com

Software

Resource Hash

597d29c545d7a79da6b84b08603de509450bb81d0e88d3d9766b3cfae368120e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dinheiro.osegredodaleidaatracao.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Location, Link, ETag
cache-control: no-cache, no-store, max-age=0, must-revalidate
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1020728123/ 2 KB
2 KB 81ms
33ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1020728123/?random=1634159164145&cv=9&fst=1634159164145&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaab0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdinheiro.osegredodaleidaatracao.com.br%2F&tiba=Treinamento%20O%20Segredo%20da%20Lei%20da%20Atra%C3%A7%C3%A3o%20Para%20Dinheiro&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c5d633a21a51b5b177389579da506bffcfabb35d7de832a62405ba21e6ffc80a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1071
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 56ms
28ms XHR
text/plain 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1829276423&t=pageview&_s=1&dl=https%3A%2F%2Fdinheiro.osegredodaleidaatracao.com.br%2F&ul=en-us&de=UTF-8&dt=Treinamento%20O%20Segredo%20da%20Lei%20da%20Atra%C3%A7%C3%A3o%20Para%20Dinheiro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=840463531&gjid=1267787816&cid=1618492735.1634159164&tid=UA-5346736-31&_gid=243660456.1634159164&_r=1&gtm=2ouab0&z=922437281

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dinheiro.osegredodaleidaatracao.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 21:06:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dinheiro.osegredodaleidaatracao.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 22ms
7ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: Np2x9BK5nCRmWYq1YD2LJ+2ycHJvs40NXSASyfvGHhtB7I0tvWVS17p6FMGxlOVtnLKnSvZc+wzJ9Ak0EDK83A==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 13 Oct 2021 21:06:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

bundle.js Show response
static.getbutton.io/widget/
Redirect Chain

https://static.whatshelp.io/widget-send-button/js/init.js
https://static.getbutton.io/widget-send-button/js/init.js
https://static.getbutton.io/widget/bundle.js

266 KB
85 KB

25ms
25ms

Script
application/javascript

78.46.57.120
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getbutton.io/widget/bundle.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.57.120 Leipzig, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.120.57.46.78.clients.your-server.de
Software: nginx/1.6.2 /
Resource Hash: cfb62d0ee56f68d7f6c106f7b52b659906631372992c1c6c39a38d2c698b7f9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:06:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 09:21:57 GMT
Server: nginx/1.6.2
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: keep-alive
Expires: Thu, 14 Oct 2021 00:06:04 GMT

Redirect headers

Location: https://static.getbutton.io/widget/bundle.js
Date: Wed, 13 Oct 2021 21:06:04 GMT
Server: nginx/1.6.2
Connection: keep-alive
Content-Length: 160
Content-Type: text/html

GET
H2

200

ea.js Show response
cdn.eduzzcdn.com/myeduzz/assets/
Redirect Chain

https://eduzz.com/dev/js/ea.js?v=1.0
https://cdn.eduzzcdn.com/myeduzz/assets/ea.js?v=1.0

5 KB
2 KB

69ms
19ms

Script
application/javascript

13.226.155.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eduzzcdn.com/myeduzz/assets/ea.js?v=1.0
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-59.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4ecaeddd2ed2f1ab45ee64888d6d11c8d9c25ca8c8eb305e88b0f90ee411c85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 18:43:32 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: W/"9c69f09d92b16dbb102ee2b64736553a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
cache-control: max-age=600, stale-while-revalidate=59
x-amz-cf-id: ZPo_ZlNMmn-FiTqMnc8gnrS2SOMJujlr2mSkwkC8177S69Ev3mr7_g==

Redirect headers

location: https://cdn.eduzzcdn.com:443/myeduzz/assets/ea.js?v=1.0
date: Wed, 13 Oct 2021 21:06:04 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

POST
H2 200 AddPageViewScript Show response
dinheiro.osegredodaleidaatracao.com.br/Pages/ 4 B
181 B 98ms
97ms XHR
application/json 213.136.68.210
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://dinheiro.osegredodaleidaatracao.com.br/Pages/AddPageViewScript
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/builder/elements/scripts/jquery-1.11.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.68.210 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: leadlovers.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

sec-fetch-mode: cors
origin: https://dinheiro.osegredodaleidaatracao.com.br
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: ASP.NET_SessionId=hnl0l2xaom51r0ajmjmtbg1u; _gcl_au=1.1.1441140545.1634159164; hotid=eyJzaWQiOiJhM2ZiYmEyNDg3NTA0OWQyYTI4NjRjNDVjYWMwNzdmYSJ9; _ga=GA1.3.1618492735.1634159164; _gid=GA1.3.243660456.1634159164; _gat_gtag_UA_5346736_31=1
content-length: 41
:path: /Pages/AddPageViewScript
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: dinheiro.osegredodaleidaatracao.com.br
referer: https://dinheiro.osegredodaleidaatracao.com.br/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
x-aspnetmvc-version: 5.0
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
set-cookie: llbrMachine_263778=11994943=11994943; expires=Mon, 13-Oct-2521 21:06:06 GMT; path=/
access-control-allow-headers: *
content-length: 4

GET
H3 200 1217562151609784 Show response
connect.facebook.net/signals/config/ 490 KB
143 KB 213ms
205ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1217562151609784?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

db80fc10e88601df23ff168577941c556ca5cd53c02a4881933a3d5f364fe3d4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: NOsHd68T13Qs0VbWhtklxKu2oDbAHXB6FVgXG/wC9cNv6d+JS0q6Sgn9/KF+Q2oPwmR1v3F+IZYg22xPxEU3cg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 13 Oct 2021 21:06:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1020728123/ 42 B
569 B 65ms
27ms Image
image/gif 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1020728123/?random=1634159164145&cv=9&fst=1634158800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaab0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdinheiro.osegredodaleidaatracao.com.br%2F&tiba=Treinamento%20O%20Segredo%20da%20Lei%20da%20Atra%C3%A7%C3%A3o%20Para%20Dinheiro&async=1&fmt=3&is_vtc=1&random=2101948212&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 21:06:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1020728123/ 42 B
569 B 63ms
26ms Image
image/gif 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1020728123/?random=1634159164145&cv=9&fst=1634158800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaab0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdinheiro.osegredodaleidaatracao.com.br%2F&tiba=Treinamento%20O%20Segredo%20da%20Lei%20da%20Atra%C3%A7%C3%A3o%20Para%20Dinheiro&async=1&fmt=3&is_vtc=1&random=2101948212&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 21:06:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
478 B 71ms
22ms XHR
text/plain 142.251.5.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-5346736-31&cid=1618492735.1634159164&jid=840463531&gjid=1267787816&_gid=243660456.1634159164&_u=YEBAAUAAAAAAAC~&z=2069560069

