cupom-6-meses-aproveite-semana-consumidor.com Open in urlscan Pro
23.22.211.105 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Submission: On September 15 via automatic, source phishtank (September 15th 2022, 2:01:39 am UTC) — Scanned from DE

Summary HTTP 60 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 11 domains to perform 60 HTTP transactions. The main IP is 23.22.211.105, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is cupom-6-meses-aproveite-semana-consumidor.com.
TLS certificate: Issued by R3 on September 13th 2022. Valid for: 3 months.

This is the only time cupom-6-meses-aproveite-semana-consumidor.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
21	23.22.211.105 23.22.211.105	14618 (AMAZON-AES) (AMAZON-AES)
8	2a00:86c0:209... 2a00:86c0:2090::1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1 3	185.32.241.65 185.32.241.65	30286 (THM) (THM)
3	2a00:1450:400... 2a00:1450:400c:c00::5c	15169 (GOOGLE) (GOOGLE)
2	2a05:d018:76c... 2a05:d018:76c:b683:f711:f0cf:5cc7:b815	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:588::33c4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	2a01:578:3::2... 2a01:578:3::22f1:16c8	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
60	16

21 23.22.211.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-211-105.compute-1.amazonaws.com

cupom-6-meses-aproveite-semana-consumidor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:86c0:2090::1 (United States)

ASN40027 (NETFLIX-ASN, US)

codex.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.32.241.65 (United States) 1 redirects

ASN30286 (THM, US)

secured.netflix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:76c:b683:f711:f0cf:5cc7:b815 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

www.netflix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:588::33c4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ae.nflximg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:578:3::22f1:16c8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ichnaea-web.netflix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

4954221.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	cupom-6-meses-aproveite-semana-consumidor.com cupom-6-meses-aproveite-semana-consumidor.com	269 KB
13	google.com 2 redirects pay.google.com — Cisco Umbrella Rank: 3842 play.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 19 adservice.google.com — Cisco Umbrella Rank: 142	366 KB
9	netflix.com www.netflix.com — Cisco Umbrella Rank: 1354 Failed secured.netflix.com — Cisco Umbrella Rank: 200026 ichnaea-web.netflix.com — Cisco Umbrella Rank: 2190	4 KB
8	nflxext.com codex.nflxext.com — Cisco Umbrella Rank: 222631 assets.nflxext.com — Cisco Umbrella Rank: 2038	458 KB
4	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 4954221.fls.doubleclick.net	3 KB
4	gstatic.com www.gstatic.com	104 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3469	656 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 159	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
1	nflximg.net ae.nflximg.net — Cisco Umbrella Rank: 20950	6 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 480	30 KB
60	11

	Domain	Requested by
21	cupom-6-meses-aproveite-semana-consumidor.com	cupom-6-meses-aproveite-semana-consumidor.com codex.nflxext.com
7	play.google.com	www.gstatic.com
5	assets.nflxext.com	codex.nflxext.com
4	ichnaea-web.netflix.com	cupom-6-meses-aproveite-semana-consumidor.com ae.nflximg.net
4	www.gstatic.com	pay.google.com www.gstatic.com
3	pay.google.com	cupom-6-meses-aproveite-semana-consumidor.com www.gstatic.com
3	secured.netflix.com	1 redirects cupom-6-meses-aproveite-semana-consumidor.com
3	codex.nflxext.com	cupom-6-meses-aproveite-semana-consumidor.com
2	4954221.fls.doubleclick.net	1 redirects cupom-6-meses-aproveite-semana-consumidor.com
2	www.google.de	cupom-6-meses-aproveite-semana-consumidor.com
2	www.google.com	2 redirects
2	googleads.g.doubleclick.net	2 redirects
2	www.netflix.com	cupom-6-meses-aproveite-semana-consumidor.com
1	adservice.google.com	4954221.fls.doubleclick.net
1	www.googleadservices.com	cupom-6-meses-aproveite-semana-consumidor.com
1	www.google-analytics.com	www.gstatic.com
1	ae.nflximg.net	cupom-6-meses-aproveite-semana-consumidor.com
1	ajax.googleapis.com	cupom-6-meses-aproveite-semana-consumidor.com
60	18

This site contains no links.

Subject Issuer	Validity	Valid
cupom-6-meses-aproveite-semana-consumidor.com R3	`2022-09-13` - `2022-12-12`	3 months	crt.sh
*.1.nflxso.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-08` - `2022-10-10`	a month	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.netflix.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-14` - `2023-01-14`	a year	crt.sh
assets.nflxext.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-08` - `2023-03-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
secured.netflix.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-11` - `2023-02-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
ichnaea-web.netflix.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-09` - `2023-02-09`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Frame ID: 5612FC5D4AC925C8B83CDF7A3B583E31
Requests: 20 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fcupom-6-meses-aproveite-semana-consumidor.com&mid=
Frame ID: 900B8D70E21670C6C8677A812899C9AA
Requests: 12 HTTP requests in this frame

Frame: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/payframe.html
Frame ID: C9D1CDB7A4B09C93860034D0CD9CAEA0
Requests: 3 HTTP requests in this frame

Frame: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ls_fp.html
Frame ID: 78D6EE3ED746BDA53BBD45FB7DFD9D5A
Requests: 3 HTTP requests in this frame

Frame: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/top_fp.html
Frame ID: F334A7AF5C6112862B91746FE550BBD1
Requests: 1 HTTP requests in this frame

Frame: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/adtech_iframe_target_04.html
Frame ID: 8CDD8466B9362220C5804CC060831232
Requests: 2 HTTP requests in this frame

Frame: https://ae.nflximg.net/monet/scripts/netflix_tag_03.html?data=%7B%7D
Frame ID: 69A67901C7FAE9F2F3C58FDDBAF62087
Requests: 2 HTTP requests in this frame

Frame: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/netflix_tag_03.html
Frame ID: A95B8730B67DFEFE6760512FF64D978B
Requests: 7 HTTP requests in this frame

Frame: https://4954221.fls.doubleclick.net/activityi;dc_pre=CJbVnoDalfoCFU2s1Qod1CQHSg;src=4954221;type=gl-web;cat=dcmgl103;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2653034362712.863
Frame ID: E2040151A3FEA9B46CDF478241AFE550
Requests: 2 HTTP requests in this frame

Frame: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/activityi.html
Frame ID: 7BF6AA47BB2895F0B7C6D6D4A954210C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

