urlscan.io logo urlscan.io
SecurityTrails logo

bolsosemdividas.com.br Open in urlscan Pro
216.172.173.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.bolsosemdividas.com.br.excelencianobolso.com.br/
Effective URL: https://bolsosemdividas.com.br/
Submission Tags: @phishunt_io
Submission: On July 21 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 21 domains to perform 70 HTTP transactions. The main IP is 216.172.173.22, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is bolsosemdividas.com.br.
TLS certificate: Issued by R3 on July 20th 2021. Valid for: 3 months.
This is the only time bolsosemdividas.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    216.172.173.22 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 216-172-173-22.unifiedlayer.com
www.bolsosemdividas.com.br.excelencianobolso.com.br
bolsosemdividas.com.br
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    151.101.12.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.vimeo.com
9    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    52.6.56.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-56-7.compute-1.amazonaws.com
eduzz.info
sun.eduzz.com
edzz.la
lp.eduzz.com
5    151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
f.vimeocdn.com
i.vimeocdn.com
1    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    151.101.0.217 (United States)

ASN54113 (FASTLY, US)
vimeo.com
7    34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com
fresnel.vimeocdn.com
player-telemetry.vimeo.com
9    2a02:26f0:ea::1706:7078 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
33vod-adaptive.akamaized.net
5    2600:9000:21f3:e600:15:70be:e600:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.eduzzcdn.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2.16.186.216 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-216.deploy.static.akamaitechnologies.com
secure.mlstatic.com
4    104.18.18.83 (United States)

ASN13335 (CLOUDFLARENET, US)
js.iugu.com
kaptcha.iugu.com
2    107.23.32.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-32-171.compute-1.amazonaws.com
api.mercadopago.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    143.204.98.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-31.fra50.r.cloudfront.net
www.mercadolibre.com
1    2a00:1450:4001:800::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    13.226.145.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-22.dus51.r.cloudfront.net
www.mercadolivre.com
Domain Requested by
10 fonts.gstatic.com fonts.googleapis.com
9 33vod-adaptive.akamaized.net f.vimeocdn.com
9 bolsosemdividas.com.br bolsosemdividas.com.br
5 cdn.eduzzcdn.com sun.eduzz.com
5 fresnel.vimeocdn.com f.vimeocdn.com
3 www.mercadolibre.com cdn.eduzzcdn.com
bolsosemdividas.com.br
3 kaptcha.iugu.com js.iugu.com
cdn.eduzzcdn.com
3 sun.eduzz.com eduzz.info
sun.eduzz.com
cdn.eduzzcdn.com
3 f.vimeocdn.com player.vimeo.com
2 api.mercadopago.com secure.mlstatic.com
2 player-telemetry.vimeo.com f.vimeocdn.com
2 i.vimeocdn.com player.vimeo.com
2 connect.facebook.net bolsosemdividas.com.br
connect.facebook.net
1 lp.eduzz.com eduzz.info
1 edzz.la 1 redirects
1 www.mercadolivre.com bolsosemdividas.com.br
1 accounts.google.com sun.eduzz.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 js.iugu.com sun.eduzz.com
1 secure.mlstatic.com sun.eduzz.com
1 pagead2.googlesyndication.com sun.eduzz.com
1 vimeo.com f.vimeocdn.com
1 www.facebook.com bolsosemdividas.com.br
1 eduzz.info bolsosemdividas.com.br
1 player.vimeo.com bolsosemdividas.com.br
1 fonts.googleapis.com bolsosemdividas.com.br
1 www.bolsosemdividas.com.br.excelencianobolso.com.br 1 redirects
70 27

This site contains links to these domains. Also see Links.

Domain
sun.eduzz.com
Subject Issuer Validity Valid
www.jornadatesourodireto.excelencianobolso.com.br
R3		 2021-07-20 -
2021-10-18		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.vimeo.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-21 -
2022-06-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
eduzz.info
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-18 -
2022-06-19		 a year crt.sh
fresnel.vimeocdn.com
GTS CA 1D4		 2021-06-26 -
2021-09-25		 3 months crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
*.eduzz.com
Amazon		 2021-04-04 -
2022-05-03		 a year crt.sh
cdn.eduzzcdn.com
Amazon		 2020-10-16 -
2021-11-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.mlstatic.com
DigiCert Secure Site ECC CA-1		 2020-09-23 -
2021-09-23		 a year crt.sh
iugu.com
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
api.mercadopago.com
DigiCert SHA2 Secure Server CA		 2020-02-21 -
2022-02-25		 2 years crt.sh
www.mercadolibre.com
DigiCert SHA2 Extended Validation Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
accounts.google.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.mercadolivre.com
DigiCert SHA2 Extended Validation Server CA		 2021-02-24 -
2022-02-27		 a year crt.sh

This page contains 6 frames:

Primary Page: https://bolsosemdividas.com.br/
Frame ID: 7C5CE692871B30274E60450408B432DD
Requests: 24 HTTP requests in this frame

Frame: https://player.vimeo.com/video/382509353?autoplay=1&background=0&muted=0&portrait=1&byline=1&title=1&speed=0&color=00adef
Frame ID: 352334FDBB0A870F39A696DE3B45DF6C
Requests: 23 HTTP requests in this frame

Frame: https://sun.eduzz.com/pixel/preload
Frame ID: CE726C4444C69D74E969CB9E3AAD08B3
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210714/r20190131/zrt_lookup.html
Frame ID: 97703A8049E58FAD19623B1D009E801F
Requests: 1 HTTP requests in this frame

Frame: https://www.mercadolibre.com/jms/lgz/background?dps=armor.6a0807c90bdb94d68ee881bd6846c5c894764ba674a99e4d30788ef5491e1736bd83f0e32b2acef7f6e0b539ab63a595dd6bed2957946c48243467581ecf0cba0befff71630b823b2a661a21349a9b7f.9d1051a0fd0ccb37fb5a0a1056d64f56
Frame ID: 4FAFC51D8B9994A1933F254469F7F9E9
Requests: 1 HTTP requests in this frame

Frame: https://lp.eduzz.com/QY2CF?a=52700147&px=true
Frame ID: BC222CB8E545E65739EE4B785AF029A9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.bolsosemdividas.com.br.excelencianobolso.com.br/ HTTP 301
    https://bolsosemdividas.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

70
Requests

100 %
HTTPS

48 %
IPv6

21
Domains

27
Subdomains

21
IPs

3
Countries

5503 kB
Transfer

8560 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.bolsosemdividas.com.br.excelencianobolso.com.br/ HTTP 301
    https://bolsosemdividas.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://edzz.la/QY2CF?a=52700147&px=true HTTP 302
  • https://lp.eduzz.com/QY2CF?a=52700147&px=true

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bolsosemdividas.com.br/
Redirect Chain
  • https://www.bolsosemdividas.com.br.excelencianobolso.com.br/
  • https://bolsosemdividas.com.br/
128 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bolsosemdividas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.172.173.22 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
216-172-173-22.unifiedlayer.com
Software
Apache /
Resource Hash
4bfd197441e900dc29ce7a16a8f9526143d63a6e9498f3811ebe23503a7d9d9c

Request headers

:method
GET
:authority
bolsosemdividas.com.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:17 GMT
server
Apache
link
<https://bolsosemdividas.com.br/wp-json/>; rel="https://api.w.org/", <https://bolsosemdividas.com.br/>; rel=shortlink
vary
Accept-Encoding
content-encoding
gzip
accept-ranges
none
content-type
text/html; charset=UTF-8

Redirect headers

date
Wed, 21 Jul 2021 01:39:15 GMT
server
Apache
x-redirect-by
WordPress
location
https://bolsosemdividas.com.br/
content-length
0
content-type
text/html; charset=UTF-8
page-9.css
bolsosemdividas.com.br/wp-content/plugins/op-builder/public/assets/cache/ 		276 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bolsosemdividas.com.br/wp-content/plugins/op-builder/public/assets/cache/page-9.css?ver=adede5c4d9223008fa3616f8cb3c57de
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.172.173.22 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
216-172-173-22.unifiedlayer.com
Software
Apache /
Resource Hash
2c932577a0bb86bf5aed25d4901e0b6335ec532762222ba6ae9f3a6b3757362a

