urlscan.io logo urlscan.io
SecurityTrails logo

material.vexpenses.com Open in urlscan Pro
104.18.34.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u6102634.ct.sendgrid.net/ls/click?upn=u001.K50dYMy4YMYgPA9v1SEx0xTQ1qDqgljG4yZnOwiteGUO86MKiv51Zed0x-2FJlXfwUzQC8uidgpdi6...
Effective URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Submission: On March 21 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 4 countries across 19 domains to perform 63 HTTP transactions. The main IP is 104.18.34.21, located in and belongs to CLOUDFLARENET, US. The main domain is material.vexpenses.com.
TLS certificate: Issued by R3 on February 23rd 2024. Valid for: 3 months.
This is the only time material.vexpenses.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.54 11377 (SENDGRID)
3 104.18.34.21 13335 (CLOUDFLAR...)
2 13.227.219.60 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 18.239.63.49 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 34.68.90.188 396982 (GOOGLE-CL...)
15 3.160.156.21 16509 (AMAZON-02)
2 18.65.39.47 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 3.231.28.98 14618 (AMAZON-AES)
2 2a03:2880:f08... 32934 (FACEBOOK)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.223.116.65 396982 (GOOGLE-CL...)
1 108.156.61.71 16509 (AMAZON-02)
63 25
1    167.89.115.54 (Herndon, United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x54.outbound-mail.sendgrid.net
u6102634.ct.sendgrid.net
3    104.18.34.21 (None, )

ASN13335 (CLOUDFLARENET, US)
material.vexpenses.com
2    13.227.219.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-60.ams54.r.cloudfront.net
builder-assets.unbounce.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    18.239.63.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-63-49.ams58.r.cloudfront.net
d335luupugsy2.cloudfront.net
5    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    34.68.90.188 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.90.68.34.bc.googleusercontent.com
forms.rdstation.com.br
popups.rdstation.com.br
15    3.160.156.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-156-21.fra60.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
2    18.65.39.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-47.ams1.r.cloudfront.net
fonts.ub-assets.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    3.231.28.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-28-98.compute-1.amazonaws.com
app.vexpenses.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    35.223.116.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.116.223.35.bc.googleusercontent.com
pageview-notify.rdstation.com.br
1    108.156.61.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-61-71.ams1.r.cloudfront.net
dk9suync0k2va.cloudfront.net
Apex Domain
Subdomains		 Transfer
23 cloudfront.net
d335luupugsy2.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dk9suync0k2va.cloudfront.net
260 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 734
www.linkedin.com — Cisco Umbrella Rank: 882
px4.ads.linkedin.com — Cisco Umbrella Rank: 7517
3 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
277 KB
4 vexpenses.com
material.vexpenses.com
app.vexpenses.com
33 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 387
20 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 643
14 KB
3 rdstation.com.br
forms.rdstation.com.br — Cisco Umbrella Rank: 593878
pageview-notify.rdstation.com.br — Cisco Umbrella Rank: 160861
popups.rdstation.com.br — Cisco Umbrella Rank: 136900
39 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
ajax.googleapis.com — Cisco Umbrella Rank: 716
35 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 4233
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 195
400 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2066
www.google.com — Cisco Umbrella Rank: 5
666 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 251
70 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
2 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 40189
21 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 36816
37 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
273 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1756
17 KB
1 sendgrid.net
u6102634.ct.sendgrid.net
265 B
63 19
Domain Requested by
15 d9hhrg4mnvzow.cloudfront.net material.vexpenses.com
7 d335luupugsy2.cloudfront.net material.vexpenses.com
d335luupugsy2.cloudfront.net
5 www.googletagmanager.com material.vexpenses.com
www.googletagmanager.com
d335luupugsy2.cloudfront.net
3 cdnjs.cloudflare.com client
d335luupugsy2.cloudfront.net
cdnjs.cloudflare.com
3 px.ads.linkedin.com 3 redirects
3 bat.bing.com www.googletagmanager.com
bat.bing.com
material.vexpenses.com
3 material.vexpenses.com material.vexpenses.com
2 www.google.de material.vexpenses.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net material.vexpenses.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
2 fonts.googleapis.com material.vexpenses.com
d335luupugsy2.cloudfront.net
2 builder-assets.unbounce.com material.vexpenses.com
1 popups.rdstation.com.br d335luupugsy2.cloudfront.net
1 dk9suync0k2va.cloudfront.net
1 pageview-notify.rdstation.com.br d335luupugsy2.cloudfront.net
1 fonts.gstatic.com fonts.googleapis.com
1 ajax.googleapis.com d335luupugsy2.cloudfront.net
1 www.google.com material.vexpenses.com
1 www.facebook.com material.vexpenses.com
1 region1.analytics.google.com www.googletagmanager.com
1 px4.ads.linkedin.com material.vexpenses.com
1 www.linkedin.com 1 redirects
1 app.vexpenses.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 forms.rdstation.com.br d335luupugsy2.cloudfront.net
1 u6102634.ct.sendgrid.net 1 redirects
63 28