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dinheiro.osegredodaleidaatracao.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 13 Oct 2021 21:06:04 GMT
content-type: text/plain
access-control-allow-origin: https://dinheiro.osegredodaleidaatracao.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame F77F 113 B
161 B 83ms
56ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3234fc63b304b5952486f723cb5a8702f318e673e070afb958b79bc3741e4cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F77F 29 B
609 B 80ms
24ms Script
text/javascript 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 20:53:00 GMT
x-content-type-options: nosniff
age: 784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Oct 2021 21:08:00 GMT

GET
H3 200 nN0Pn0yrAnPV2j026Q669pUZAvUESJi9rznl0QUNzQ8.js Show response
www.google.com/js/th/ Frame F77F 35 KB
13 KB 46ms
15ms Script
text/javascript 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/nN0Pn0yrAnPV2j026Q669pUZAvUESJi9rznl0QUNzQ8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

sffe /

Resource Hash

9cdd0f9f4cab0273d5da3d36e90ebaf6951902f5044898bdaf39e5d1050dcd0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 05:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13356
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:30:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 13 Oct 2022 05:08:43 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/ Frame F77F 25 KB
7 KB 23ms
23ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

36b9404f82694dbb8a8374402d9ec7dd557ca8fa0f0b246e83ba449d0665322a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7370
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 00:14:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Oct 2022 15:54:11 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame F77F 83 KB
21 KB 125ms
125ms XHR
application/json 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

c90b96370a375165e76c6a3d44ebfa0d5bdd8e757b0391476d5698167b80901e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211010.0.0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Goog-Visitor-Id: CgtvSU5ISm1FaEVjMCi7lJ2LBg%3D%3D
Content-Type: application/json

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21305
x-xss-protection: 0
expires: Wed, 13 Oct 2021 21:06:04 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 39ms
25ms Image
image/gif 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-5346736-31&cid=1618492735.1634159164&jid=840463531&_u=YEBAAUAAAAAAAC~&z=1843126969

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f132.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 21:06:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 53ms
26ms Image
image/gif 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-5346736-31&cid=1618492735.1634159164&jid=840463531&_u=YEBAAUAAAAAAAC~&z=1843126969

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 21:06:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F77F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTXc8X86NKOHZCBLI9AKnO8kRD2-l0QmklNT887wSY=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F77F 4 KB
4 KB 83ms
34ms Image
image/jpeg 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTXc8X86NKOHZCBLI9AKnO8kRD2-l0QmklNT887wSY=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

fife /

Resource Hash

60c9cf21be57ca4f893af8f0766ff2a0a1a9769587839385d0a83d859a4e9c15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3845
x-xss-protection: 0
server: fife
etag: "v953a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 18:35:24 GMT

GET
H2

200

widget_v2.329.js Show response
v2.zopim.com/bin/v/
Redirect Chain

https://v2.zopim.com/w?4vRqRYlt7CgMWnBf05pK19kwWAr5fqWt
https://v2.zopim.com/bin/v/widget_v2.329.js

1 MB
244 KB

20ms
19ms

Script
application/javascript

104.16.106.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.zopim.com/bin/v/widget_v2.329.js
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.106.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89cd7b5adb1bd8f60bac9f0452ac87fb69d41ec37a1affbeb7861589efc1cb8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Jun 2020 07:11:49 GMT
server: cloudflare
age: 136150
etag: W/"5ee087b5-102db5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=315360000
cf-ray: 69db879a2c40fadc-DUS
expires: Sat, 11 Oct 2031 21:06:04 GMT

Redirect headers

date: Wed, 13 Oct 2021 21:06:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: "5ee9874c-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/octet-stream
location: https://v2.zopim.com/bin/v/widget_v2.329.js
cache-control: max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray: 69db87999b8afadc-DUS
content-length: 0
expires: Thu, 14 Oct 2021 01:06:04 GMT

GET
H2 200 id.min.js Show response
identification.hotmart.com/ 5 KB
5 KB 309ms
97ms Script
text/html 54.165.200.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://identification.hotmart.com/id.min.js?account=97f97129-35d6-398a-9205-01adf0849c85
Requested by: Host: launcher.hotmart.com
URL: https://launcher.hotmart.com/launcher.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.200.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-200-156.compute-1.amazonaws.com
Software: WildFly/9 / Undertow/1
Resource Hash: 19eadf2cdfeb8bda793665e73372a9a7a79a153ff4e317fab2b249c9b5cd2236

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
last-modified: Wed, 13 Oct 2021 19:59:24 GMT
server: WildFly/9
x-powered-by: Undertow/1
content-type: text/html;charset=utf-8
cache-control: max-age=60
content-length: 5407
expires: 163415916468360000

GET
H3 204 generate_204
www.youtube.com/ Frame F77F 0
9 B 24ms
22ms Image
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?aoK1VA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame F77F 0
19 B 31ms
31ms Ping
text/html 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=244&afmt=251&cpn=ud-D4mtVi0qv7dOQ&ei=PEpnYfLWF4a28gO93qTYAg&el=embedded&docid=koCduUs5c6g&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082661%2C24094796%2C24101841%2C24106092%2C24108401%2C24116772&cl=402169965&seq=1&cbr=Chrome&cbrver=93.0.4577.63&c=WEB_EMBEDDED_PLAYER&cver=1.20211010.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.008:B,0.173:B,0.173:B&cmt=0.008:0.000,0.173:0.000&afs=0.173:251::i&vfs=0.173:244:244::r&view=0.173:750:422&bwe=0.173:130000&bat=0.173:1:1&vis=0.173:0&bh=0.173:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 21:06:04 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r4---sn-2gb7sn7r.googlevideo.com/ Frame F77F 1 KB
2 KB 77ms
16ms XHR
text/plain 172.217.130.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-2gb7sn7r.googlevideo.com/videoplayback?expire=1634180764&ei=PEpnYfLWF4a28gO93qTYAg&ip=216.131.111.132&id=o-AJDshdGZKl96WK-YRAFgSkgkzMtAJFPxvhfZi8k6Kt1G&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Pm&mm=31%2C26&mn=sn-2gb7sn7r%2Csn-4g5e6ns6&ms=au%2Conr&mv=m&mvi=4&pl=24&initcwndbps=145000&vprv=1&mime=video%2Fwebm&ns=DoAMzqL7Ggzyovgn9Lnn1XAG&gir=yes&clen=51390584&dur=758.520&lmt=1556026674854374&mt=1634158862&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=Y_oOz7kCHkelfQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAIJwQP3iGMrNvK8DZJzgdN3KUlrriTFKEnqPZi1RQrCnAiEAkKvXbfCsqoeGRGf9XZPcjUKRqoQJNvDNzJhDJGetl-Q%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgE4uT4f6sdCZByaGLQR7vb8HYdxx0CGKx32tL5RB250QCIEA8d9SYQVHNC9r8e7nbnecV3Cek2xBFru4-lga3MUaa&alr=yes&cpn=ud-D4mtVi0qv7dOQ&cver=1.20211010.0.0&range=0-164572&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.217.130.73 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s08-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