Request headers

:path
/wp-content/plugins/op-builder/public/assets/cache/page-9.css?ver=adede5c4d9223008fa3616f8cb3c57de
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bolsosemdividas.com.br
referer
https://bolsosemdividas.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bolsosemdividas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:18 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 18:04:54 GMT
server
Apache
accept-ranges
none
vary
Accept-Encoding
content-type
text/css
jquery.js
bolsosemdividas.com.br/wp-includes/js/jquery/ 		95 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bolsosemdividas.com.br/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.172.173.22 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
216-172-173-22.unifiedlayer.com
Software
Apache /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bolsosemdividas.com.br
referer
https://bolsosemdividas.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bolsosemdividas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:18 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 12:55:54 GMT
server
Apache
accept-ranges
none
vary
Accept-Encoding
content-type
application/javascript
jquery-migrate.min.js
bolsosemdividas.com.br/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bolsosemdividas.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.172.173.22 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
216-172-173-22.unifiedlayer.com
Software
Apache /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bolsosemdividas.com.br
referer
https://bolsosemdividas.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bolsosemdividas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:18 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 14:41:28 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
none
content-length
4444
css
fonts.googleapis.com/ 		32 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Montserrat:400,500,600,700,800|Muli:400,600,700,800|Open+Sans:400,600,700,800|Poppins:400,500,600,700,800
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
da174949c10470bf21173be597d88134dedf969e3ebb98537672aad5fe5b67e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bolsosemdividas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Jul 2021 01:39:18 GMT
server
ESF
date
Wed, 21 Jul 2021 01:39:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Jul 2021 01:39:18 GMT
photo-1496275068113-fff8c90750d1.jpg
bolsosemdividas.com.br/wp-content/uploads/2019/12/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bolsosemdividas.com.br/wp-content/uploads/2019/12/photo-1496275068113-fff8c90750d1.jpg
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.172.173.22 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
216-172-173-22.unifiedlayer.com
Software
Apache /
Resource Hash
71271778c745f09591683e6799e0fc17c93e1b70a72d66828159839f96dbfd01

Request headers

:path
/wp-content/uploads/2019/12/photo-1496275068113-fff8c90750d1.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bolsosemdividas.com.br
referer
https://bolsosemdividas.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bolsosemdividas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:19 GMT
last-modified
Wed, 11 Dec 2019 16:23:40 GMT
server
Apache
accept-ranges
bytes
content-length
20469
content-type
image/jpeg
wp-emoji-release.min.js
bolsosemdividas.com.br/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bolsosemdividas.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.3.8
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.172.173.22 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
216-172-173-22.unifiedlayer.com
Software
Apache /
Resource Hash
95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.3.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bolsosemdividas.com.br
referer
https://bolsosemdividas.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bolsosemdividas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:19 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 05:07:58 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
none
content-length
4893
page-9.js
bolsosemdividas.com.br/wp-content/plugins/op-builder/public/assets/cache/ 		684 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bolsosemdividas.com.br/wp-content/plugins/op-builder/public/assets/cache/page-9.js?ver=adede5c4d9223008fa3616f8cb3c57de
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.172.173.22 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
216-172-173-22.unifiedlayer.com
Software
Apache /
Resource Hash
cfe9545b4c0e288faf345ee5bde48bdab8e8fbb00d2b12eb7980222c1cb036ab

Request headers

:path
/wp-content/plugins/op-builder/public/assets/cache/page-9.js?ver=adede5c4d9223008fa3616f8cb3c57de
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bolsosemdividas.com.br
referer
https://bolsosemdividas.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bolsosemdividas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:19 GMT
content-encoding
gzip
last-modified
Wed, 29 Jul 2020 18:51:00 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
none
content-length
400
wp-embed.min.js
bolsosemdividas.com.br/wp-includes/js/ 		1 KB
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bolsosemdividas.com.br/wp-includes/js/wp-embed.min.js?ver=5.3.8
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.172.173.22 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
216-172-173-22.unifiedlayer.com
Software
Apache /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.3.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bolsosemdividas.com.br
referer
https://bolsosemdividas.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bolsosemdividas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:19 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 05:07:58 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
none
content-length
750
fbevents.js
connect.facebook.net/en_US/ 		95 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://bolsosemdividas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24676
x-xss-protection
0
pragma
public
x-fb-debug
uWF4Ak80lOjgtsJl5Yqhop2v3YxrjMxKLP6j2nCscKTB3fA9RG6uNxfabgQvWDsKnxB0i77siJrEHrtyjMMGTw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Wed, 21 Jul 2021 01:39:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
382509353
player.vimeo.com/video/ Frame 3523 		14 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/382509353?autoplay=1&background=0&muted=0&portrait=1&byline=1&title=1&speed=0&color=00adef
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3581336e5eca0349959012e8434036010f4e8f29a4904711f8209bcc6bca9259
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bolsosemdividas.com.br/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bolsosemdividas.com.br/

Response headers

Connection
keep-alive
Content-Length
4897
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Wed, 21 Jul 2021 01:49:19 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
0
X-VServer
infra-playproxy-b-2
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Wed, 21 Jul 2021 01:39:19 GMT
Age
0
X-Served-By
cache-fra19129-FRA
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1626831559.186251,VS0,VE193
Vary
Accept-Encoding
X-Player-Backend
p
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Montserrat:400,500,600,700,800|Muli:400,600,700,800|Open+Sans:400,600,700,800|Poppins:400,500,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bolsosemdividas.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 22:05:46 GMT
x-content-type-options
nosniff
age
99213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 22:05:46 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Montserrat:400,500,600,700,800|Muli:400,600,700,800|Open+Sans:400,600,700,800|Poppins:400,500,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bolsosemdividas.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 18:26:10 GMT
x-content-type-options
nosniff
age
112389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 18:26:10 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Montserrat:400,500,600,700,800|Muli:400,600,700,800|Open+Sans:400,600,700,800|Poppins:400,500,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bolsosemdividas.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 07:15:47 GMT
x-content-type-options
nosniff
age
239012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19272
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:11:03 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Jul 2022 07:15:47 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Montserrat:400,500,600,700,800|Muli:400,600,700,800|Open+Sans:400,600,700,800|Poppins:400,500,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bolsosemdividas.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 13:52:14 GMT
x-content-type-options
nosniff
age
42425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31120
x-xss-protection
0
last-modified
Wed, 15 Jul 2020 20:50:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 13:52:14 GMT
op3-icons.woff2
bolsosemdividas.com.br/wp-content/plugins/op-builder/public/assets/fonts/ 		201 KB
203 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bolsosemdividas.com.br/wp-content/plugins/op-builder/public/assets/fonts/op3-icons.woff2?ver=1.7.0
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/wp-content/plugins/op-builder/public/assets/cache/page-9.css?ver=adede5c4d9223008fa3616f8cb3c57de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
216.172.173.22 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
216-172-173-22.unifiedlayer.com
Software
Apache /
Resource Hash
bfc78e58c6f8590a40654086dc247a31c8fdf2ffa14bb060ee5c805dfefa754a