93 %
HTTPS

76 %
IPv6

11
Domains

18
Subdomains

16
IPs

4
Countries

1258 kB
Transfer

3968 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://secured.netflix.com/fp/clear.png?org_id=lg9m47ph&session_id=a1e7f0a4-00ee-44a1-a688-5d3a582799da&m=1 HTTP 302
https://secured.netflix.com/fp/clear.png?org_id=lg9m47ph&session_id=a1e7f0a4-00ee-44a1-a688-5d3a582799da&k=1

Request Chain 51

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981179826/?random=1878181578&cv=9&fst=*&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=9&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https://ae.nflximg.net/monet/scripts/netflix_tag_03.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522BR%2522%252C%2522fbaId%2522%253A%25223463dc9a-32bf-48c6-8a17-40770bc0242d%2522%252C%2522is_member%2522%253A%2522current%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522creditOption%2522%257D&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=0vBqXKumOpS6nASyy4OYAw&crd=CMnTGw&gtd= HTTP 302
https://www.google.com/pagead/1p-conversion/981179826/?random=1878181578&cv=9&fst=*&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=9&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https://ae.nflximg.net/monet/scripts/netflix_tag_03.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522BR%2522%252C%2522fbaId%2522%253A%25223463dc9a-32bf-48c6-8a17-40770bc0242d%2522%252C%2522is_member%2522%253A%2522current%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522creditOption%2522%257D&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CMnTGw&gtd=&is_vtc=1&ocp_id=0vBqXKumOpS6nASyy4OYAw&random=3668978914&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/981179826/?random=1878181578&cv=9&fst=*&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=9&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https://ae.nflximg.net/monet/scripts/netflix_tag_03.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522BR%2522%252C%2522fbaId%2522%253A%25223463dc9a-32bf-48c6-8a17-40770bc0242d%2522%252C%2522is_member%2522%253A%2522current%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522creditOption%2522%257D&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CMnTGw&gtd=&is_vtc=1&ocp_id=0vBqXKumOpS6nASyy4OYAw&random=3668978914&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hASfIBOTxBrsHfw14rcJm41VNNcoNpQKkbKPQqyVQNfNJICTa3lczDIV4OMUMvjv8tDZ-OIq1AwcbCyt7xdJzG7

Request Chain 52

https://4954221.fls.doubleclick.net/activityi;src=4954221;type=gl-web;cat=dcmgl103;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2653034362712.863 HTTP 302
https://4954221.fls.doubleclick.net/activityi;dc_pre=CJbVnoDalfoCFU2s1Qod1CQHSg;src=4954221;type=gl-web;cat=dcmgl103;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2653034362712.863

Request Chain 54

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981179826/?random=1101414676&cv=9&fst=1663207295293&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fcupom-6-meses-aproveite-semana-consumidor.com%2Fpage-checkout.php&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=f4ciY-PkFcLY1gakj4vwCw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/981179826/?random=1101414676&cv=9&fst=1663207295293&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fcupom-6-meses-aproveite-semana-consumidor.com%2Fpage-checkout.php&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=f4ciY-PkFcLY1gakj4vwCw&random=346912048&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/981179826/?random=1101414676&cv=9&fst=1663207295293&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fcupom-6-meses-aproveite-semana-consumidor.com%2Fpage-checkout.php&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=f4ciY-PkFcLY1gakj4vwCw&random=346912048&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hBqmLFlH2ViKjHTSvbyE-iaQAyzinJj3VaAXtyhvzpD7WwW2mPMOiEpYH1tqU2manML1Av9jt8oVxqP9BUQHDPg

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request page-checkout.php Show response
cupom-6-meses-aproveite-semana-consumidor.com/ 428 KB
76 KB 501ms
210ms Document
text/html 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PHP/8.0.23 PleskLin
Resource Hash: bbbf545b33adb218d9ab2cd464f56859369ef25eacac3db80db73741732f52b5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 15 Sep 2022 02:01:33 GMT
server: nginx
x-powered-by: PHP/8.0.23 PleskLin

GET
H/1.1 200
OK none Show response
codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-mk-ve059a69f/js/js/bootstrap.js,common%7Cbootstrap.js/2/50034x4v4d4z084j494D4-060t00514C4p4F4A0e4T4R4P4k4E4t4H4m4l024X/bck/true/ 9 KB
4 KB 414ms
204ms Script
application/javascript 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-mk-ve059a69f/js/js/bootstrap.js,common%7Cbootstrap.js/2/50034x4v4d4z084j494D4-060t00514C4p4F4A0e4T4R4P4k4E4t4H4m4l024X/bck/true/none

Requested by

Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

27c7136aa3a01094ee71a1ac3fb9204ca5b9822adf2e4ce446c2c8c6914f31e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 02:01:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=16070400
req_id: 532a872f-1715-424a-a469-afb535caf168
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Content-Length: 3484
Expires: Mon, 20 Mar 2023 02:01:33 GMT

GET
H/1.1 200
OK none Show response
codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-mk-ve059a69f/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/50034x4v4d4z084j494D4-060t00514C4p4F4A0e4T4R4P4k4E4t4H4m4l024X/l/true/ 1 MB
346 KB 720ms
510ms Script
application/javascript 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-mk-ve059a69f/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/50034x4v4d4z084j494D4-060t00514C4p4F4A0e4T4R4P4k4E4t4H4m4l024X/l/true/none

Requested by

Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3a37c95263bb2ed0e93018df74c7834e6fa38db0edffdc35c4f61cfde42aaf33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 02:01:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=16070400
req_id: d9e2b849-59e7-4a49-bd2e-44ae3d683b24
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Expires: Mon, 20 Mar 2023 02:01:33 GMT

GET WebsiteDetect
www.netflix.com/personalization/cl2/freeform/ 0
0

GET
H/1.1 200
OK none
codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-ve059a69f/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/2/0E0R040u0L090B0K0V0Y0S0M0W0Q0X0-/none/true/ 188 KB
32 KB 308ms
230ms Stylesheet
text/css 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-ve059a69f/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/2/0E0R040u0L090B0K0V0Y0S0M0W0Q0X0-/none/true/none

Requested by

Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

577833a31e59d17913a30024065e14d043579465d71dd2c5af3253dac57baf30

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 02:01:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=16070400
req_id: 01b07d4f-577e-4c65-b438-9f313f8872d0
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Content-Length: 32081
Expires: Mon, 20 Mar 2023 02:01:33 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 54ms
16ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 02:01:16 GMT