e30adf70df2fe3f2b98b91506e88b5922ce8b2545b6aaf2dcffdcce2033b6419

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:06:04 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1058
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Wed, 13 Oct 2021 21:06:04 GMT

GET
H/1.1 200
OK videoplayback Show response
r4---sn-2gb7sn7r.googlevideo.com/ Frame F77F 964 B
2 KB 76ms
15ms XHR
text/plain 172.217.130.73
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-2gb7sn7r.googlevideo.com/videoplayback?expire=1634180764&ei=PEpnYfLWF4a28gO93qTYAg&ip=216.131.111.132&id=o-AJDshdGZKl96WK-YRAFgSkgkzMtAJFPxvhfZi8k6Kt1G&itag=251&source=youtube&requiressl=yes&mh=Pm&mm=31%2C26&mn=sn-2gb7sn7r%2Csn-4g5e6ns6&ms=au%2Conr&mv=m&mvi=4&pl=24&initcwndbps=145000&vprv=1&mime=audio%2Fwebm&ns=DoAMzqL7Ggzyovgn9Lnn1XAG&gir=yes&clen=10399100&dur=758.541&lmt=1556026156139565&mt=1634158862&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=Y_oOz7kCHkelfQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTsCZMMGFwuMxTdcZ7o21VXO7WTTQk6u_1Yjy_LVtC8cCIB8vyG_iSjy4SGWjmTmmtStB4hAmU5ysHPtDSDhHUNm5&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgE4uT4f6sdCZByaGLQR7vb8HYdxx0CGKx32tL5RB250QCIEA8d9SYQVHNC9r8e7nbnecV3Cek2xBFru4-lga3MUaa&alr=yes&cpn=ud-D4mtVi0qv7dOQ&cver=1.20211010.0.0&range=0-67090&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.217.130.73 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s08-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

6b4d8e6fe99402511c73100844a0e91152ebdca5b00cf781ab933f6c3df0cbba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 21:06:04 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 964
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Wed, 13 Oct 2021 21:06:04 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/ Frame F77F 64 KB
24 KB 24ms
24ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

730ca1cdc1e6d2ced816e75232e55deb339ba29c1fdbc8fd2e0f066f8cf4a8c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:59:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191194
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24460
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 00:14:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Oct 2022 15:59:30 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/ Frame F77F 26 KB
7 KB 25ms
25ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

f416609a888a9f156d72a7ec502a70f257b1902330e72ed9694ffe413c3b3864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:55:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191460
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7142
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 00:14:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Oct 2022 15:55:04 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/ Frame F77F 66 KB
19 KB 24ms
24ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

sffe /

Resource Hash

d973c00983915025138ac1e082efd63bca119ea8386b072b90cdbb776e81d87b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 15:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19765
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 00:14:34 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Oct 2022 15:56:57 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame F77F 35 KB
4 KB 240ms
240ms XHR
application/json 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

626ce654089226425407380a34de50ac3b76f9996ea02fc6b5f6e62a8205effc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211010.0.0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
X-Goog-Visitor-Id: CgtvSU5ISm1FaEVjMCi7lJ2LBg%3D%3D
Content-Type: application/json

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3628
x-xss-protection: 0
expires: Wed, 13 Oct 2021 21:06:04 GMT

GET
H3 200 633172243995167 Show response
connect.facebook.net/signals/config/ 489 KB
143 KB 62ms
61ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/633172243995167?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

ca2f25d36a39a661d9a7a8bb10fd4917918b2e60949f8043567b80388d6d24ed

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: Kk1cAv5B45LNQVchURSd1K5fPQRbCAMBZ9ZKVm/wHjUHHRTS6aWq5jcuUNA2m23sD6E6DaVYK4bGVscUbM7goQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 13 Oct 2021 21:06:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
425 B 26ms
8ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1217562151609784&ev=PageView&dl=https%3A%2F%2Fdinheiro.osegredodaleidaatracao.com.br%2F&rl=&if=false&ts=1634159164570&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.2.1634159164569.685587741&it=1634159164224&coo=false&rqm=GET

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 13 Oct 2021 21:06:04 GMT

GET
H2 200 __$$__stringtable_lang_pt.js Show response
v2.zopim.com/lib/20200610.071112/ Frame CC2B 6 KB
2 KB 17ms
17ms Script
application/javascript 104.16.106.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.zopim.com/lib/20200610.071112/__$$__stringtable_lang_pt.js
Requested by: Host: v2.zopim.com
URL: https://v2.zopim.com/w?4vRqRYlt7CgMWnBf05pK19kwWAr5fqWt
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.106.139 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0996503e8d85c6eefe9d8f4baed25d65392a296f7d6e48567f12be53b0c8ef9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Jun 2020 07:11:47 GMT
server: cloudflare
age: 136074
etag: W/"5ee087b3-1635"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=315360000
cf-ray: 69db879b2de2fadc-DUS
expires: Sat, 11 Oct 2031 21:06:04 GMT