Request headers

:path
/wp-content/plugins/op-builder/public/assets/fonts/op3-icons.woff2?ver=1.7.0
pragma
no-cache
origin
https://bolsosemdividas.com.br
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
bolsosemdividas.com.br
referer
https://bolsosemdividas.com.br/wp-content/plugins/op-builder/public/assets/cache/page-9.css?ver=adede5c4d9223008fa3616f8cb3c57de
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://bolsosemdividas.com.br
Referer
https://bolsosemdividas.com.br/wp-content/plugins/op-builder/public/assets/cache/page-9.css?ver=adede5c4d9223008fa3616f8cb3c57de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:19 GMT
last-modified
Wed, 11 Dec 2019 16:17:39 GMT
server
Apache
accept-ranges
bytes
content-length
206100
content-type
font/woff2
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Montserrat:400,500,600,700,800|Muli:400,600,700,800|Open+Sans:400,600,700,800|Poppins:400,500,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bolsosemdividas.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 09:27:55 GMT
x-content-type-options
nosniff
age
58284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 09:27:55 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Montserrat:400,500,600,700,800|Muli:400,600,700,800|Open+Sans:400,600,700,800|Poppins:400,500,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bolsosemdividas.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 01:25:07 GMT
x-content-type-options
nosniff
age
87252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 01:25:07 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Montserrat:400,500,600,700,800|Muli:400,600,700,800|Open+Sans:400,600,700,800|Poppins:400,500,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bolsosemdividas.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 19:08:26 GMT
x-content-type-options
nosniff
age
109853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 19:08:26 GMT
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Montserrat:400,500,600,700,800|Muli:400,600,700,800|Open+Sans:400,600,700,800|Poppins:400,500,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e28d860a51754d183f6f97432fd94046cd31afb7ce65c8ea179b0ff63b3d84fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bolsosemdividas.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 12:06:18 GMT
x-content-type-options
nosniff
age
48781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7844
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:45 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:06:18 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Montserrat:400,500,600,700,800|Muli:400,600,700,800|Open+Sans:400,600,700,800|Poppins:400,500,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bolsosemdividas.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 09:11:24 GMT
x-content-type-options
nosniff
age
59275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 09:11:24 GMT
zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v8/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsans/v8/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:400,500,600,700|Montserrat:400,500,600,700,800|Muli:400,600,700,800|Open+Sans:400,600,700,800|Poppins:400,500,600,700,800
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ac23279590f18f4577084e3b030600ff80e7d4eaea2a52a9237579f3842f985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bolsosemdividas.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 01:25:20 GMT
x-content-type-options
nosniff
age
87239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17784
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:07:20 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 01:25:20 GMT
px.js
eduzz.info/dev/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eduzz.info/dev/js/px.js
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.56.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-56-7.compute-1.amazonaws.com
Software
/ Express
Resource Hash
cb9cbb39ee20c63d6147a56bb55668b3d0d7b430aaeb7c97a16e86ee3b6ba8e8

Request headers

Referer
https://bolsosemdividas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:19 GMT
x-powered-by
Express
etag
W/"4e9-r3lsnyEnAg3nxUQo+d4aYBxOHNU"
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Token
access-control-allow-headers
Content-Type,Authorization
content-length
1257
564423580946907
connect.facebook.net/signals/config/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/564423580946907?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1b4e58825c8ef5171ae50e9d5f738ed57b624bfc01192fc809083e700a87432a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://bolsosemdividas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
6bna1syvSWdpH+q96EerzuzFzk+ITfN7w56xsdPG2gQ+72qsIiJkP6XaQElQqhuYr/yhbPlI36IvLAzZ7Xs66A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 21 Jul 2021 01:39:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
player.js
f.vimeocdn.com/p/3.36.13/js/ Frame 3523 		644 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.36.13/js/player.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/382509353?autoplay=1&background=0&muted=0&portrait=1&byline=1&title=1&speed=0&color=00adef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a1bc50d9a65c6e2dbded639b8a97b948fe35bb308d120805671a24915b34991c

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:19 GMT
via
1.1 varnish, 1.1 varnish
age
122273
x-guploader-uploadid
ADPycdvWVmZyuKGSHls1Psr3SgODZ4DTI4h5tRpXs4GGbwOKM4xCBcx3U5AVyIIALkUA76osT5QnTL5wtjCT8jBJiIvV5ycdOA
x-cache
MISS, HIT
content-encoding
br
content-length
154113
x-served-by
cache-bwi5164-BWI, cache-fra19176-FRA
last-modified
Mon, 19 Jul 2021 15:32:39 GMT
server
UploadServer
x-timer
S1626831560.574835,VS0,VE0
etag
"3ec7b970a2fa5fc7aae40f386056180b"
vary
Accept-Encoding,x-http-method-override
content-type
application/javascript
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 32469
player.css
f.vimeocdn.com/p/3.36.13/css/ Frame 3523 		163 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.36.13/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/382509353?autoplay=1&background=0&muted=0&portrait=1&byline=1&title=1&speed=0&color=00adef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d80b4646113fdc936e31666521f84a329fac5730af8084cf8bbb5214644449b2

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:19 GMT
via
1.1 varnish, 1.1 varnish
age
122273
x-guploader-uploadid
ADPycdu4B-m2CrURMnNEb5pL0f01CTzZH5kBDoPQuF_DV_pgmdbhTux6GS5uwP6ObJPOJ1CSi4ISWEQMJmPhulpNOs4
x-cache
MISS, HIT
content-encoding
br
content-length
17715
x-served-by
cache-bwi5170-BWI, cache-fra19176-FRA
last-modified
Mon, 19 Jul 2021 15:32:40 GMT
server
UploadServer
x-timer
S1626831560.574634,VS0,VE0
etag
"328e1498b4efd97da6105f3b58300927"
vary
Accept-Encoding,x-http-method-override
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 61163
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame 3523 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/382509353?autoplay=1&background=0&muted=0&portrait=1&byline=1&title=1&speed=0&color=00adef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:19 GMT
content-encoding
gzip
age
8493246
x-cache
HIT, HIT
x-cache-hits
2, 1044856
content-length
1238
x-served-by
cache-bwi5144-BWI, cache-fra19176-FRA
last-modified
Tue, 13 Apr 2021 16:24:13 GMT
server
Apache
cache-control
max-age=315360000
x-timer
S1626831560.574879,VS0,VE0
etag
"a68-5bfdd0f8b0540"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
x-vimeo-dc
ge
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Apr 2031 18:25:13 GMT
/
www.facebook.com/tr/ 		44 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=564423580946907&ev=PageView&dl=https%3A%2F%2Fbolsosemdividas.com.br%2F&rl=&if=false&ts=1626831559689&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=28&fbp=fb.2.1626831559686.506284735&it=1626831559502&coo=false&rqm=GET
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bolsosemdividas.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 21 Jul 2021 01:39:19 GMT
vuid
vimeo.com/ablincoln/ Frame 3523 		0
791 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/ablincoln/vuid?pid=84d8ec741dc4b6ea64ac4e16d6b98964d6f216701626831559
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Via
1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Served-By
cache-bwi5146-BWI, cache-fra19156-FRA
X-Vimeo-DC
ge
Server
nginx
X-Timer
S1626831560.715423,VS0,VE120
X-Frame-Options
sameorigin
Date
Wed, 21 Jul 2021 01:39:19 GMT
Vary
User-Agent
Expires
Tue, 20 Jul 2021 13:39:19 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server
pweb-v12787-xr8qm
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
X-Cache-Hits
0, 0
player-test-impression
fresnel.vimeocdn.com/add/ Frame 3523 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Wed, 21 Jul 2021 01:39:19 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
843668020
i.vimeocdn.com/video/ Frame 3523 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/843668020?mw=800&mh=450
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/382509353?autoplay=1&background=0&muted=0&portrait=1&byline=1&title=1&speed=0&color=00adef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
489eb13809d93bd268587508e4d5097222f1b52ccf87a7554818b56fa1f8f58a

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:19 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
992755
x-viewmaster-lossless-format
false
x-cache
miss, HIT, MISS
x-backend-server
varnish
content-length
54739
viewmaster-server
viewmaster-us-central1-sht3
x-served-by
cache-dfw18679-DFW, cache-fra19176-FRA
x-timer
S1626831560.812842,VS0,VE153
etag
4b6f389af2d26548c7dc1855f2ed8e2a
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
4, 0
player-stats
fresnel.vimeocdn.com/add/ Frame 3523 		0
110 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=84d8ec741dc4b6ea64ac4e16d6b98964d6f216701626831559
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Wed, 21 Jul 2021 01:39:19 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
player-stats
fresnel.vimeocdn.com/add/ Frame 3523 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=84d8ec741dc4b6ea64ac4e16d6b98964d6f216701626831559
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Wed, 21 Jul 2021 01:39:19 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
play
player-telemetry.vimeo.com/player-events/log/ Frame 3523 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://player-telemetry.vimeo.com/player-events/log/play
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Wed, 21 Jul 2021 01:39:19 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
content-type
text/html; charset=UTF-8
master.json
33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f... Frame 3523 		41 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f5e0/sep/video/966c69d2,40705633,e755e4b0,5b4047af,d4a74c94/master.json?base64_init=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:ea::1706:7078 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5c5965f06083ae3d8d4b94c3433f827117a295424b6a5b466a7844b09b05d166