GET
H2 200 clear.png
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ 81 B
248 B 130ms
128ms Image
image/png 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/clear.png
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:01:33 GMT
etag: "51-58229aed4b980"
last-modified: Mon, 18 Feb 2019 11:47:02 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 81

GET
H2 200 clear(1).png Show response
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ 0
156 B 125ms
122ms Script
image/png 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/clear(1).png
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:01:33 GMT
etag: "0-58229aef33e00"
last-modified: Mon, 18 Feb 2019 11:47:04 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 0

GET
H2 200 clear(2).png Show response
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ 0
156 B 125ms
123ms Script
image/png 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/clear(2).png
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:01:33 GMT
etag: "0-58229aef33e00"
last-modified: Mon, 18 Feb 2019 11:47:04 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 0

GET
H2 200 clear(3).png Show response
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ 0
156 B 126ms
123ms Script
image/png 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/clear(3).png
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:01:33 GMT
etag: "0-58229aef33e00"
last-modified: Mon, 18 Feb 2019 11:47:04 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 0

GET
H2 200 clear(4).png
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ 81 B
248 B 131ms
129ms Image
image/png 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/clear(4).png
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:01:33 GMT
etag: "51-58229aef33e00"
last-modified: Mon, 18 Feb 2019 11:47:04 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 81

GET
H2 200 pay.js.download Show response
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ 80 KB
25 KB 129ms
127ms Script
application/javascript 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/pay.js.download
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 4b535894c86e209fdd9aef83adc76a450060c0b9e3430bdb1ecb6c7383307f7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:01:33 GMT
content-encoding: br
etag: W/"5c6a9b38-13f13"
last-modified: Mon, 18 Feb 2019 11:47:04 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 404 WebsiteDetect Show response
cupom-6-meses-aproveite-semana-consumidor.com/personalization/cl2/freeform/ 808 B
501 B 111ms
111ms XHR
text/html 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=signupSimplicity-planSelectionWithContext
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:01:33 GMT
content-encoding: br
last-modified: Tue, 13 Sep 2022 14:15:44 GMT
server: nginx
etag: W/"328-5e88fa5db7255"
content-type: text/html

GET
H/1.1 200
OK 12_11_2014_icon_visa_37x25.png
assets.nflxext.com/ffe/siteui/acquisition/payment/ 859 B
1 KB 117ms
35ms Image
image/png 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/payment/12_11_2014_icon_visa_37x25.png
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-ve059a69f/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/2/0E0R040u0L090B0K0V0Y0S0M0W0Q0X0-/none/true/none
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ed65da4bcdc5f0f68d20f2b489f2f1e4df6d5b1235ece01afd24624126be504

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://codex.nflxext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 02:01:33 GMT
Last-Modified: Wed, 10 Jul 2019 23:52:28 GMT
Server: nginx
Content-MD5: InDyhjoqaXrupmtM5xGKHA==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 859
Expires: Thu, 22 Sep 2022 02:01:34 GMT

GET
H/1.1 200
OK 12_05_2017_icon_master_33x25.png
assets.nflxext.com/ffe/siteui/acquisition/payment/ 950 B
1 KB 153ms
36ms Image
image/png 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/payment/12_05_2017_icon_master_33x25.png
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-ve059a69f/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/2/0E0R040u0L090B0K0V0Y0S0M0W0Q0X0-/none/true/none
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c6bb9cb3cc35a4355f246e67df6b7f1273b534ed7d9f9629dbc370120732ea3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://codex.nflxext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 02:01:33 GMT
Last-Modified: Wed, 10 Jul 2019 23:52:28 GMT
Server: nginx
Content-MD5: B+P6BJD0lDXYF3JLsVr9kA==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 950
Expires: Thu, 22 Sep 2022 02:01:34 GMT

GET
H/1.1 200
OK 10_18_2014_icon_amex_37x25.png
assets.nflxext.com/ffe/siteui/acquisition/payment/ 525 B
844 B 190ms
35ms Image
image/png 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/payment/10_18_2014_icon_amex_37x25.png
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-ve059a69f/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/2/0E0R040u0L090B0K0V0Y0S0M0W0Q0X0-/none/true/none
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: cc5859d74f8cde62e1cdeeea341f85f9725d4f4398f58203aa1e5080faf1685a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://codex.nflxext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 02:01:33 GMT
Last-Modified: Wed, 10 Jul 2019 23:52:28 GMT
Server: nginx
Content-MD5: XUIHbO4+/oKKw/K3EvF4SA==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 525
Expires: Thu, 22 Sep 2022 02:01:34 GMT

GET
H/1.1 200
OK icon_elo_1x.png
assets.nflxext.com/ffe/siteui/acquisition/payment/ 872 B
1 KB 566ms
376ms Image
image/png 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/payment/icon_elo_1x.png
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-ve059a69f/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/2/0E0R040u0L090B0K0V0Y0S0M0W0Q0X0-/none/true/none
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: a4893b8aea56d825d8cd9af7bde21348af4107e8b9a0566a6e6353cd5a3bba0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://codex.nflxext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 02:01:34 GMT
Last-Modified: Wed, 10 Jul 2019 23:52:28 GMT
Server: nginx
Content-MD5: 0HcwCdy04XYC6bmt+TNvag==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 872
Expires: Thu, 22 Sep 2022 02:01:35 GMT

GET
H/1.1

200
OK

clear.png
secured.netflix.com/fp/
Redirect Chain

https://secured.netflix.com/fp/clear.png?org_id=lg9m47ph&session_id=a1e7f0a4-00ee-44a1-a688-5d3a582799da&m=1
https://secured.netflix.com/fp/clear.png?org_id=lg9m47ph&session_id=a1e7f0a4-00ee-44a1-a688-5d3a582799da&k=1

81 B
474 B

21ms
21ms

Image
image/png

185.32.241.65
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.netflix.com/fp/clear.png?org_id=lg9m47ph&session_id=a1e7f0a4-00ee-44a1-a688-5d3a582799da&k=1

Requested by

Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php

Protocol

HTTP/1.1

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Sep 2022 02:01:34 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Thu, 15 Sep 2022 02:01:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Location: https://secured.netflix.com/fp/clear.png?org_id=lg9m47ph&session_id=a1e7f0a4-00ee-44a1-a688-5d3a582799da&k=1
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 0

GET
H/1.1 200
OK nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ 72 KB
72 KB 305ms
100ms Font
font/woff 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-ve059a69f/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/2/0E0R040u0L090B0K0V0Y0S0M0W0Q0X0-/none/true/none
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d