GET
H3 200 videoplayback Show response
r4---sn-4g5ednse.googlevideo.com/ Frame F77F 161 KB
161 KB 267ms
217ms XHR
video/webm 173.194.188.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5ednse.googlevideo.com/videoplayback?expire=1634180764&ei=PEpnYfLWF4a28gO93qTYAg&ip=216.131.111.132&id=o-AJDshdGZKl96WK-YRAFgSkgkzMtAJFPxvhfZi8k6Kt1G&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&vprv=1&mime=video%2Fwebm&ns=DoAMzqL7Ggzyovgn9Lnn1XAG&gir=yes&clen=51390584&dur=758.520&lmt=1556026674854374&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=Y_oOz7kCHkelfQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAIJwQP3iGMrNvK8DZJzgdN3KUlrriTFKEnqPZi1RQrCnAiEAkKvXbfCsqoeGRGf9XZPcjUKRqoQJNvDNzJhDJGetl-Q%3D&alr=yes&cpn=ud-D4mtVi0qv7dOQ&cver=1.20211010.0.0&redirect_counter=1&cm2rm=sn-2gbek7z&cms_redirect=yes&mh=Pm&mm=34&mn=sn-4g5ednse&ms=ltu&mt=1634159080&mv=m&mvi=4&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMFJBAvfrfCcafJu6tldfATjzSSf-RsU0wAy7wrFxblTAiBWfmNmyWoZrpPhyWUXcjfRdivaocgcfsEv7OXfCwmxTg%3D%3D&range=0-164572&rn=3&rbuf=0&altitags=243%2C242

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.188.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s31-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

1e2019084a9ffe306f0075ca7681b87b31a3007a9ab10242a7d64c8cd73be51f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164573
client-protocol: quic
last-modified: Tue, 23 Apr 2019 13:37:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 13 Oct 2021 21:06:04 GMT

GET
H3 200 videoplayback Show response
r4---sn-4g5ednse.googlevideo.com/ Frame F77F 66 KB
66 KB 316ms
268ms XHR
audio/webm 173.194.188.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5ednse.googlevideo.com/videoplayback?expire=1634180764&ei=PEpnYfLWF4a28gO93qTYAg&ip=216.131.111.132&id=o-AJDshdGZKl96WK-YRAFgSkgkzMtAJFPxvhfZi8k6Kt1G&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=DoAMzqL7Ggzyovgn9Lnn1XAG&gir=yes&clen=10399100&dur=758.541&lmt=1556026156139565&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=Y_oOz7kCHkelfQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTsCZMMGFwuMxTdcZ7o21VXO7WTTQk6u_1Yjy_LVtC8cCIB8vyG_iSjy4SGWjmTmmtStB4hAmU5ysHPtDSDhHUNm5&alr=yes&cpn=ud-D4mtVi0qv7dOQ&cver=1.20211010.0.0&redirect_counter=1&cm2rm=sn-2gbek7z&cms_redirect=yes&mh=Pm&mm=34&mn=sn-4g5ednse&ms=ltu&mt=1634159080&mv=m&mvi=4&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgQ90FdIPdl68z6qTtLXApd6GdS_199nAO9MWJ1XRp9wkCIHyjnbxJ9wV8ASPUYf-jJKQQetACD0vA7OOZurxIyK6y&range=0-67090&rn=4&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.188.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s31-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

c62ea47bbb8e3de31b9776b417a625c2f559072641375f4685388b78d0f7bc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67091
client-protocol: quic
last-modified: Tue, 23 Apr 2019 13:29:16 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 13 Oct 2021 21:06:04 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/koCduUs5c6g/ Frame F77F 72 KB
73 KB 111ms
59ms Image
image/webp 142.250.186.150
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/koCduUs5c6g/maxresdefault.webp

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.150 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f22.1e100.net

Software

sffe /

Resource Hash

45443f380cf909ec61dd5f33651e784a6763c85207020d731105f9f52d713bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
x-content-type-options: nosniff
server: sffe
etag: "1555948870"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73806
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 13 Oct 2021 23:06:04 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
9ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=633172243995167&ev=PageView&dl=https%3A%2F%2Fdinheiro.osegredodaleidaatracao.com.br%2F&rl=&if=false&ts=1634159164699&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.2.1634159164569.685587741&it=1634159164224&coo=false&rqm=GET

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 13 Oct 2021 21:06:04 GMT

GET
H2 200 track Show response
tracking-api.hotmart.com/rest/ 0
105 B 293ms
95ms XHR
application/json 52.20.171.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking-api.hotmart.com/rest/track?hotid=eyJzaWQiOiJhM2ZiYmEyNDg3NTA0OWQyYTI4NjRjNDVjYWMwNzdmYSIsImNpZCI6IjE2MzQxNTkxNjQ3NDk0NTEyMzA3MDAwMzA2MjY4MDAiLCJiaWQiOiIxNjM0MTU5MTY0NzQ5NDUxMjMwNzAwMDMwNjI2ODAwIiwibG9jYXRpb25IcmVmIjoiaHR0cHMlM0ElMkYlMkZkaW5oZWlyby5vc2VncmVkb2RhbGVpZGFhdHJhY2FvLmNvbS5iciUyRiIsInBhZ2V2aWV3X2lkIjoiUFZreGVpOGFtNXQ4a3VxMDY4eXQiLCJ0cmFjZV9pZCI6IkxUbDVmam4yNGY3Z2hrdXEwNjlmeCJ9&sid=a3fbba24875049d2a2864c45cac077fa&cid=1634159164749451230700030626800&bid=1634159164749451230700030626800&locationHref=https%3A%2F%2Fdinheiro.osegredodaleidaatracao.com.br%2F&account=97f97129-35d6-398a-9205-01adf0849c85
Requested by: Host: launcher.hotmart.com
URL: https://launcher.hotmart.com/launcher.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.171.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-171-237.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dinheiro.osegredodaleidaatracao.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://dinheiro.osegredodaleidaatracao.com.br
date: Wed, 13 Oct 2021 21:06:04 GMT
content-length: 0
content-type: application/json

GET
H2 200 id.gif
identification.hotmart.com/ 43 B
161 B 95ms
95ms Image
image/gif 54.165.200.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://identification.hotmart.com/id.gif?cid=1634159164749451230700030626800&bid=1634159164749451230700030626800
Requested by: Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.200.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-200-156.compute-1.amazonaws.com
Software: WildFly/9 / Undertow/1
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:04 GMT
cache-control: no-cache
server: WildFly/9
x-powered-by: Undertow/1
content-length: 43
content-type: image/gif

GET
H3 200 videoplayback Show response
r4---sn-4g5ednse.googlevideo.com/ Frame F77F 158 KB
158 KB 159ms
158ms XHR
video/webm 173.194.188.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.188.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s31-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