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Jul 2021 01:39:20 GMT
X-VIM-CACHEBC
EP:H11,E:m,TD0:m,CW:h
Origin-Retrieved-Hour
1626040800
Timing-Allow-Origin
*
Connection
keep-alive
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
41545
AK-REFERENCE-ID
0.74700617.1626831560.1fdfe711
Akamai-Mon-Iucid-Del
877678
Aka-c-hit
cache-hit
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Cache-Control
max-age=1801485
Akamai-Edge-IP
2a02:26f0:ea::1706:7078
Content-Type
application/json
Access-Control-Allow-Headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent
preload
sun.eduzz.com/pixel/ Frame CE72 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sun.eduzz.com/pixel/preload
Requested by
Host: eduzz.info
URL: https://eduzz.info/dev/js/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.56.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-56-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1a8aa381ef0ce8ecd830e0bf942b9940f727af6ad327b9b2dbc90adeda8d5e64
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
sun.eduzz.com
:scheme
https
:path
/pixel/preload
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bolsosemdividas.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bolsosemdividas.com.br/

Response headers

date
Wed, 21 Jul 2021 01:39:20 GMT
content-type
text/html; charset=utf-8
server
nginx
vary
Accept-Encoding
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers
Content-Length,Content-Range
x-content-type-options
nosniff
content-encoding
gzip
player-stats
fresnel.vimeocdn.com/add/ Frame 3523 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=84d8ec741dc4b6ea64ac4e16d6b98964d6f216701626831559
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Wed, 21 Jul 2021 01:39:20 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
segment-1.m4s
33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f... Frame 3523 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f5e0/sep/audio/40705633/chop/segment-1.m4s
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a02:26f0:ea::1706:7078 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e7272549040f6ca1cf51d75674e6e5de8e5739483efaa67f84a493b95c05747c

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:20 GMT
x-vim-cachebc
EP:Q,E:m,TD0:m,CW:m,PE:h
using-starlord
true
origin-retrieved-hour
1626037200
timing-allow-origin
*
akamai-mon-iucid-del
879819
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
47990
ak-reference-id
0.74700617.1626831560.1fdfe736
aka-c-hit
cache-hit
access-control-allow-origin
*
access-control-expose-headers
Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control
max-age=1798803
akamai-edge-ip
2a02:26f0:ea::1706:7078
content-type
video/mp4
access-control-allow-headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version
Q050
encrypt.js
cdn.eduzzcdn.com/sun/assets/ Frame CE72 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eduzzcdn.com/sun/assets/encrypt.js
Requested by
Host: sun.eduzz.com
URL: https://sun.eduzz.com/pixel/preload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:e600:15:70be:e600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14a2dbb1d7cac4421a1a028b0bee2f5939b18f54bb52447e2278167eacf53aea

Request headers

Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 16:46:20 GMT
content-encoding
gzip
last-modified
Fri, 18 Sep 2020 18:23:59 GMT
server
AmazonS3
age
11955181
etag
"8e59990fccf8807ce2ef90ffcd9e2221"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
16434
x-amz-cf-id
RqUEcA1U5-QV_umYrGUMhR9U7rLaULDUiORNHTNuQpsPLVqXU1DtHQ==
expires
600000
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame CE72 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: sun.eduzz.com
URL: https://sun.eduzz.com/pixel/preload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b30b8070c6a6594ec12fa3c56e77daeed648c260cb9988c260ddbd17a168ef20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48506
x-xss-protection
0
server
cafe
etag
15052188037427859029
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 21 Jul 2021 01:39:20 GMT
2.2b501eca.chunk.css
cdn.eduzzcdn.com/sun/assets/static/css/ Frame CE72 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eduzzcdn.com/sun/assets/static/css/2.2b501eca.chunk.css
Requested by
Host: sun.eduzz.com
URL: https://sun.eduzz.com/pixel/preload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:e600:15:70be:e600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2917d5fdea53a6612df9d0f088e91a503a49737ff1b4c3dc21a085e7779458e9

Request headers

Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 14:24:59 GMT
content-encoding
gzip
last-modified
Mon, 19 Jul 2021 13:40:14 GMT
server
AmazonS3
age
126862
etag
"13fdb63ecb1e7e45390bbac95e606e10"
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control
max-age=5184000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
1395
x-amz-cf-id
vBg2KSVHLIU0QVwWxPHizb3L3RA41pQrH9NP9SAL634tH_MZ_DSKcw==
mercadopago.js
secure.mlstatic.com/sdk/javascript/v1/ Frame CE72 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.mlstatic.com/sdk/javascript/v1/mercadopago.js
Requested by
Host: sun.eduzz.com
URL: https://sun.eduzz.com/pixel/preload
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-216.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
e500a102e1cd0838e9849974530f699a1feda134dbfeadfad631248ec348ba21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 21 Jul 2021 01:39:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-D2id
86b85e38-8d6b-4843-af98-9f20a05d52aa
x-envoy-upstream-service-time
3
Connection
keep-alive
Cache-Access-Control-Allow-Origin
*
Content-Length
9086
X-XSS-Protection
1; mode=block
X-Request-Id
86b85e38-8d6b-4843-af98-9f20a05d52aa
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 04 Dec 2020 21:26:16 GMT
Server
Tengine
ETag
"70288-9086-1607117176000"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
v2
js.iugu.com/ Frame CE72 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.iugu.com/v2
Requested by
Host: sun.eduzz.com
URL: https://sun.eduzz.com/pixel/preload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07d6a21e54cc4e3a3037bbfa44884caa007bb8c93de922fa5b74a48773460984
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:20 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
418836
cf-polished
origSize=13167
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Fri, 29 May 2020 15:35:27 GMT
server
cloudflare
etag
W/"5ed12bbf-336f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
expires
Wed, 21 Jul 2021 05:39:20 GMT
cache-control
public, max-age=14400
cf-ray
6720b7037df42c56-FRA
cf-bgj
minify
runtime-main.53d2c55d.js
cdn.eduzzcdn.com/sun/assets/static/js/ Frame CE72 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eduzzcdn.com/sun/assets/static/js/runtime-main.53d2c55d.js
Requested by
Host: sun.eduzz.com
URL: https://sun.eduzz.com/pixel/preload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:e600:15:70be:e600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1d7521e880e20f0861b0712a280826c535762ded11f17ce9a0e6bdf106e1f9e

Request headers

Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Jul 2021 12:23:28 GMT
content-encoding
gzip
last-modified
Tue, 13 Jul 2021 18:07:11 GMT
server
AmazonS3
age
566153
etag
"f46aefac00bf6f3933ff9b2a6766b508"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control
max-age=5184000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
1235
x-amz-cf-id
UL3PyAMVWDzHtwrA_AtFREeS74geDZuLI5Q2JYR6mac-hrHz0Q88nQ==
2.8dc45519.chunk.js
cdn.eduzzcdn.com/sun/assets/static/js/ Frame CE72 		2 MB
498 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eduzzcdn.com/sun/assets/static/js/2.8dc45519.chunk.js
Requested by
Host: sun.eduzz.com
URL: https://sun.eduzz.com/pixel/preload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:e600:15:70be:e600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c601e373616bd4b9f4b6702b511066ed15ad7e6fedde65029a4876d24b93f5b

Request headers

Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:10:00 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 12:31:47 GMT
server
AmazonS3
age
26961
etag
"214a11b02b2259ed82924575c586f42c"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control
max-age=5184000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
509272
x-amz-cf-id
YhbAMve2DEoYj0F1Qwg4Nx8081-8khmD21Gxg35B_jgHucN82biutQ==
main.1fa5371b.chunk.js
cdn.eduzzcdn.com/sun/assets/static/js/ Frame CE72 		583 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eduzzcdn.com/sun/assets/static/js/main.1fa5371b.chunk.js
Requested by
Host: sun.eduzz.com
URL: https://sun.eduzz.com/pixel/preload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:e600:15:70be:e600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dca7013d1dc119eeee66e26dfb0bdbf65be3ea04ee664e92881642ca155b3940