Request headers

Referer: https://codex.nflxext.com/
Origin: https://cupom-6-meses-aproveite-semana-consumidor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Thu, 15 Sep 2022 02:01:33 GMT
Last-Modified: Mon, 29 Jan 2018 01:50:51 GMT
Server: nginx
Content-MD5: fPYVbMSBJEtaJUNi17c/AA==
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73572
Expires: Thu, 22 Sep 2022 02:01:34 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 900B 18 KB
8 KB 295ms
224ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fcupom-6-meses-aproveite-semana-consumidor.com&mid=

Requested by

Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/pay.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec6b7148328695c09e67484928370f8be06b4bd13709bde51ca88f2781a4e550

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-rEs5XFcVCddo_86bDk5PJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-rEs5XFcVCddo_86bDk5PJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 15 Sep 2022 02:01:34 GMT
expires: Thu, 15 Sep 2022 02:01:34 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 payframe.html Show response
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ Frame C9D1 17 KB
7 KB 113ms
112ms Document
text/html 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/payframe.html
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 4bb35d89ca82b9c25152991c4cff56e24930406c76ed1fc0f8d46e829c459381

Request headers

Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Thu, 15 Sep 2022 02:01:34 GMT
etag: W/"5c6a9b38-43f5"
last-modified: Mon, 18 Feb 2019 11:47:04 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 ls_fp.html Show response
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ Frame 78D6 30 KB
7 KB 218ms
217ms Document
text/html 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ls_fp.html
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: ee61c28e7e5160d1bc4bc15dd99309076273c0bf2feb3bff36a4f0d327ed478a

Request headers

Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Thu, 15 Sep 2022 02:01:34 GMT
etag: W/"5c6a9b3a-7838"
last-modified: Mon, 18 Feb 2019 11:47:06 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 top_fp.html Show response
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ Frame F334 31 KB
7 KB 216ms
216ms Document
text/html 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/top_fp.html
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: b3292c0154dd7fff8a3d3e4f5137858105555bf25aad92c720dc2c154e561965

Request headers

Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Thu, 15 Sep 2022 02:01:34 GMT
etag: W/"5c6a9b3a-7b4d"
last-modified: Mon, 18 Feb 2019 11:47:06 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 adtech_iframe_target_04.html Show response
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ Frame 8CDD 4 KB
1 KB 217ms
217ms Document
text/html 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/adtech_iframe_target_04.html
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 42f644744a75344cf68145284ad7c7663d1783be39407825bfd20a0027590466

Request headers

Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Thu, 15 Sep 2022 02:01:34 GMT
etag: W/"5c6a9b38-e06"
last-modified: Mon, 18 Feb 2019 11:47:04 GMT
server: nginx
x-powered-by: PleskLin

POST
H2 404 log Show response
cupom-6-meses-aproveite-semana-consumidor.com/personalization/ 808 B
501 B 217ms
217ms XHR
text/html 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/personalization/log
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-mk-ve059a69f/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/50034x4v4d4z084j494D4-060t00514C4p4F4A0e4T4R4P4k4E4t4H4m4l024X/l/true/none
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

Accept: */*
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
X-Netflix.ichnaea.request.type: UiRequest
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Sep 2022 02:01:34 GMT
content-encoding: br
last-modified: Tue, 13 Sep 2022 14:15:44 GMT
server: nginx
etag: W/"328-5e88fa5db7255"
content-type: text/html

GET
H2 200 analytics.js.download Show response
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ Frame C9D1 43 KB
17 KB 193ms
193ms Script
application/javascript 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/analytics.js.download
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/payframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:01:34 GMT
content-encoding: br
etag: W/"5c6a9b36-ac62"
last-modified: Mon, 18 Feb 2019 11:47:02 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 m=_b,_tp Show response
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ Frame C9D1 110 KB
110 KB 195ms
194ms Script
application/octet-stream 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/m=_b,_tp
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/payframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: f02d1b34ce4bb9673aa37786468fc49de3b01d4ae21db3ceb0261e75e3ab6a29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:01:34 GMT
last-modified: Mon, 18 Feb 2019 11:47:02 GMT
server: nginx
x-powered-by: PleskLin
etag: "5c6a9b36-1b79e"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 112542

GET
H2 200 clear(5).png Show response
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ Frame 78D6 0
156 B 189ms
189ms Script
image/png 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/clear(5).png
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ls_fp.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ls_fp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:01:34 GMT
etag: "0-58229aef33e00"
last-modified: Mon, 18 Feb 2019 11:47:04 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 0

OPTIONS
H2 200 log
www.netflix.com/ichnaea/ Frame 0
0 127ms
50ms Preflight 2a05:d018:76c:b683:f711:f0cf:5cc7:b815
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netflix.com/ichnaea/log

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:76c:b683:f711:f0cf:5cc7:b815 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

clingest-secure i-069b1a09bdf1b7e90 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netflix.ichnaea.request.type
Access-Control-Request-Method: POST
Origin: https://cupom-6-meses-aproveite-semana-consumidor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://cupom-6-meses-aproveite-semana-consumidor.com
allow: GET, POST, OPTIONS
content-length: 0
date: Thu, 15 Sep 2022 02:01:34 GMT
server: clingest-secure i-069b1a09bdf1b7e90
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 2 i-0b8d8b28ad4ca6bf2 (eu-west-1)
x-b3-traceid: 4a461ad5ea81f21d
x-content-type-options: nosniff
x-envoy-decorator-operation: lo_svc_http
x-envoy-upstream-service-time: 0
x-netflix_nfstatus: 1_1
x-netflix_proxy_execution-time: 12
x-originating-url: http://www.netflix.com/ichnaea/log
x-request-id: 8697c086-6214-4573-b261-c08fa5593e13
x-xss-protection: 1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport

POST
H2 200 log Show response
www.netflix.com/ichnaea/ Frame 8CDD 0
331 B 49ms
49ms XHR
text/plain 2a05:d018:76c:b683:f711:f0cf:5cc7:b815
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netflix.com/ichnaea/log