39b76f7b834e9a14b2dcbf337e4598ac0f2aea4c41d905a9fb245ce838b68d20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161747
client-protocol: quic
last-modified: Tue, 23 Apr 2019 13:37:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 13 Oct 2021 21:06:05 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1217562151609784&ev=Microdata&dl=https%3A%2F%2Fdinheiro.osegredodaleidaatracao.com.br%2F&rl=&if=false&ts=1634159165073&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Treinamento%20O%20Segredo%20da%20Lei%20da%20Atra%C3%A7%C3%A3o%20Para%20Dinheiro%22%2C%22meta%3Akeywords%22%3A%22Treinamento%20O%20Segredo%20da%20Lei%20da%20Atra%C3%A7%C3%A3o%20Para%20Dinheiro%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Treinamento%20O%20Segredo%20da%20Lei%20da%20Atra%C3%A7%C3%A3o%20Para%20Dinheiro%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fblob.contato.io%2Fmachine-user-images%2Fimagem-1920x1080px-sdlad-com-logo-e-foto-img-306606-20190405213201.jpg%22%2C%22og%3Asite_name%22%3A%2209%20LEI%20DA%20ATRACAO%20PARA%20DINHEIRO%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.2.1634159164569.685587741&it=1634159164224&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 13 Oct 2021 21:06:05 GMT

GET
H3 200 videoplayback Show response
r4---sn-4g5ednse.googlevideo.com/ Frame F77F 318 KB
318 KB 175ms
174ms XHR
video/webm 173.194.188.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.188.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s31-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

2d386e43f87f61218c4b7dd2670d7e880f59e0751dae5cc0f9ada2116376eeac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325717
client-protocol: quic
last-modified: Tue, 23 Apr 2019 13:37:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 13 Oct 2021 21:06:05 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=633172243995167&ev=Microdata&dl=https%3A%2F%2Fdinheiro.osegredodaleidaatracao.com.br%2F&rl=&if=false&ts=1634159165200&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Treinamento%20O%20Segredo%20da%20Lei%20da%20Atra%C3%A7%C3%A3o%20Para%20Dinheiro%22%2C%22meta%3Akeywords%22%3A%22Treinamento%20O%20Segredo%20da%20Lei%20da%20Atra%C3%A7%C3%A3o%20Para%20Dinheiro%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22pt_BR%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Treinamento%20O%20Segredo%20da%20Lei%20da%20Atra%C3%A7%C3%A3o%20Para%20Dinheiro%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fblob.contato.io%2Fmachine-user-images%2Fimagem-1920x1080px-sdlad-com-logo-e-foto-img-306606-20190405213201.jpg%22%2C%22og%3Asite_name%22%3A%2209%20LEI%20DA%20ATRACAO%20PARA%20DINHEIRO%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.2.1634159164569.685587741&it=1634159164224&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: dinheiro.osegredodaleidaatracao.com.br
URL: https://dinheiro.osegredodaleidaatracao.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dinheiro.osegredodaleidaatracao.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 13 Oct 2021 21:06:05 GMT

GET
H3 200 videoplayback Show response
r4---sn-4g5ednse.googlevideo.com/ Frame F77F 74 KB
74 KB 164ms
164ms XHR
audio/webm 173.194.188.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5ednse.googlevideo.com/videoplayback?expire=1634180764&ei=PEpnYfLWF4a28gO93qTYAg&ip=216.131.111.132&id=o-AJDshdGZKl96WK-YRAFgSkgkzMtAJFPxvhfZi8k6Kt1G&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=DoAMzqL7Ggzyovgn9Lnn1XAG&gir=yes&clen=10399100&dur=758.541&lmt=1556026156139565&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=Y_oOz7kCHkelfQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTsCZMMGFwuMxTdcZ7o21VXO7WTTQk6u_1Yjy_LVtC8cCIB8vyG_iSjy4SGWjmTmmtStB4hAmU5ysHPtDSDhHUNm5&alr=yes&cpn=ud-D4mtVi0qv7dOQ&cver=1.20211010.0.0&redirect_counter=1&cm2rm=sn-2gbek7z&cms_redirect=yes&mh=Pm&mm=34&mn=sn-4g5ednse&ms=ltu&mt=1634159080&mv=m&mvi=4&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgQ90FdIPdl68z6qTtLXApd6GdS_199nAO9MWJ1XRp9wkCIHyjnbxJ9wV8ASPUYf-jJKQQetACD0vA7OOZurxIyK6y&range=67091-142424&rn=7&rbuf=4653

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.188.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s31-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

0438ee3bc9ff8e8e981039f8ab96f4419152825ea65a693cc21f9a2f7be3e688

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75334
client-protocol: quic
last-modified: Tue, 23 Apr 2019 13:29:16 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 13 Oct 2021 21:06:05 GMT

GET
H3 200 videoplayback Show response
r4---sn-4g5ednse.googlevideo.com/ Frame F77F 477 KB
477 KB 161ms
160ms XHR
video/webm 173.194.188.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.188.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s31-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

0fdb789288e2a77f2877d4065c168a5fa41805bca3405f6e5ed5fa4d591fe688

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 488772
client-protocol: quic
last-modified: Tue, 23 Apr 2019 13:37:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 13 Oct 2021 21:06:05 GMT

GET
H3 200 videoplayback Show response
r4---sn-4g5ednse.googlevideo.com/ Frame F77F 133 KB
133 KB 164ms
164ms XHR
audio/webm 173.194.188.41
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5ednse.googlevideo.com/videoplayback?expire=1634180764&ei=PEpnYfLWF4a28gO93qTYAg&ip=216.131.111.132&id=o-AJDshdGZKl96WK-YRAFgSkgkzMtAJFPxvhfZi8k6Kt1G&itag=251&source=youtube&requiressl=yes&vprv=1&mime=audio%2Fwebm&ns=DoAMzqL7Ggzyovgn9Lnn1XAG&gir=yes&clen=10399100&dur=758.541&lmt=1556026156139565&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=5431432&n=Y_oOz7kCHkelfQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgTsCZMMGFwuMxTdcZ7o21VXO7WTTQk6u_1Yjy_LVtC8cCIB8vyG_iSjy4SGWjmTmmtStB4hAmU5ysHPtDSDhHUNm5&alr=yes&cpn=ud-D4mtVi0qv7dOQ&cver=1.20211010.0.0&redirect_counter=1&cm2rm=sn-2gbek7z&cms_redirect=yes&mh=Pm&mm=34&mn=sn-4g5ednse&ms=ltu&mt=1634159080&mv=m&mvi=4&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgQ90FdIPdl68z6qTtLXApd6GdS_199nAO9MWJ1XRp9wkCIHyjnbxJ9wV8ASPUYf-jJKQQetACD0vA7OOZurxIyK6y&range=142425-278206&rn=9&rbuf=10001