Request headers

Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 18:10:00 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 12:31:47 GMT
server
AmazonS3
age
26961
etag
"96268027a20d9c9fb9a66bdf8752f620"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control
max-age=5184000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
150288
x-amz-cf-id
dDjKRqrZoIb7iqlRlMKp73T_zt79g8L_tXha-WlZRdMR2sVqnAotCg==
favicon.ico
sun.eduzz.com/ Frame CE72 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sun.eduzz.com/favicon.ico
Requested by
Host: sun.eduzz.com
URL: https://sun.eduzz.com/pixel/preload
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.56.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-56-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sun.eduzz.com/pixel/preload
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=2592000
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
1150
expires
Tue, 01 Jan 2030 00:00:00 GMT
widgets
api.mercadopago.com/v1/devices/ Frame CE72 		37 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mercadopago.com/v1/devices/widgets?referer=https%3A//sun.eduzz.com
Requested by
Host: secure.mlstatic.com
URL: https://secure.mlstatic.com/sdk/javascript/v1/mercadopago.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.32.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-32-171.compute-1.amazonaws.com
Software
/
Resource Hash
adcca2cd0c783c19fc11d340f57f44f97a4726f64d8e22d18a1340069544365a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Jul 2021 01:39:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-transaction-name
public_get_session_widget
strict-transport-security
max-age=16070400; includeSubDomains; preload
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://sun.eduzz.com
access-control-max-age
86400
cache-control
max-age=0, private, no-store, no-cache, must-revalidate
timing-allow-origin
*
access-control-allow-headers
Content-Type
x-xss-protection
1; mode=block
x-request-id
d5d0f98f-b915-4cce-aabc-0a4f9961ae41
widgets
api.mercadopago.com/v1/devices/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mercadopago.com/v1/devices/widgets?referer=https%3A//sun.eduzz.com
Protocol
H2
Server
107.23.32.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-32-171.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://sun.eduzz.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 21 Jul 2021 01:39:20 GMT
content-type
application/json
content-length
0
cache-control
max-age=0, private, no-store, no-cache, must-revalidate
access-control-allow-origin
https://sun.eduzz.com
x-content-type-options
nosniff
x-request-id
6083440a-fb53-4d55-8909-04b633dee688
x-xss-protection
1; mode=block
strict-transport-security
max-age=16070400; includeSubDomains; preload
access-control-allow-headers
content-type
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
access-control-max-age
86400
timing-allow-origin
*
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210714/r20190131/ Frame 9770 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210714/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210714/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sun.eduzz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sun.eduzz.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 20 Jul 2021 16:30:53 GMT
expires
Tue, 03 Aug 2021 16:30:53 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
32907
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
translations
sun.eduzz.com/ Frame CE72 		42 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sun.eduzz.com/translations
Requested by
Host: cdn.eduzzcdn.com
URL: https://cdn.eduzzcdn.com/sun/assets/static/js/2.8dc45519.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.56.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-56-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2451b27216c72f3608e2e750f005d17e6648acbf5859eceb88174bf9ca8d44ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://sun.eduzz.com/pixel/preload
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Jul 2021 01:39:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
sdk
kaptcha.iugu.com/collect/ Frame CE72 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kaptcha.iugu.com/collect/sdk?m=100164
Requested by
Host: js.iugu.com
URL: https://js.iugu.com/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
284641bdf135d8301ecb0d942ea8ce4b929868177d0c0873e87e2cf5e6da16e8

Request headers

Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Jul 2021 01:39:20 GMT
x-correlation-id
f28c74cd-c216-42b8-92f6-4c1982a2f984
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP=CAO PSA OUR
access-control-allow-origin
*
content-encoding
br
cache-control
no-cache, no-store, must-revalidate, private
cf-ray
6720b705c8762c56-FRA
content-type
text/javascript
expires
0
segment-1.m4s
33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f... Frame 3523 		233 KB
233 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f5e0/sep/video/40705633/chop/segment-1.m4s
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a02:26f0:ea::1706:7078 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
244768e12c5c2b31b552341e2a188a6925d7bcd2524a3c37abd21c0613a6691b

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:20 GMT
x-vim-cachebc
EP:Q,E:m,TD0:m,CW:h
using-starlord
true
origin-retrieved-hour
1625889600
timing-allow-origin
*
akamai-mon-iucid-del
879819
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
238624
ak-reference-id
0.74700617.1626831560.1fdfe766
aka-c-hit
cache-hit
access-control-allow-origin
*
access-control-expose-headers
Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control
max-age=1652675
akamai-edge-ip
2a02:26f0:ea::1706:7078
content-type
video/mp4
access-control-allow-headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version
Q050
etid
www.mercadolibre.com/jms/lgz/background/ Frame CE72 		0
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mercadolibre.com/jms/lgz/background/etid
Requested by
Host: cdn.eduzzcdn.com
URL: https://cdn.eduzzcdn.com/sun/assets/static/js/2.8dc45519.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-31.fra50.r.cloudfront.net
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-meli-trace-site
UNKNOWN
date
Wed, 21 Jul 2021 01:39:21 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-d2id
37bc68b0-5d94-44c3-a1ec-98ff37026190
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
x-meli-trace-platform
/web/desktop
x-xss-protection
1; mode=block
x-request-id
37bc68b0-5d94-44c3-a1ec-98ff37026190
referrer-policy
no-referrer-when-downgrade
server
Tengine
etag
ecf487f3-a555-47a8-b032-c8e2ad32d5f4-1626831561138
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
private, must-revalidate, proxy-revalidate
content-length
0
x-meli-trace-bu
mercadolibre
x-amz-cf-id
i2GzNM84DPO9-Ixp_1GFQNFamc6YwyE2iWHQYmD4LJpWtJQxkd4oGQ==
x-request-device-id
37bc68b0-5d94-44c3-a1ec-98ff37026190
ServiceLogin
accounts.google.com/ Frame CE72 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: sun.eduzz.com
URL: https://sun.eduzz.com/pixel/preload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
segment-1.m4s
33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f... Frame 3523 		188 KB
188 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f5e0/sep/audio/966c69d2/chop/segment-1.m4s
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a02:26f0:ea::1706:7078 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e05a775fa9e58b67228ff2390b726bffab77389c2f869d29a26b626862f83902

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:21 GMT
x-vim-cachebc
EP:Q,E:m,TD0:m,CW:h
using-starlord
true
origin-retrieved-hour
1624626000
timing-allow-origin
*
akamai-mon-iucid-del
879819
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
192014
ak-reference-id
0.74700617.1626831561.1fdfe78f
aka-c-hit
cache-hit
access-control-allow-origin
*
access-control-expose-headers
Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control
max-age=387747
akamai-edge-ip
2a02:26f0:ea::1706:7078
content-type
video/mp4
access-control-allow-headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version
Q050
kasupport
kaptcha.iugu.com/collect/ Frame CE72 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kaptcha.iugu.com/collect/kasupport
Requested by
Host: cdn.eduzzcdn.com
URL: https://cdn.eduzzcdn.com/sun/assets/static/js/2.8dc45519.chunk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.18.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ea9ce921b7f5ae17adeea623bde667e1788ed17e62cd650025e837c0ec964b4