Requested by

Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/adtech_iframe_target_04.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:76c:b683:f711:f0cf:5cc7:b815 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

clingest-secure i-02659c69ad105c866 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Netflix.ichnaea.request.type: IchnaeaRequest
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Sep 2022 02:01:34 GMT
x-envoy-decorator-operation: lo_svc_http
x-content-type-options: nosniff
x-b3-traceid: fc6d0bfa3a7bdbe0
access-control-allow-origin: https://cupom-6-meses-aproveite-semana-consumidor.com
x-netflix_proxy_execution-time: 12
x-envoy-upstream-service-time: 1
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: dae76e50-a3b4-4fd8-937e-b5aeea6b233f
pragma: no-cache
allow: GET, POST, OPTIONS
server: clingest-secure i-02659c69ad105c866
x-frame-options: DENY
x-netflix_nfstatus: 1_1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
x-originating-url: http://www.netflix.com/ichnaea/log
via: 2 i-02516b9a9318485b7 (eu-west-1)
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-ichnaea: ~0=true~RL=0
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
expires: 0

GET
H/1.1 200
OK netflix_tag_03.html Show response
ae.nflximg.net/monet/scripts/ Frame 69A6 54 KB
6 KB 917ms
856ms Document
text/html 2a02:26f0:3500:588::33c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ae.nflximg.net/monet/scripts/netflix_tag_03.html?data=%7B%7D
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/adtech_iframe_target_04.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:588::33c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0fb74b43b1a7ebdc6e6e7a1ba091dcb98f497d63980cd115875a3cd52cfb4b5d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5471
Content-MD5: RtvXzeMOoTpa+foF0bcgJw==
Content-Type: text/html
Date: Thu, 15 Sep 2022 02:01:35 GMT
ETag: "46dbd7cde30ea13a5af9fa05d1b72027:1572275113.403121"
Last-Modified: Mon, 28 Oct 2019 15:05:05 GMT
Server: AkamaiNetStorage
Timing-Allow-Origin: *
Vary: Accept-Encoding

GET
H2 200 netflix_tag_03.html Show response
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ Frame A95B 80 KB
6 KB 210ms
210ms Document
text/html 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/netflix_tag_03.html
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/adtech_iframe_target_04.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 217220bbd934e1ff296c6babe78bd737e29f891643b7aff112e7dbf7c792717a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Thu, 15 Sep 2022 02:01:35 GMT
etag: W/"5c6a9b38-1404c"
last-modified: Mon, 18 Feb 2019 11:47:04 GMT
server: nginx
x-powered-by: PleskLin

POST
H2 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 900B 2 KB
2 KB 28ms
26ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fcupom-6-meses-aproveite-semana-consumidor.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 15 Sep 2022 02:01:35 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh... Frame 900B 153 KB
55 KB 57ms
15ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh6IrlvU9WB5mv64KGsRQ3UYJimsw/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fcupom-6-meses-aproveite-semana-consumidor.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3726c733d07ab5c9416f9d1e70cdbb87bac7fce883b12ed2bb2060cd8b109ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 16:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55109
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 05:25:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 16:20:02 GMT

GET
H3 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4... Frame 900B 78 KB
28 KB 48ms
16ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4xZHJoyWM.L.B1.O/am=BoA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrg4J-yKFvrJw4QPOmnS7xkBaCtn1w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh6IrlvU9WB5mv64KGsRQ3UYJimsw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8e68591784cfded415de1a9f6a6c79183971b9458560dce6ece10c138952703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 16:24:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29016
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 23:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 16:24:20 GMT

GET
H/1.1 204
No Content clear.png Show response
secured.netflix.com/fp/ Frame 78D6 0
387 B 22ms
22ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://secured.netflix.com/fp/clear.png?org_id=lg9m47ph&session_id=a1e7f0a4-00ee-44a1-a688-5d3a582799da&nonce=d07aa9f73c83c092&pageid=2128&la=8c0c5fa076ba058cf6c869ca0445462ba7b75236b4fba2d5

Requested by

Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ls_fp.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Sep 2022 02:01:35 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 f.txt Show response
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ Frame A95B 24 KB
9 KB 115ms
114ms Script
text/plain 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/f.txt
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/netflix_tag_03.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 89e7ec7a8654f6cf95fa65814a000712a2a4a2392e7b062ab51b255028ab1657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/netflix_tag_03.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:01:35 GMT
content-encoding: br
etag: W/"5c6a9b36-6032"
last-modified: Mon, 18 Feb 2019 11:47:02 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/plain

GET
H2 200 f(1).txt Show response
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ Frame A95B 2 KB
1 KB 116ms
115ms Script
text/plain 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/f(1).txt
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/netflix_tag_03.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 2d35873e0d48538c7d45d49c5720e2bd340158951a79a06ac02ed53debede7c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/netflix_tag_03.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:01:35 GMT
content-encoding: br
etag: W/"5c6a9b36-761"
last-modified: Mon, 18 Feb 2019 11:47:02 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/plain

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 900B 49 KB
20 KB 56ms
15ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4xZHJoyWM.L.B1.O/am=BoA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrg4J-yKFvrJw4QPOmnS7xkBaCtn1w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2737
date: Thu, 15 Sep 2022 01:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 15 Sep 2022 03:15:58 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 900B 1 MB
353 KB 86ms
85ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh6IrlvU9WB5mv64KGsRQ3UYJimsw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f8374d5f26c33ba885b5abbf071f0af3eefb37dc54c7471fc06fea0f7d75872

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-69y9-ZI3pclMncyCjlS6_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
date: Thu, 15 Sep 2022 02:01:35 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-69y9-ZI3pclMncyCjlS6_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Thu, 15 Sep 2022 02:01:35 GMT

POST
H/1.1 200
OK log Show response
ichnaea-web.netflix.com/ Frame A95B 0
1 KB 156ms
44ms XHR
text/plain 2a01:578:3::22f1:16c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ichnaea-web.netflix.com/log

Requested by

Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/netflix_tag_03.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:578:3::22f1:16c8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

clingest-secure i-068696d8962ec5604 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Netflix.ichnaea.request.type: IchnaeaRequest
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Sep 2022 02:01:34 GMT
Via: 1.1 i-0a6df8bba4409a0ca (eu-west-1)
x-content-type-options: nosniff
x-envoy-decorator-operation: lo_svc_http
x-b3-traceid: 24027f209726df86
X-Netflix_proxy_execution-time: 6
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 0
x-xss-protection: 1; mode=block
x-request-id: 8ceaf21a-d957-4626-9e96-e4a7e15456e4
pragma: no-cache
Server: clingest-secure i-068696d8962ec5604
x-frame-options: DENY
X-Netflix_nfstatus: 1_1
allow: GET, POST, OPTIONS
access-control-allow-methods: GET, POST, OPTIONS
X-Originating-URL: https://ichnaea-web.netflix.com/log
access-control-allow-origin: https://cupom-6-meses-aproveite-semana-consumidor.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-ichnaea: ~0=true~RL=0
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
expires: 0