This site contains links to these domains. Also see Links.

Domain
vexpenses.com.br
Subject Issuer Validity Valid
material.vexpenses.com
R3		 2024-02-23 -
2024-05-23		 3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M03		 2023-12-10 -
2025-01-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
forms.rdstation.com.br
R3		 2024-02-18 -
2024-05-18		 3 months crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M02		 2023-06-01 -
2024-06-29		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-01-21 -
2024-06-27		 5 months crt.sh
*.vexpenses.com
Amazon RSA 2048 M03		 2024-01-09 -
2025-02-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-30 -
2024-03-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.rdstation.com.br
Sectigo RSA Domain Validation Secure Server CA		 2023-08-31 -
2024-06-04		 9 months crt.sh
popups.rdstation.com.br
R3		 2024-02-22 -
2024-05-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Frame ID: F8ED15D0FFF57C9DD0154D5F6FF8C8CF
Requests: 64 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://u6102634.ct.sendgrid.net/ls/click?upn=u001.K50dYMy4YMYgPA9v1SEx0xTQ1qDqgljG4yZnOwiteGUO86MKiv51Zed0x-... HTTP 302
    https://material.vexpenses.com/lideranca-financeira-do-futuro/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

97 %
HTTPS

58 %
IPv6

19
Domains

28
Subdomains

25
IPs

4
Countries

863 kB
Transfer

2382 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u6102634.ct.sendgrid.net/ls/click?upn=u001.K50dYMy4YMYgPA9v1SEx0xTQ1qDqgljG4yZnOwiteGUO86MKiv51Zed0x-2FJlXfwUzQC8uidgpdi6xcUEP0m-2BMK1gKhqwtiwi4O7GM9pORJY-3DrgYC_r-2FcpYW2KRUAb3s1c1h7eIuKFys-2B9e-2FBtBv33ZLMFfosTccJVIiBokL0LDe-2B1iJexATBl9q-2BM2ULjEcDjWVxmBwEyl3OixS64ztiR8wdzrumb5gDwFORNVx3RZhXTYaCYAJuH-2F8wKGPtCRXyakeYxU4Sb0-2BOoqY9WXjmBLRCQNt9Tzva0WXTj-2BXbY-2F7s6R3vKW-2BYtcKSscncwVHOViTgs7d-2FljQuR6yb4TPKRVQJULItwGutGomvGPLd5ZGAjqr-2FRKu3vpLWh2Riut63t3L7ZIKEOGrew10v8Cjl3354qwYxj5ovhkew6dM06Ma58hD2JYnBKnJq2fIiPzL-2BzaNn5fCVQX729xpWCm6rsnuZx3VHARw96deALH-2B-2FnF1Qbg4XVRogAuFdbAZgERmaBmz5S73CmdX57ZG2-2FRm8PhW3lGYA-3D HTTP 302
    https://material.vexpenses.com/lideranca-financeira-do-futuro/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1711060775329&li_adsId=e61fcce1-fc73-4570-ab55-5746b70d51ed&url=https%3A%2F%2Fmaterial.vexpenses.com%2Flideranca-financeira-do-futuro%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1711060775329&li_adsId=e61fcce1-fc73-4570-ab55-5746b70d51ed&url=https%3A%2F%2Fmaterial.vexpenses.com%2Flideranca-financeira-do-futuro%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D525153%26time%3D1711060775329%26li_adsId%3De61fcce1-fc73-4570-ab55-5746b70d51ed%26url%3Dhttps%253A%252F%252Fmaterial.vexpenses.com%252Flideranca-financeira-do-futuro%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1711060775329&li_adsId=e61fcce1-fc73-4570-ab55-5746b70d51ed&url=https%3A%2F%2Fmaterial.vexpenses.com%2Flideranca-financeira-do-futuro%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1711060775329&li_adsId=e61fcce1-fc73-4570-ab55-5746b70d51ed&url=https%3A%2F%2Fmaterial.vexpenses.com%2Flideranca-financeira-do-futuro%2F&cookiesTest=true&liSync=true&e_ipv6=AQIF9M5uOjh81QAAAY5jK3MvOroPSycac6PCtepRGPaYEbReSX2TLKSGf2r2FdZgH8byKC7W