Request headers

Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 21 Jul 2021 01:39:21 GMT
x-correlation-id
3488fbee-ab74-4101-80f4-47dcb448d3db
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6720b7082c489742-FRA
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
0
armor.6a0807c90bdb94d68ee881bd6846c5c894764ba674a99e4d30788ef5491e1736bd83f0e32b2acef7f6e0b539ab63a595dd6bed2957946c48243467581ecf0cba0befff71630b823b2a661a21349a9b7f.9d1051a0fd0ccb37fb5a0a1056d64f56
www.mercadolivre.com/jms/mlb/lgz/background/session/ Frame CE72 		78 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mercadolivre.com/jms/mlb/lgz/background/session/armor.6a0807c90bdb94d68ee881bd6846c5c894764ba674a99e4d30788ef5491e1736bd83f0e32b2acef7f6e0b539ab63a595dd6bed2957946c48243467581ecf0cba0befff71630b823b2a661a21349a9b7f.9d1051a0fd0ccb37fb5a0a1056d64f56?background=armor.6a0807c90bdb94d68ee881bd6846c5c894764ba674a99e4d30788ef5491e1736bd83f0e32b2acef7f6e0b539ab63a595dd6bed2957946c48243467581ecf0cba0befff71630b823b2a661a21349a9b7f.9d1051a0fd0ccb37fb5a0a1056d64f56&message=eyJhZF9ibG9jayI6dHJ1ZSwiY2FudmFzIjoiY2FmMWQ0OGU4NDhkZTRhMDYyMGRjNzc4OTNiNTFiYTAiLCJjb25uZWN0aW9uIjp7ImRvd25saW5rIjo5LjUsInJ0dCI6InVua25vd24iLCJ0eXBlIjoiNGcifSwiY29va2llX2VuYWJsZWQiOnRydWUsImRldmljZV9tZW1vcnkiOjgsImRvX25vdF90cmFjayI6bnVsbCwiZXRhZyI6bnVsbCwiZm9udHMiOnsib3MiOjI5MTQsIm90aGVyX29zIjoiW10iLCJub3Rfb3MiOi0yMDUwMDgxMTY0fSwiaGFyZHdhcmVfY29uY3VycmVuY3kiOjE2LCJoaXN0b3J5IjoyLCJpbmNvZ25pdG8iOmZhbHNlLCJqc190eXBlIjoianNfaGFzaCIsImxhbmciOiJlbi1VUyIsImxhbmd1YWdlcyI6WyJlbi1VUyJdLCJsaXRlcmFsX2NvbG9ycyI6OTU0MTAxOTk3LCJsb2NhbF9zdG9yYWdlIjpmYWxzZSwibG9naW5fZGV0ZWN0aW9uIjp7Imdvb2dsZSI6ZmFsc2V9LCJtYXRoX251bWJlciI6MTEwMjMuMzg3NDA2MTUwOTQsIm9wZW5fZGF0YWJhc2UiOmZhbHNlLCJwaXhlbF9yYXRpbyI6MSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ3ZWJnbCI6Im5vdF9zdXBwb3J0ZWQiLCJwbHVnaW5zIjp7fSwicmVzb2x1dGlvbiI6IjEyMDB4MTYwMHgyNCIsInNjcmVlbiI6eyJvcmllbnRhdGlvbiI6MCwidHlwZSI6ImxhbmRzY2FwZS1wcmltYXJ5IiwiYXZhaWxfaGVpZ2h0IjoxMjAwLCJhdmFpbF9sZWZ0IjowLCJhdmFpbF90b3AiOjAsImF2YWlsX3dpZHRoIjoxNjAwfSwic2Vzc2lvbl9zdG9yYWdlIjp0cnVlLCJ0aW1lIjp7ImNhbnZhcyI6MzcsIndlYmdsIjoxLCJ1c2VyZm9udHMiOjMsImJyb3dzZXJwbHVnaW5zIjowLCJwbHVnaW5zIjowLCJpbnN0YWxsZWRmb250cyI6MywiaGFzaCI6NDcsInRvdGFsIjo0N30sInRpbWVfYmFzZWRfZnAiOjAuMDk5OTk4NDc0MTIxMDkzNzUsInRpbWVfem9uZV9uYW1lIjoiRXVyb3BlL0JlcmxpbiIsInRpbWVfem9uZV9vZmZzZXQiOi0xMjAsInRvdWNoX3BvaW50cyI6MCwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsInZlbmRvciI6Ikdvb2dsZSBJbmMuIiwid2luZG93X3NpemUiOnsiaW5uZXIiOiIweDAiLCJvdXRlciI6IjEyMDB4MTYwMCJ9LCJ3ZWJkcml2ZXIiOnRydWUsImluc3RhbGxlZF9mb250cyI6W10sImluc3RhbGxlZF9wbHVnaW5zIjpbXSwibGlnaHRfdmVyc2lvbiI6ZmFsc2V9
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-22.dus51.r.cloudfront.net
Software
Tengine /
Resource Hash
1a5bb92d3a4f3d6c5260b0cebc7fd5fc9da5afc7dbba4716771abbb64922fcce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-meli-trace-site
UNKNOWN
date
Wed, 21 Jul 2021 01:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-d2id
88609e63-034f-44c4-959c-7c2f58aff018
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
x-transaction-name
save_js_profiling
x-envoy-upstream-service-time
1
x-meli-trace-platform
/web/desktop
x-xss-protection
1; mode=block
x-request-id
88609e63-034f-44c4-959c-7c2f58aff018
referrer-policy
no-referrer-when-downgrade
server
Tengine
content-type
image/svg+xml
via
1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
cache-control
max-age=0, private, no-store, no-cache, must-revalidate
x-meli-trace-bu
mercadolibre
x-amz-cf-id
TfpzHW91JbT3UxCP49BMP1cgFyofOk_wXQJvHYMvHlVjM2FFknnsWA==
x-request-device-id
88609e63-034f-44c4-959c-7c2f58aff018
armor.6a0807c90bdb94d68ee881bd6846c5c894764ba674a99e4d30788ef5491e1736bd83f0e32b2acef7f6e0b539ab63a595dd6bed2957946c48243467581ecf0cba0befff71630b823b2a661a21349a9b7f.9d1051a0fd0ccb37fb5a0a1056d64f56
www.mercadolibre.com/jms/lgz/background/session/ Frame CE72 		78 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mercadolibre.com/jms/lgz/background/session/armor.6a0807c90bdb94d68ee881bd6846c5c894764ba674a99e4d30788ef5491e1736bd83f0e32b2acef7f6e0b539ab63a595dd6bed2957946c48243467581ecf0cba0befff71630b823b2a661a21349a9b7f.9d1051a0fd0ccb37fb5a0a1056d64f56?background=armor.6a0807c90bdb94d68ee881bd6846c5c894764ba674a99e4d30788ef5491e1736bd83f0e32b2acef7f6e0b539ab63a595dd6bed2957946c48243467581ecf0cba0befff71630b823b2a661a21349a9b7f.9d1051a0fd0ccb37fb5a0a1056d64f56&message=eyJqc190eXBlIjoianNfY29va2llIiwidmFsdWUiOiJ4In0%3D
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-31.fra50.r.cloudfront.net
Software
Tengine /
Resource Hash
1a5bb92d3a4f3d6c5260b0cebc7fd5fc9da5afc7dbba4716771abbb64922fcce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-meli-trace-site
UNKNOWN
date
Wed, 21 Jul 2021 01:39:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-d2id
5332b1be-7a50-45f4-8217-54b0a78fc0cc
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-transaction-name
save_js_profiling
x-envoy-upstream-service-time
7
x-meli-trace-platform
/web/desktop
x-xss-protection
1; mode=block
x-request-id
5332b1be-7a50-45f4-8217-54b0a78fc0cc
referrer-policy
no-referrer-when-downgrade
server
Tengine
content-type
image/svg+xml
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
cache-control
max-age=0, private, no-store, no-cache, must-revalidate
x-meli-trace-bu
mercadolibre
x-amz-cf-id
plGgij7A-u38BHz3q56NBRnT0c3UfrGOPz3XKtG0Q9PXKqm0bM9iQg==
x-request-device-id
5332b1be-7a50-45f4-8217-54b0a78fc0cc
background
www.mercadolibre.com/jms/lgz/ Frame 4FAF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mercadolibre.com/jms/lgz/background?dps=armor.6a0807c90bdb94d68ee881bd6846c5c894764ba674a99e4d30788ef5491e1736bd83f0e32b2acef7f6e0b539ab63a595dd6bed2957946c48243467581ecf0cba0befff71630b823b2a661a21349a9b7f.9d1051a0fd0ccb37fb5a0a1056d64f56
Requested by
Host: bolsosemdividas.com.br
URL: https://bolsosemdividas.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-31.fra50.r.cloudfront.net
Software
Tengine /
Resource Hash
0fa002ae5cb81b3973940b189c7cd567e911ec7f2f5609b041c8e2f13dc98f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.mercadolibre.com
:scheme
https
:path
/jms/lgz/background?dps=armor.6a0807c90bdb94d68ee881bd6846c5c894764ba674a99e4d30788ef5491e1736bd83f0e32b2acef7f6e0b539ab63a595dd6bed2957946c48243467581ecf0cba0befff71630b823b2a661a21349a9b7f.9d1051a0fd0ccb37fb5a0a1056d64f56
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sun.eduzz.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://sun.eduzz.com/