OPTIONS
H/1.1 200
OK log
ichnaea-web.netflix.com/ Frame 0
0 196ms
43ms Preflight 2a01:578:3::22f1:16c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ichnaea-web.netflix.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:578:3::22f1:16c8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: clingest-secure i-0ef60c752a2df89a8 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netflix.ichnaea.request.type
Access-Control-Request-Method: POST
Origin: https://cupom-6-meses-aproveite-semana-consumidor.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Server: clingest-secure i-0ef60c752a2df89a8
Via: 1.1 i-0b672860454585f7e (eu-west-1)
X-Netflix_nfstatus: 1_1
X-Netflix_proxy_execution-time: 5
X-Originating-URL: https://ichnaea-web.netflix.com/log
access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://cupom-6-meses-aproveite-semana-consumidor.com
allow: GET, POST, OPTIONS
date: Thu, 15 Sep 2022 02:01:34 GMT
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-b3-traceid: 5faa5d129d211435
x-envoy-decorator-operation: lo_svc_http
x-envoy-upstream-service-time: 1
x-request-id: 69e29b20-2374-4e01-8909-826f6731b906

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4... Frame 900B 18 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4xZHJoyWM.L.B1.O/am=BoA/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrg4J-yKFvrJw4QPOmnS7xkBaCtn1w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh6IrlvU9WB5mv64KGsRQ3UYJimsw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47a88df5478f6afd3e15676a143f0b0b8e0e8c87f03b4c1a908cef98c1402201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 16:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7399
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 23:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 16:24:21 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4... Frame 900B 37 KB
14 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.mv4xZHJoyWM.L.B1.O/am=BoA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrg4J-yKFvrJw4QPOmnS7xkBaCtn1w/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh6IrlvU9WB5mv64KGsRQ3UYJimsw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59b29cf164ab12b5d1220067310ebc72a95a9190969e5e78caa80489bf00d95f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 16:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34634
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13983
x-xss-protection: 0
last-modified: Fri, 09 Sep 2022 23:26:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 16:24:21 GMT

POST
H3 200 log Show response
play.google.com/ Frame 900B 131 B
155 B 87ms
55ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh6IrlvU9WB5mv64KGsRQ3UYJimsw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 15 Sep 2022 02:01:35 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 15 Sep 2022 02:01:35 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 95ms
48ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 15 Sep 2022 02:01:35 GMT
expires: Thu, 15 Sep 2022 02:01:35 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 900B 131 B
155 B 54ms
52ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh6IrlvU9WB5mv64KGsRQ3UYJimsw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 15 Sep 2022 02:01:35 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 15 Sep 2022 02:01:35 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 124ms
81ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 15 Sep 2022 02:01:35 GMT
expires: Thu, 15 Sep 2022 02:01:35 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 900B 131 B
155 B 84ms
83ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh6IrlvU9WB5mv64KGsRQ3UYJimsw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 15 Sep 2022 02:01:35 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 15 Sep 2022 02:01:35 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 117ms
82ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 15 Sep 2022 02:01:35 GMT
expires: Thu, 15 Sep 2022 02:01:35 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 900B 131 B
671 B 89ms
50ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.43xDc-Z3j1k.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh6IrlvU9WB5mv64KGsRQ3UYJimsw/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 15 Sep 2022 02:01:35 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 15 Sep 2022 02:01:35 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/981179826/ Frame A95B 2 KB
2 KB 73ms
29ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/981179826/?random=1663207295293&cv=9&fst=1663207295293&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fcupom-6-meses-aproveite-semana-consumidor.com%2Fpage-checkout.php&rfmt=3&fmt=4

Requested by

Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/f.txt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

befe0003d92d7a854f0db7ea9dbf80e5e01c8b7d0affe63665e3c3110ca37ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 02:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1095
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/981179826/ Frame A95B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981179826/?random=1878181578&cv=9&fst=*&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=13...
https://www.google.com/pagead/1p-conversion/981179826/?random=1878181578&cv=9&fst=*&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366...
https://www.google.de/pagead/1p-conversion/981179826/?random=1878181578&cv=9&fst=*&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&...

42 B
548 B

69ms
30ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/981179826/?random=1878181578&cv=9&fst=*&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=9&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https://ae.nflximg.net/monet/scripts/netflix_tag_03.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522BR%2522%252C%2522fbaId%2522%253A%25223463dc9a-32bf-48c6-8a17-40770bc0242d%2522%252C%2522is_member%2522%253A%2522current%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522creditOption%2522%257D&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CMnTGw&gtd=&is_vtc=1&ocp_id=0vBqXKumOpS6nASyy4OYAw&random=3668978914&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hASfIBOTxBrsHfw14rcJm41VNNcoNpQKkbKPQqyVQNfNJICTa3lczDIV4OMUMvjv8tDZ-OIq1AwcbCyt7xdJzG7

Requested by

Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/netflix_tag_03.html

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 02:01:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 02:01:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/981179826/?random=1878181578&cv=9&fst=*&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=9&u_tz=-180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https://ae.nflximg.net/monet/scripts/netflix_tag_03.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522BR%2522%252C%2522fbaId%2522%253A%25223463dc9a-32bf-48c6-8a17-40770bc0242d%2522%252C%2522is_member%2522%253A%2522current%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522creditOption%2522%257D&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CMnTGw&gtd=&is_vtc=1&ocp_id=0vBqXKumOpS6nASyy4OYAw&random=3668978914&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hASfIBOTxBrsHfw14rcJm41VNNcoNpQKkbKPQqyVQNfNJICTa3lczDIV4OMUMvjv8tDZ-OIq1AwcbCyt7xdJzG7
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CJbVnoDalfoCFU2s1Qod1CQHSg;src=4954221;type=gl-web;cat=dcmgl103;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2653034362712.863 Show response
4954221.fls.doubleclick.net/ Frame E204
Redirect Chain

https://4954221.fls.doubleclick.net/activityi;src=4954221;type=gl-web;cat=dcmgl103;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2653034362712.863?
https://4954221.fls.doubleclick.net/activityi;dc_pre=CJbVnoDalfoCFU2s1Qod1CQHSg;src=4954221;type=gl-web;cat=dcmgl103;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2653034362712.863?