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.188.41 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s31-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

a89ae81f53851b22a50180a10cc964a2610d3c3a6655227dc1063fc03783f9ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 21:06:05 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135782
client-protocol: quic
last-modified: Tue, 23 Apr 2019 13:29:16 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 13 Oct 2021 21:06:05 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F77F 28 B
54 B 39ms
38ms XHR
application/json 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/387dfd49/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/koCduUs5c6g?wmode=opaque&showinfo=0&autoplay=1&controls=0&modestbranding=1&rel=0
X-YouTube-Client-Version: 1.20211010.0.0
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtvSU5ISm1FaEVjMCi7lJ2LBg%3D%3D
X-YouTube-Ad-Signals: dt=1634159164202&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C750%2C422&vis=1&wgl=true&ca_type=image&bid=ANyPxKoS48As5sBrCYuPJeMC22mPJVdpKgNhILieKIIrvQGjYa4mHfBS5RLUMBuJOw1yb-O9C1QhNd8WBAdTLWTCXSrY3_44Kg

Response headers

date: Wed, 13 Oct 2021 21:06:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 13 Oct 2021 21:06:06 GMT

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dinheiro.osegredodaleidaatracao.com.br/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: hnl0l2xaom51r0ajmjmtbg1u
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 6VIhMlCu24Q
.youtube.com/	1970-01-20 02:15:11	Name: VISITOR_INFO1_LIVE Value: oINHJmEhEc0
.osegredodaleidaatracao.com.br/	1970-01-20 00:05:35	Name: _gcl_au Value: 1.1.1441140545.1634159164
.osegredodaleidaatracao.com.br/	1970-01-20 15:27:11	Name: _ga Value: GA1.3.1618492735.1634159164
.osegredodaleidaatracao.com.br/	1970-01-19 21:57:25	Name: _gid Value: GA1.3.243660456.1634159164
.osegredodaleidaatracao.com.br/	1970-01-19 21:55:59	Name: _gat_gtag_UA_5346736_31 Value: 1
dinheiro.osegredodaleidaatracao.com.br/	1970-07-21 12:50:13	Name: llbrMachine_263778 Value: 11994943=11994943
.doubleclick.net/	1970-01-20 07:17:35	Name: IDE Value: AHWqTUlRbAuymP83VKdLbBdYsrumtGA7DpxwrCaWUeYXL8TE6ognqIZc0ltruqxf
.osegredodaleidaatracao.com.br/	1970-01-20 00:05:35	Name: _fbp Value: fb.2.1634159164569.685587741
.facebook.com/	1970-01-20 00:05:35	Name: fr Value: 0blHUKPQHqACyhCf4..BhZ0o8...1.0.BhZ0o8.
widget-mediator.zopim.com/	1970-01-19 22:06:03	Name: AWSALBCORS Value: OnNZ6DH3RhqVvp2BX7YTrnzKh3vhdUAka4o1N7qNKeS+IVEEYQs9IPY6B8WyyUvUFTar65PRCOV1I4RCNiZSfFb6AlRbs73P0ic8r6pKP5hY9AB6MwNjjzKc5hV4
.dinheiro.osegredodaleidaatracao.com.br/	1970-02-06 21:55:59	Name: hotid Value: eyJzaWQiOiJhM2ZiYmEyNDg3NTA0OWQyYTI4NjRjNDVjYWMwNzdmYSIsImNpZCI6IjE2MzQxNTkxNjQ3NDk0NTEyMzA3MDAwMzA2MjY4MDAiLCJiaWQiOiIxNjM0MTU5MTY0NzQ5NDUxMjMwNzAwMDMwNjI2ODAwIiwibG9jYXRpb25IcmVmIjoiaHR0cHMlM0ElMkYlMkZkaW5oZWlyby5vc2VncmVkb2RhbGVpZGFhdHJhY2FvLmNvbS5iciUyRiJ9