Response headers

content-type
text/html
date
Wed, 21 Jul 2021 01:39:21 GMT
server
Tengine
set-cookie
_d2id=2867938d-23a0-4df8-9fec-005fed9b80f7-n; Path=/; Domain=.mercadolibre.com; Expires=Thu, 21 Jul 2022 01:39:21 GMT
x-transaction-name
cross_domain_profiler
content-encoding
gzip
x-envoy-upstream-service-time
3
x-request-id
2867938d-23a0-4df8-9fec-005fed9b80f7
x-request-device-id
2867938d-23a0-4df8-9fec-005fed9b80f7
x-d2id
2867938d-23a0-4df8-9fec-005fed9b80f7
x-meli-trace-site
UNKNOWN
x-meli-trace-platform
/web/desktop
x-meli-trace-bu
mercadolibre
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-cache
Miss from cloudfront
via
1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
CZvmM4M_z-aP3iiK18_JfVED4sZ533-wuBXoIkuRJzzF-HhdK6QnJg==
cookiestore
kaptcha.iugu.com/collect/ Frame CE72 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kaptcha.iugu.com/collect/cookiestore
Requested by
Host: cdn.eduzzcdn.com
URL: https://cdn.eduzzcdn.com/sun/assets/static/js/2.8dc45519.chunk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.18.18.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sun.eduzz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 21 Jul 2021 01:39:21 GMT
x-correlation-id
480a7b43-dc7f-4ceb-99dc-0f7f962eb585
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private
cf-ray
6720b709ac7a9742-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
0
expires
0
segment-1.m4s
33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f... Frame 3523 		1010 KB
1010 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f5e0/sep/video/966c69d2/chop/segment-1.m4s
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a02:26f0:ea::1706:7078 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a9936d9f5584b1f3d80590d92b62b6c65f17ef7cd2aab56f89252b3c2b2a6c17

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:21 GMT
x-vim-cachebc
EP:Q,E:m,TD0:m,CW:h
using-starlord
true
origin-retrieved-hour
1625014800
timing-allow-origin
*
akamai-mon-iucid-del
879819
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1034119
ak-reference-id
0.74700617.1626831561.1fdfe7e5
aka-c-hit
cache-hit
access-control-allow-origin
*
access-control-expose-headers
Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control
max-age=778175
akamai-edge-ip
2a02:26f0:ea::1706:7078
content-type
video/mp4
access-control-allow-headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version
Q050
QY2CF
lp.eduzz.com/ Frame BC22
Redirect Chain
  • https://edzz.la/QY2CF?a=52700147&px=true
  • https://lp.eduzz.com/QY2CF?a=52700147&px=true
164 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.eduzz.com/QY2CF?a=52700147&px=true
Requested by
Host: eduzz.info
URL: https://eduzz.info/dev/js/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.56.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-56-7.compute-1.amazonaws.com
Software
/ Express
Resource Hash
d5ab8093d7963871561a19ee1bc8d79dcd23611c987bc76239899540e20ff915

Request headers

:method
GET
:authority
lp.eduzz.com
:scheme
https
:path
/QY2CF?a=52700147&px=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bolsosemdividas.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bolsosemdividas.com.br/

Response headers

date
Wed, 21 Jul 2021 01:39:22 GMT
content-type
text/html; charset=utf-8
content-length
164
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true

Redirect headers

server
awselb/2.0
date
Wed, 21 Jul 2021 01:39:22 GMT
content-type
text/html
content-length
110
location
https://lp.eduzz.com:443/QY2CF?a=52700147&px=true
partial
player-telemetry.vimeo.com/player-events/log/ Frame 3523 		0
41 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://player-telemetry.vimeo.com/player-events/log/partial
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Wed, 21 Jul 2021 01:39:22 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
content-type
text/html; charset=UTF-8
843668020
i.vimeocdn.com/video/ Frame 3523 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/843668020?mw=800&mh=450
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/382509353?autoplay=1&background=0&muted=0&portrait=1&byline=1&title=1&speed=0&color=00adef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
489eb13809d93bd268587508e4d5097222f1b52ccf87a7554818b56fa1f8f58a

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:22 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
992757
x-viewmaster-lossless-format
false
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
54739
viewmaster-server
viewmaster-us-central1-sht3
x-served-by
cache-dfw18679-DFW, cache-fra19176-FRA
x-timer
S1626831562.117938,VS0,VE0
etag
4b6f389af2d26548c7dc1855f2ed8e2a
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
4, 1
player-stats
fresnel.vimeocdn.com/add/ Frame 3523 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=84d8ec741dc4b6ea64ac4e16d6b98964d6f216701626831559
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Wed, 21 Jul 2021 01:39:22 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
segment-2.m4s
33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f... Frame 3523 		187 KB
187 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f5e0/sep/audio/966c69d2/chop/segment-2.m4s
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a02:26f0:ea::1706:7078 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d3889af39aab2012444b64623f30f242332c9b3f7b1da93afec0e1c44957debd

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:22 GMT
x-vim-cachebc
EP:Q,E:m,TD0:m,CW:h
using-starlord
true
origin-retrieved-hour
1625418000
timing-allow-origin
*
akamai-mon-iucid-del
879819
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
191176
ak-reference-id
0.74700617.1626831562.1fdfe862
aka-c-hit
cache-hit
access-control-allow-origin
*
access-control-expose-headers
Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control
max-age=1179700
akamai-edge-ip
2a02:26f0:ea::1706:7078
content-type
video/mp4
access-control-allow-headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version
Q050
segment-2.m4s
33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f... Frame 3523 		1013 KB
1013 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f5e0/sep/video/966c69d2/chop/segment-2.m4s
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a02:26f0:ea::1706:7078 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c944634ef9375b3455a2642302462db617df209ea96d30e709a204dedc3fee6a

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:22 GMT
x-vim-cachebc
EP:Q,E:m,TD0:m,CW:m,PE:h
using-starlord
true
origin-retrieved-hour
1626206400
timing-allow-origin
*
akamai-mon-iucid-del
879819
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1037693
ak-reference-id
0.74700617.1626831562.1fdfe884
aka-c-hit
cache-hit
access-control-allow-origin
*
access-control-expose-headers
Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control
max-age=1967236
akamai-edge-ip
2a02:26f0:ea::1706:7078
content-type
video/mp4
access-control-allow-headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version
Q050
segment-3.m4s
33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f... Frame 3523 		187 KB
187 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f5e0/sep/audio/966c69d2/chop/segment-3.m4s
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a02:26f0:ea::1706:7078 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4e755c0b6b39ad53e30bcba03a70e1cea3672330469add0bf88dec1db25324ce

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:23 GMT
x-vim-cachebc
EP:Q,E:m,TD0:m,CW:h
using-starlord
true
origin-retrieved-hour
1624669200
timing-allow-origin
*
akamai-mon-iucid-del
879819
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
191778
ak-reference-id
0.74700617.1626831563.1fdfe8c9
aka-c-hit
cache-hit
access-control-allow-origin
*
access-control-expose-headers
Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control
max-age=432767
akamai-edge-ip
2a02:26f0:ea::1706:7078
content-type
video/mp4
access-control-allow-headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version
Q050
segment-3.m4s
33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f... Frame 3523 		1022 KB
1022 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://33vod-adaptive.akamaized.net/exp=1626835459~acl=%2Fc22299ab-8291-44b7-b1b4-9ce4efe1f5e0%2F%2A~hmac=220e9ee650dfff45689fe1166664bbfc7e740836513c72a78fdd621f57c32d5e/c22299ab-8291-44b7-b1b4-9ce4efe1f5e0/sep/video/966c69d2/chop/segment-3.m4s
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.36.13/js/player.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a02:26f0:ea::1706:7078 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c2c089cb5fd15f086229b75a5962a8b9d14b0e1055705ac686e4aa36f1186305