389 B
345 B

69ms
34ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4954221.fls.doubleclick.net/activityi;dc_pre=CJbVnoDalfoCFU2s1Qod1CQHSg;src=4954221;type=gl-web;cat=dcmgl103;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2653034362712.863?

Requested by

Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/netflix_tag_03.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

0206957b4137c956c1b80a230d2d2ae257278b1868b94d71e0407a636a02e026

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 320
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 02:01:35 GMT
expires: Thu, 15 Sep 2022 02:01:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 02:01:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4954221.fls.doubleclick.net/activityi;dc_pre=CJbVnoDalfoCFU2s1Qod1CQHSg;src=4954221;type=gl-web;cat=dcmgl103;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2653034362712.863?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi.html Show response
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ Frame 7BF6 530 B
417 B 110ms
109ms Document
text/html 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/activityi.html
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/netflix_tag_03.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: aeb06d6737028ccb23bb568ebe0d3d4a4056e9a2bf01a9e37f33c9cd20ecd5e1

Request headers

Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/netflix_tag_03.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Thu, 15 Sep 2022 02:01:35 GMT
etag: W/"212-58229aef33e00"
last-modified: Mon, 18 Feb 2019 11:47:04 GMT
server: nginx
x-accel-version: 0.01
x-powered-by: PleskLin

GET
H2

200

/
www.google.de/pagead/1p-conversion/981179826/ Frame A95B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981179826/?random=1101414676&cv=9&fst=1663207295293&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_...
https://www.google.com/pagead/1p-conversion/981179826/?random=1101414676&cv=9&fst=1663207295293&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=...
https://www.google.de/pagead/1p-conversion/981179826/?random=1101414676&cv=9&fst=1663207295293&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1...

42 B
108 B

69ms
31ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/981179826/?random=1101414676&cv=9&fst=1663207295293&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fcupom-6-meses-aproveite-semana-consumidor.com%2Fpage-checkout.php&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=f4ciY-PkFcLY1gakj4vwCw&random=346912048&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hBqmLFlH2ViKjHTSvbyE-iaQAyzinJj3VaAXtyhvzpD7WwW2mPMOiEpYH1tqU2manML1Av9jt8oVxqP9BUQHDPg

Requested by

Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/netflix_tag_03.html

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 02:01:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Sep 2022 02:01:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/981179826/?random=1101414676&cv=9&fst=1663207295293&num=1&label=1GpaCJSQ1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=1&url=https%3A%2F%2Fcupom-6-meses-aproveite-semana-consumidor.com%2Fpage-checkout.php&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=f4ciY-PkFcLY1gakj4vwCw&random=346912048&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hBqmLFlH2ViKjHTSvbyE-iaQAyzinJj3VaAXtyhvzpD7WwW2mPMOiEpYH1tqU2manML1Av9jt8oVxqP9BUQHDPg
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CObtvcnsxeACFQ4MswAdA9kIxQ
cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ Frame 7BF6 42 B
200 B 112ms
109ms Image
image/gif 23.22.211.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/dc_pre=CObtvcnsxeACFQ4MswAdA9kIxQ
Requested by: Host: cupom-6-meses-aproveite-semana-consumidor.com
URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/activityi.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.22.211.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-211-105.compute-1.amazonaws.com
Software: nginx / PleskLin
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/activityi.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:01:35 GMT
last-modified: Mon, 18 Feb 2019 11:47:02 GMT
x-accel-version: 0.01
x-powered-by: PleskLin
etag: "2a-58229aed4b980"
accept-ranges: bytes
content-length: 42
server: nginx

GET
H2 200 dc_pre=CJbVnoDalfoCFU2s1Qod1CQHSg;src=4954221;type=gl-web;cat=dcmgl103;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2653034362712.863
adservice.google.com/ddm/fls/z/ Frame E204 42 B
494 B 101ms
62ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJbVnoDalfoCFU2s1Qod1CQHSg;src=4954221;type=gl-web;cat=dcmgl103;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2653034362712.863

Requested by

Host: 4954221.fls.doubleclick.net
URL: https://4954221.fls.doubleclick.net/activityi;dc_pre=CJbVnoDalfoCFU2s1Qod1CQHSg;src=4954221;type=gl-web;cat=dcmgl103;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2653034362712.863?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4954221.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Sep 2022 02:01:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK log Show response
ichnaea-web.netflix.com/ Frame 69A6 0
1 KB 44ms
43ms XHR
text/plain 2a01:578:3::22f1:16c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ichnaea-web.netflix.com/log

Requested by

Host: ae.nflximg.net
URL: https://ae.nflximg.net/monet/scripts/netflix_tag_03.html?data=%7B%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:578:3::22f1:16c8 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

clingest-secure i-05690939d9e29d085 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Netflix.ichnaea.request.type: IchnaeaRequest
Referer: https://ae.nflximg.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Sep 2022 02:01:35 GMT
Via: 1.1 i-0dd302260bd939b7a (eu-west-1)
x-content-type-options: nosniff
x-envoy-decorator-operation: lo_svc_http
x-b3-traceid: 261def8d5a08970a
X-Netflix_proxy_execution-time: 5
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 0
x-xss-protection: 1; mode=block
x-request-id: 3cc2278e-a58c-4894-94ae-a521f16ce5fd
pragma: no-cache
Server: clingest-secure i-05690939d9e29d085
x-frame-options: DENY
X-Netflix_nfstatus: 1_1
allow: GET, POST, OPTIONS
access-control-allow-methods: GET, POST, OPTIONS
X-Originating-URL: https://ichnaea-web.netflix.com/log
access-control-allow-origin: https://ae.nflximg.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-ichnaea: ~0=true~RL=0
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
expires: 0

OPTIONS
H/1.1 200
OK log
ichnaea-web.netflix.com/ Frame 0
0 42ms
42ms Preflight 2a01:578:3::22f1:16c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ichnaea-web.netflix.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:578:3::22f1:16c8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: clingest-secure i-0e9eeadaeb3bf370f /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netflix.ichnaea.request.type
Access-Control-Request-Method: POST
Origin: https://ae.nflximg.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Server: clingest-secure i-0e9eeadaeb3bf370f
Via: 1.1 i-05bd6ea736c942114 (eu-west-1)
X-Netflix_nfstatus: 1_1
X-Netflix_proxy_execution-time: 4
X-Originating-URL: https://ichnaea-web.netflix.com/log
access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ae.nflximg.net
allow: GET, POST, OPTIONS
date: Thu, 15 Sep 2022 02:01:35 GMT
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-b3-traceid: d04bb84ddf4d2122
x-envoy-decorator-operation: lo_svc_http
x-envoy-upstream-service-time: 0
x-request-id: becaf3c8-3ffc-4058-b572-d80be332723c