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://dinheiro.osegredodaleidaatracao.com.br/(Line 4) Message: Mixed Content: The page at 'https://dinheiro.osegredodaleidaatracao.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.mapamental.org/curso/imgs/seta-laranja.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dinheiro.osegredodaleidaatracao.com.br/(Line 4) Message: Mixed Content: The page at 'https://dinheiro.osegredodaleidaatracao.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.mapamental.org/curso/imgs/seta-laranja.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dinheiro.osegredodaleidaatracao.com.br/(Line 4) Message: Mixed Content: The page at 'https://dinheiro.osegredodaleidaatracao.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.mapamental.org/curso/imgs/seta-laranja.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dinheiro.osegredodaleidaatracao.com.br/(Line 4) Message: Mixed Content: The page at 'https://dinheiro.osegredodaleidaatracao.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.mapamental.org/curso/imgs/seta-laranja.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dinheiro.osegredodaleidaatracao.com.br/ Message: Mixed Content: The page at 'https://dinheiro.osegredodaleidaatracao.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.mapamental.org/curso/imgs/seta-laranja.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dinheiro.osegredodaleidaatracao.com.br/ Message: Mixed Content: The page at 'https://dinheiro.osegredodaleidaatracao.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.mapamental.org/curso/imgs/seta-laranja.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dinheiro.osegredodaleidaatracao.com.br/ Message: Mixed Content: The page at 'https://dinheiro.osegredodaleidaatracao.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.mapamental.org/curso/imgs/seta-laranja.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://dinheiro.osegredodaleidaatracao.com.br/ Message: Mixed Content: The page at 'https://dinheiro.osegredodaleidaatracao.com.br/' was loaded over HTTPS, but requested an insecure element 'http://www.mapamental.org/curso/imgs/seta-laranja.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blob.contato.io
blob.llimages.com
cdn.eduzzcdn.com
connect.facebook.net
dinheiro.osegredodaleidaatracao.com.br
eduzz.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
identification.hotmart.com
launcher.hotmart.com
r4---sn-2gb7sn7r.googlevideo.com
r4---sn-4g5ednse.googlevideo.com
static.doubleclick.net
static.getbutton.io
static.whatshelp.io
static.zdassets.com
stats.g.doubleclick.net
tracking-api.hotmart.com
v2.zopim.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.mapamental.org
www.youtube.com
yt3.ggpht.com
104.16.106.139
104.18.70.113
13.226.155.59
142.250.181.225
142.250.184.238
142.250.185.174
142.250.185.226
142.250.186.150
142.250.186.170
142.250.186.38
142.250.74.195
142.251.5.156
157.240.236.1
157.240.236.35
172.217.130.73
172.217.16.130
172.217.16.136
172.217.23.99
172.67.185.33
172.67.220.136
172.67.221.31
173.194.188.41
191.252.140.63
213.136.68.210
216.58.212.132
3.208.252.125
34.198.22.192
52.20.171.237
54.165.200.156
78.46.57.120
001d01ead141493411c7e856d3326adc22a2d4bad3ae4a57d32b85ac2b0dd7ae
025231adce6ea3cd87e1c13c8cfea0cbfd8829afd3623519838eb53491292ee0
02e9d246798b2321639215065e2b51bea3b04ce67de116f67ca9a941dcaa4f90
03df59091850c3eb88d1154e26e754e85c3628ed12acd1f5e5bc92f3a85f447b
0438ee3bc9ff8e8e981039f8ab96f4419152825ea65a693cc21f9a2f7be3e688
043a8dd5af92cccfa0d98025013c41c2f0a957507498e384cae5b4d7ea482b46
0454780736bf4ef09e7738f2e2a12fb7fe03dca778e550c57d20f6d6ef6d3874
052a9808fb9024ecf5d6564168d6efc211d7e312dae963ae474f8699e2e3b5a0
0a40474f9f620a7a5a5548360f379e3419e9d307b119a79bbbbb8931d9b7ceb0
0e7ab1755ecdc85e26a65cc22ff6478029287611f5db6f704ce0600f8710de9d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fdb789288e2a77f2877d4065c168a5fa41805bca3405f6e5ed5fa4d591fe688
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160dbd2ee21a3e66aabaa25009faf56558ede3d2d3926d7b2f44627a072b062b
1690d9be98a0d0eae94c70bac71dbe9a8ba67fd946fb4f5ef3245d2c09253c27
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
19eadf2cdfeb8bda793665e73372a9a7a79a153ff4e317fab2b249c9b5cd2236
1e2019084a9ffe306f0075ca7681b87b31a3007a9ab10242a7d64c8cd73be51f
1e9a1d5e3a2bee09c0181ac471bc67d186975eae53b8d35290c9f42f930ade53
22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230
291903734c8af7a8ab03810fe944b962cf0e448bddb397ee6076c1c6c2b40d96
29649dd5311ae06eb0639f2655f35be5da744bf41556d1a1c32d326994d77869
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
2d386e43f87f61218c4b7dd2670d7e880f59e0751dae5cc0f9ada2116376eeac
3145a2ee536ea38dbcb2563fe7dad866ca2bceff859249e069cf33224f43b7cd
3162b6468674133d7b6c903e4b8a06f7faf51216d1e7f8b3edc8f326b1bfe461
3217cc8b501b86b92da66d9e9d2b3f598adbf7c3e16087c0c69e2102a82ae8fe
3234fc63b304b5952486f723cb5a8702f318e673e070afb958b79bc3741e4cde
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36b9404f82694dbb8a8374402d9ec7dd557ca8fa0f0b246e83ba449d0665322a
39b76f7b834e9a14b2dcbf337e4598ac0f2aea4c41d905a9fb245ce838b68d20
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
408e3f1a55e260698dc0586dd08c84ec6652acdcbaa6a6abb1437b59efd61449
41ff0d2c210b6caac0f4f59e66664beb5ab04b5c2baa360247b3de36bea014d6
45443f380cf909ec61dd5f33651e784a6763c85207020d731105f9f52d713bc9
47ca793464ecdeb8522092dd482d894a44f63557b43076193a6d2e09c095ec48
47e64ab09c885f5bcaa836d772a08c2b50a0a8721bf9ef576199201cb36fdbc4
47ee68145b529d601247e82604b9c3de7a0b44a0e1d95d9470424271994f548e
48b225ccf2070f53a914e5f01200de1887d532cdd3eaef69552b90f44b149dfb
4e22e1fc1d6409db889ea80e639f9ac3ce16b23c35b23bf89ebb06e52cb8963f
511b02628ff5d0b2b4e8bef0191762da4c79143829e21709570bf275213df05f
532cc506a6fe497917a6b1907e99c35dbe089da8702423cea82d89fb3d684428