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 01:39:23 GMT
x-vim-cachebc
EP:Q,E:m,TD0:m,CW:h
using-starlord
true
origin-retrieved-hour
1625536800
timing-allow-origin
*
akamai-mon-iucid-del
879819
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1046395
ak-reference-id
0.74700617.1626831563.1fdfe8eb
aka-c-hit
cache-hit
access-control-allow-origin
*
access-control-expose-headers
Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
cache-control
max-age=1297614
akamai-edge-ip
2a02:26f0:ea::1706:7078
content-type
video/mp4
access-control-allow-headers
Content-Type, Accept-Encoding, Range, X-OTT-Agent
quic-version
Q050

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery function| fbq function| _fbq object| OP3 object| wp string| edzpx_c number| edzpx_a string| PxEdz function| edzpx string| e object| twemoji string| e3eab3e function| edzpx_geturl

6 Cookies

Domain/Path Name / Value
.mercadolibre.com/ Name: edsid
Value: 89955a71-3314-4382-94da-a0ba39d791a0-1626831561360
.mercadolibre.com/ Name: dsid
Value: 1f716e38-8399-4d41-a48f-f7e15eaf7c4b-1626831561360
.bolsosemdividas.com.br/ Name: _fbp
Value: fb.2.1626831559686.506284735
sun.eduzz.com/ Name: cdn.iugu.100164.ka.ck
Value: 5f4031df89b5390dd507d32739013f2fbb01f7cec565e9e4a08a1e48746e5545e948b956d029f132b7787d8e7e7ead490d85af2e65af2de62ffc09d832fadc1f13142f08c51ce3900c6e044f19c8598dd9a2e98bb4c425e2ce08da80fcf496316177d475d21285996065ee63cfa22abf33e2a4bd828db938c1c4cca4cc08787e1041bcc0c3aecae2a7e99e0312ce52e78d68a6c3addf3f227883c3
.vimeo.com/ Name: player
Value: ""
.vimeo.com/ Name: vuid
Value: pl1575416484.1889718478

6 Console Messages

Source Level URL
Text
console-api log URL: https://bolsosemdividas.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://cdn.eduzzcdn.com/sun/assets/static/js/main.1fa5371b.chunk.js(Line 1)
Message:
%c display: block; font-size: 66px; line-height: 66px; text-align: center; border-radius: 5px; background: #333 url(https://www.eduzz.com/sun/assets/img/logoSun.png) no-repeat;
console-api log URL: https://cdn.eduzzcdn.com/sun/assets/static/js/main.1fa5371b.chunk.js(Line 1)
Message:
starting app
console-api log URL: https://cdn.eduzzcdn.com/sun/assets/static/js/main.1fa5371b.chunk.js(Line 1)
Message:
Standalone mode
console-api log URL: https://cdn.eduzzcdn.com/sun/assets/static/js/2.8dc45519.chunk.js(Line 2)
Message:
sentry enabled
console-api log URL: https://cdn.eduzzcdn.com/sun/assets/static/js/2.8dc45519.chunk.js(Line 2)
Message:
removed starting loader class

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33vod-adaptive.akamaized.net
accounts.google.com
api.mercadopago.com
bolsosemdividas.com.br
cdn.eduzzcdn.com
connect.facebook.net
eduzz.info
edzz.la
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
googleads.g.doubleclick.net
i.vimeocdn.com
js.iugu.com
kaptcha.iugu.com
lp.eduzz.com
pagead2.googlesyndication.com
player-telemetry.vimeo.com
player.vimeo.com
secure.mlstatic.com
sun.eduzz.com
vimeo.com
www.bolsosemdividas.com.br.excelencianobolso.com.br
www.facebook.com
www.mercadolibre.com
www.mercadolivre.com
104.18.18.83
107.23.32.171
13.226.145.22
143.204.98.31
151.101.0.217
151.101.12.217
151.101.14.109
2.16.186.216
216.172.173.22
2600:9000:21f3:e600:15:70be:e600:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:800::200d
2a00:1450:4001:812::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200a
2a02:26f0:ea::1706:7078
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.120.202.204
52.6.56.7
07d6a21e54cc4e3a3037bbfa44884caa007bb8c93de922fa5b74a48773460984
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0ea9ce921b7f5ae17adeea623bde667e1788ed17e62cd650025e837c0ec964b4
0fa002ae5cb81b3973940b189c7cd567e911ec7f2f5609b041c8e2f13dc98f5d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14a2dbb1d7cac4421a1a028b0bee2f5939b18f54bb52447e2278167eacf53aea
1a5bb92d3a4f3d6c5260b0cebc7fd5fc9da5afc7dbba4716771abbb64922fcce
1a8aa381ef0ce8ecd830e0bf942b9940f727af6ad327b9b2dbc90adeda8d5e64
1b4e58825c8ef5171ae50e9d5f738ed57b624bfc01192fc809083e700a87432a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
244768e12c5c2b31b552341e2a188a6925d7bcd2524a3c37abd21c0613a6691b
2451b27216c72f3608e2e750f005d17e6648acbf5859eceb88174bf9ca8d44ae
284641bdf135d8301ecb0d942ea8ce4b929868177d0c0873e87e2cf5e6da16e8
2917d5fdea53a6612df9d0f088e91a503a49737ff1b4c3dc21a085e7779458e9
2ac23279590f18f4577084e3b030600ff80e7d4eaea2a52a9237579f3842f985
2c932577a0bb86bf5aed25d4901e0b6335ec532762222ba6ae9f3a6b3757362a
3581336e5eca0349959012e8434036010f4e8f29a4904711f8209bcc6bca9259
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
489eb13809d93bd268587508e4d5097222f1b52ccf87a7554818b56fa1f8f58a
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4bfd197441e900dc29ce7a16a8f9526143d63a6e9498f3811ebe23503a7d9d9c
4c601e373616bd4b9f4b6702b511066ed15ad7e6fedde65029a4876d24b93f5b
4e755c0b6b39ad53e30bcba03a70e1cea3672330469add0bf88dec1db25324ce
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
5c5965f06083ae3d8d4b94c3433f827117a295424b6a5b466a7844b09b05d166
71271778c745f09591683e6799e0fc17c93e1b70a72d66828159839f96dbfd01
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
a1bc50d9a65c6e2dbded639b8a97b948fe35bb308d120805671a24915b34991c
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a9936d9f5584b1f3d80590d92b62b6c65f17ef7cd2aab56f89252b3c2b2a6c17
adcca2cd0c783c19fc11d340f57f44f97a4726f64d8e22d18a1340069544365a
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b30b8070c6a6594ec12fa3c56e77daeed648c260cb9988c260ddbd17a168ef20
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bfc78e58c6f8590a40654086dc247a31c8fdf2ffa14bb060ee5c805dfefa754a
c1d7521e880e20f0861b0712a280826c535762ded11f17ce9a0e6bdf106e1f9e
c2c089cb5fd15f086229b75a5962a8b9d14b0e1055705ac686e4aa36f1186305
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c944634ef9375b3455a2642302462db617df209ea96d30e709a204dedc3fee6a
cb9cbb39ee20c63d6147a56bb55668b3d0d7b430aaeb7c97a16e86ee3b6ba8e8
cfe9545b4c0e288faf345ee5bde48bdab8e8fbb00d2b12eb7980222c1cb036ab
d3889af39aab2012444b64623f30f242332c9b3f7b1da93afec0e1c44957debd
d5ab8093d7963871561a19ee1bc8d79dcd23611c987bc76239899540e20ff915
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4
d80b4646113fdc936e31666521f84a329fac5730af8084cf8bbb5214644449b2
da174949c10470bf21173be597d88134dedf969e3ebb98537672aad5fe5b67e2
dca7013d1dc119eeee66e26dfb0bdbf65be3ea04ee664e92881642ca155b3940
e05a775fa9e58b67228ff2390b726bffab77389c2f869d29a26b626862f83902
e28d860a51754d183f6f97432fd94046cd31afb7ce65c8ea179b0ff63b3d84fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e500a102e1cd0838e9849974530f699a1feda134dbfeadfad631248ec348ba21
e7272549040f6ca1cf51d75674e6e5de8e5739483efaa67f84a493b95c05747c