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.netflix.com
URL: https://www.netflix.com/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=signupSimplicity-planSelectionWithContext

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secured.netflix.com/	1970-01-20 15:36:07	Name: thx_guid Value: 1b92d9b6408f48ca9f737896a23c4886
.cupom-6-meses-aproveite-semana-consumidor.com/	1969-12-31 23:59:59	Name: cL Value: 1663207294557%7C166320729452571864%7C166320729496404911%7C%7C4%7Cundefined
.google.com/	1970-01-20 10:23:38	Name: NID Value: 511=tgqINsyxSQBFb82geW1GasweiMcMn1hn1IaR3bo67pdyqTVDou9Mh349Nu_a3Pc_hKVO3GPKkkMvN0nFLOzuDLHjeIksa77bg66HnGAyuiPjj7vo2NuySHqUE-ntCyQvDcfvADyB_k_b0k_15iEXNwqjlF2VpeWAWLM8AESSWmI
.doubleclick.net/	1970-01-20 15:21:43	Name: IDE Value: AHWqTUmtCi6FzhrXzH5oCb8H6BM7ae2nfpRcNuNQEMVkfYT0wlXkDQktS-rKuzK5WBg

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php Message: Refused to apply style from 'https://www.netflix.com/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=signupSimplicity-planSelectionWithContext' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://cupom-6-meses-aproveite-semana-consumidor.com/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=signupSimplicity-planSelectionWithContext Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php Message: Refused to execute script from 'https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/clear(1).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php Message: Refused to execute script from 'https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/clear(2).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://cupom-6-meses-aproveite-semana-consumidor.com/page-checkout.php Message: Refused to execute script from 'https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/clear(3).png' because its MIME type ('image/png') is not executable.
network	error	URL: https://cupom-6-meses-aproveite-semana-consumidor.com/personalization/log Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/ls_fp.html Message: Refused to execute script from 'https://cupom-6-meses-aproveite-semana-consumidor.com/pagamento_files/clear(5).png' because its MIME type ('image/png') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4954221.fls.doubleclick.net
adservice.google.com
ae.nflximg.net
ajax.googleapis.com
assets.nflxext.com
codex.nflxext.com
cupom-6-meses-aproveite-semana-consumidor.com
googleads.g.doubleclick.net
ichnaea-web.netflix.com
pay.google.com
play.google.com
secured.netflix.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.gstatic.com
www.netflix.com
www.netflix.com
142.250.186.70
185.32.241.65
216.58.212.130
23.22.211.105
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:400c:c00::5c
2a00:86c0:2090::1
2a01:578:3::22f1:16c8
2a02:26f0:3500:588::33c4
2a05:d018:76c:b683:f711:f0cf:5cc7:b815
0206957b4137c956c1b80a230d2d2ae257278b1868b94d71e0407a636a02e026
0fb74b43b1a7ebdc6e6e7a1ba091dcb98f497d63980cd115875a3cd52cfb4b5d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
217220bbd934e1ff296c6babe78bd737e29f891643b7aff112e7dbf7c792717a
27c7136aa3a01094ee71a1ac3fb9204ca5b9822adf2e4ce446c2c8c6914f31e5
2d35873e0d48538c7d45d49c5720e2bd340158951a79a06ac02ed53debede7c4
3a37c95263bb2ed0e93018df74c7834e6fa38db0edffdc35c4f61cfde42aaf33
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
3f8374d5f26c33ba885b5abbf071f0af3eefb37dc54c7471fc06fea0f7d75872
42f644744a75344cf68145284ad7c7663d1783be39407825bfd20a0027590466
47a88df5478f6afd3e15676a143f0b0b8e0e8c87f03b4c1a908cef98c1402201
4b535894c86e209fdd9aef83adc76a450060c0b9e3430bdb1ecb6c7383307f7a
4bb35d89ca82b9c25152991c4cff56e24930406c76ed1fc0f8d46e829c459381
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
577833a31e59d17913a30024065e14d043579465d71dd2c5af3253dac57baf30
59b29cf164ab12b5d1220067310ebc72a95a9190969e5e78caa80489bf00d95f
5c6bb9cb3cc35a4355f246e67df6b7f1273b534ed7d9f9629dbc370120732ea3
7ed65da4bcdc5f0f68d20f2b489f2f1e4df6d5b1235ece01afd24624126be504
89e7ec7a8654f6cf95fa65814a000712a2a4a2392e7b062ab51b255028ab1657
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4893b8aea56d825d8cd9af7bde21348af4107e8b9a0566a6e6353cd5a3bba0c
aeb06d6737028ccb23bb568ebe0d3d4a4056e9a2bf01a9e37f33c9cd20ecd5e1
b3292c0154dd7fff8a3d3e4f5137858105555bf25aad92c720dc2c154e561965
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bbbf545b33adb218d9ab2cd464f56859369ef25eacac3db80db73741732f52b5
befe0003d92d7a854f0db7ea9dbf80e5e01c8b7d0affe63665e3c3110ca37ca2
c3726c733d07ab5c9416f9d1e70cdbb87bac7fce883b12ed2bb2060cd8b109ab
cc5859d74f8cde62e1cdeeea341f85f9725d4f4398f58203aa1e5080faf1685a
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d8e68591784cfded415de1a9f6a6c79183971b9458560dce6ece10c138952703
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec6b7148328695c09e67484928370f8be06b4bd13709bde51ca88f2781a4e550
ee61c28e7e5160d1bc4bc15dd99309076273c0bf2feb3bff36a4f0d327ed478a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02d1b34ce4bb9673aa37786468fc49de3b01d4ae21db3ceb0261e75e3ab6a29

cupom-6-meses-aproveite-semana-consumidor.com Open in urlscan Pro 23.22.211.105 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

93 %HTTPS

76 %IPv6

11 Domains

18 Subdomains

16 IPs

4 Countries

1258 kBTransfer

3968 kBSize

4 Cookies

0 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cupom-6-meses-aproveite-semana-consumidor.com Open in urlscan Pro
23.22.211.105 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

93 %
HTTPS

76 %
IPv6

11
Domains

18
Subdomains

16
IPs

4
Countries

1258 kB
Transfer

3968 kB
Size

4
Cookies

60 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!