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
584fff3df47d9723f3bfef48ce73d2383cc69dffcfa9435af90ac188928605f4
597d29c545d7a79da6b84b08603de509450bb81d0e88d3d9766b3cfae368120e
5c1e7d38cca25d3d96821bd6d1285c66de1e98954d561868cd7681463dfb2e6b
5d17764c5c6330d2505802be54e047fce4bcd7ec8d26869827f8e4972efbefec
6081e5ab192226d10d4ccbb32070bd11f65a079467886afb905ee3b9440952e7
60c9cf21be57ca4f893af8f0766ff2a0a1a9769587839385d0a83d859a4e9c15
626ce654089226425407380a34de50ac3b76f9996ea02fc6b5f6e62a8205effc
629fe75d41f76ad17942620890170b3900c141f9b3361f80c0ed6713bf090bb2
65d1f4107edac074187a9860cd5b04c7ccdbb8ce826ce02d123ac73e3fa417e8
660f26906289cf284b8ff2fe63b91605ca4cded25cc2d4e411b4aa0ab76daa15
668b90c3bed422fa7ce2453a294ceb2fd81419d2ad13813d53e8501072d79f16
677c86ee3a81750a39c1e559ac20f04712d0b05e684352a6a10bc2cbab01857b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b4d8e6fe99402511c73100844a0e91152ebdca5b00cf781ab933f6c3df0cbba
6c07e912d567c9f50f9e4eadba1832f41a64d8176e33cda0c9f7c7215dd23e1d
730458e207108233af8e957278708556f83f3ea6288c700da49a410d5ada78f8
730ca1cdc1e6d2ced816e75232e55deb339ba29c1fdbc8fd2e0f066f8cf4a8c5
772396b93bbc2b49886865d6d6a8bd735ddcb0f93c0524f3b0f06a07b81e3b3d
775b421c7ab418f51a4d3ab68341a2c3fa4339b486962b116518ae4a6d87ba39
7b3be0d7ef8e61c876771ee9f98e6c4f8371e42ba75df2a957797125afa130aa
806e0db9e5c58e0fb3216872f36b577c05fd85c132d2857effd68bf617c93b20
824a9d9843640ecfecb8a65c0634d1e434e1e1734a627ee3b61a8865a77b51d8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89cd7b5adb1bd8f60bac9f0452ac87fb69d41ec37a1affbeb7861589efc1cb8e
8bf8e13b3faec71a23e3747a41298a6299de8e80c81d720994f34e1329d5d2db
8e170827cf6b2dfdb810cef652d70f9cbd9ff58f4242cb735622833b5ff69bd3
914702be95867005465e8c2af8e61288a042038d21da262907e92541f52c417d
91a84b180b27ebbadb9ac78e22a48bd669d65a6f9b91a055744b01598951f3ac
934d76b68d78cf2c296cf8b3bd875d92252d2ef860863d06d327e21e22024c92
95dc7e6f49a67c65d925ae9492f80efa1c423cdce0f017755cf7fea0a79b0fb2
9911f73f950714d87676b1ff3c4685c89a46d7d9c6415e6a8d62ff5baff3d594
9aa3a4358606d29a00a882124ca983cbe0fab884b8875e41ad005e142f1ec151
9cdd0f9f4cab0273d5da3d36e90ebaf6951902f5044898bdaf39e5d1050dcd0f
9f08735bf3fd827bd630f3a6f3830af01cd045131d8bc8aeb7132e62c61c3a0c
a0996503e8d85c6eefe9d8f4baed25d65392a296f7d6e48567f12be53b0c8ef9
a271a3f9e3cae897ced669d6652699e947928ef095e56384c4f9dd04bbb942ec
a538fb95b058754402a193f6a0e990f52f8c1951c5eac2ec92816de4ad5e1caa
a7381aa21e062cf90c6e859a33680ff6ae1ba5b55bdead62f8f577fa58f970e4
a89ae81f53851b22a50180a10cc964a2610d3c3a6655227dc1063fc03783f9ae
aa8294e964a3825c3b9d6d9f0656985293b9c75c6b73dbe8ecb4885f1e831b42
ae867e5416ea1b36fc3639fa34e0f05d0479564476dbcc070b53002f99e6f314
afcaa42bb195222c7256c171ce771cdbd5feaa48db36fd8a314ae170e981d94d
b592cff0f9570c871bad97f9f51f58741b8cb30269d4a5408cc2804e19470091
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b8a0f6dac1867d481bc092876107d3e74a90796c731ffd832fe1223f497a748a
bde2d438b75926f92b81fb17e3f5fbf58e3c38bf444c0c0a1373ba94b325c8ed
be6207609e93dfb0c9bf8eaf578101c27e43f1df0fede33a6ed838743cb3bc9f
c423e412ad267cb49e3917d240f6237f978f29f7fd8f8c0a239b4029e9475067
c4ecaeddd2ed2f1ab45ee64888d6d11c8d9c25ca8c8eb305e88b0f90ee411c85
c5d633a21a51b5b177389579da506bffcfabb35d7de832a62405ba21e6ffc80a
c62ea47bbb8e3de31b9776b417a625c2f559072641375f4685388b78d0f7bc38
c90b96370a375165e76c6a3d44ebfa0d5bdd8e757b0391476d5698167b80901e
c9f2439380568573d9ceb4699da81f1567fb19ad32abc048fd6692a8afefff9b
ca2f25d36a39a661d9a7a8bb10fd4917918b2e60949f8043567b80388d6d24ed
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd4624d3b096b50fe90cf519cd60c2bed824519438411bbe57eb40a4cdfc09b1
cf3710ca42851be21ee425f876a5551d572ff4cc2d184bfee679286efaae0c83
cfb62d0ee56f68d7f6c106f7b52b659906631372992c1c6c39a38d2c698b7f9f
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d90ddefb489dd4d741a230f68b449de08b029fc17bbfb998fd46a0312f244e55
d973c00983915025138ac1e082efd63bca119ea8386b072b90cdbb776e81d87b
d99f385f57bce4688948238f5f2decb63505ed31708ff1c3d13db67a02091b27
da23668bd9fe558ee9a709ffbccc92f80f66bc9e8cc4575e3663ab2338da136f
db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c
db80fc10e88601df23ff168577941c556ca5cd53c02a4881933a3d5f364fe3d4
ddfa2698d0e94f34f301d26846e802529fdfba70a57255c3f544d2907b21d757
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df8a155067aecf06bf7f9964cbee639e49a02155d4e4817a14bcdee351e5c205
e179dda9a748b1407483b8cb1eefe85fa2e0fea0e665bc44d3c7a9eb3ed84bf4
e30adf70df2fe3f2b98b91506e88b5922ce8b2545b6aaf2dcffdcce2033b6419
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d385cd8529ac74ffacc1d9be04b4a4429da56b0ee53babb9c84912670d3873
eaf7221373593c0e4a65faa4c287d7ffb1e72ad132657afce892f394ca012fa0
eba9d539df6ae72f35176cdb5bebf48fd5f4ad1106367f01fc5b80e147d4ff70
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ec917657f5942d1cf3f5fa060ceb125e1af952a06325fad19e0f08aeceef3cb4
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f416609a888a9f156d72a7ec502a70f257b1902330e72ed9694ffe413c3b3864
f94bac8b94343f0386b168f8ea7cc5c50248c3af785ed49612b0d6bb6f2628cd
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fe3da02f63adf8e78681160fad93c693496c0a81285be102dc9f79b36088b821

dinheiro.osegredodaleidaatracao.com.br Open in urlscan Pro 213.136.68.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

136 Requests

100 %HTTPS

0 %IPv6

25 Domains

31 Subdomains

28 IPs

4 Countries

5711 kBTransfer

10438 kBSize

13 Cookies

4 Outgoing links

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dinheiro.osegredodaleidaatracao.com.br Open in urlscan Pro
213.136.68.210 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

100 %
HTTPS

0 %
IPv6

25
Domains

31
Subdomains

28
IPs

4
Countries

5711 kB
Transfer

10438 kB
Size

13
Cookies

136 HTTP transactions
1 data transactions