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
material.vexpenses.com/lideranca-financeira-do-futuro/
Redirect Chain
  • https://u6102634.ct.sendgrid.net/ls/click?upn=u001.K50dYMy4YMYgPA9v1SEx0xTQ1qDqgljG4yZnOwiteGUO86MKiv51Zed0x-2FJlXfwUzQC8uidgpdi6xcUEP0m-2BMK1gKhqwtiwi4O7GM9pORJY-3DrgYC_r-2FcpYW2KRUAb3s1c1h7eIuKFy...
  • https://material.vexpenses.com/lideranca-financeira-do-futuro/
66 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e73b1251bca5f8b63c21fcf87382c4fa7f3a4680ace6106ffaa5506fd151bf98

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
868170521f543837-FRA
content-encoding
br
content-location
https://material.vexpenses.com/lideranca-financeira-do-futuro/
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 22:39:34 GMT
etag
W/"a:942849c19c6a43cba943788d36530426"
link
<https://material.vexpenses.com/lideranca-financeira-do-futuro/>; rel="canonical"
server
cloudflare
x-unbounce-pageid
85f4991c-50a2-4ec1-aec3-1bcc646ffbe3
x-unbounce-variant
a
x-unbounce-visitorid
942849c1-9c6a-43cb-a943-788d36530426

Redirect headers

Connection
keep-alive
Content-Length
85
Content-Type
text/html; charset=utf-8
Date
Thu, 21 Mar 2024 22:39:34 GMT
Location
https://material.vexpenses.com/lideranca-financeira-do-futuro/
Server
nginx
X-Robots-Tag
noindex, nofollow
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-60.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 02:43:46 GMT
content-encoding
gzip
via
1.1 38f6d324a75dff585b0ce25920fd4bda.cloudfront.net (CloudFront)
x-amz-version-id
GVFgUU1TNBfYZFxmy4v_rBGa7MxrBKpW
x-amz-cf-pop
AMS54-C1
age
8020549
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2902
last-modified
Fri, 15 Dec 2023 17:54:33 GMT
server
AmazonS3
etag
"65d94e355664eb0c202cee7db35a61b5"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
N0k8S-JJVM4FLRnRDkn7tunZwvBeT9XBJ1gWMWjAMmXsqInBbn59LA==
css2
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Mar 2024 22:39:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 20:51:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Mar 2024 22:39:35 GMT
f4df309c96d8e9be008e7023f24330b4e9cd076f.js
material.vexpenses.com/_ub/static/ts/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://material.vexpenses.com/_ub/static/ts/f4df309c96d8e9be008e7023f24330b4e9cd076f.js
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54506d6275c3d09572d1ab044f7343378fc9b40fa9b1769c5fccd543ee497348

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/lideranca-financeira-do-futuro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 22:39:35 GMT
content-encoding
br
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
x-amz-version-id
6lHFLJ3xek5g4FyMNhNu5u9aCngMTYpY
cf-cache-status
MISS
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 21 Mar 2024 15:18:03 GMT
server
cloudflare
etag
W/"9ff346a1c542989814c7dda8628acdf9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
86817053a87e3837-FRA
x-amz-cf-id
FRnkXvfWGymk9t02do71IM2UnCLyKTnoXmDI5TZlUSjpGftRpf9qPg==
expires
Fri, 21 Mar 2025 22:39:35 GMT
rdstation-forms.min.js
d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/ 		216 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.63.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-63-49.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8b69073abd76ef6fb071117441e540edeaa4ebb410a5b3a1e8b1b0107f28a6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 13:51:33 GMT
content-encoding
gzip
via
1.1 5869d8337913ed7453262c3cf9c9a9e6.cloudfront.net (CloudFront)
x-amz-version-id
obp5qxHzXS_FGV94LSMVNEUTDe9c.3b9
x-amz-cf-pop
AMS58-P4
age
18434882
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
55755
last-modified
Mon, 21 Aug 2023 13:51:30 GMT
server
AmazonS3
etag
"34148b7d6171c9422f298cf19e3a03bb"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
dIvZRcnPIKMpAy6qdnuJGmepD6cA1S7HtRN8MboCDYUcoRoDGOSW5w==
main.bundle-b8bce47.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-60.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 02:30:43 GMT
content-encoding
gzip
via
1.1 38f6d324a75dff585b0ce25920fd4bda.cloudfront.net (CloudFront)
x-amz-version-id
1Mvk4FuYMeUSmuAPlWGBYo2y5i_JvMIh
x-amz-cf-pop
AMS54-C1
age
4910932
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33784
last-modified
Fri, 08 Dec 2023 18:58:27 GMT
server
AmazonS3
etag
"2a9d0fd11f023fbc0d75be2d39992d11"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
uxAlZvnZ_4qW9EHyj6RZ4CYSBV-wRLN0ZX-KP2hMHPneW0LxN3nMrA==
32718be9-3d67-4d65-8ccd-a1e4374ed640-loader.js
d335luupugsy2.cloudfront.net/js/loader-scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/loader-scripts/32718be9-3d67-4d65-8ccd-a1e4374ed640-loader.js
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.63.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-63-49.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff68cad91230b2c98665f41e3c8f1db6135de9358a6ace970c5dd7b8b93b0c30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
6MQ8hCwZmSu66WkHENJHxVI8wN6GlvbL
content-encoding
gzip
via
1.1 5869d8337913ed7453262c3cf9c9a9e6.cloudfront.net (CloudFront)
date
Thu, 21 Mar 2024 22:39:36 GMT
last-modified
Thu, 07 Mar 2024 14:54:33 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
x-amz-server-side-encryption
AES256
etag
W/"87ed2cb1ce799d808b1ec3e719c1f80b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
nmlQ6liZ3-iOxz3_paF2Dh-C0hJbsrGLl7y0I1W6haB4YHyURQnVgA==
gtm.js
www.googletagmanager.com/ 		277 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M4SZP7M
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c5e2a9ae1890dbe30077d1b115d44afa4ea6b25ca3171a7a23db55ed9b634b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 22:39:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97676
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Mar 2024 22:39:35 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/gif
form-lp-masterclass-de-liderancas-2d0aac022e479f92032f
forms.rdstation.com.br/ 		38 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.rdstation.com.br/form-lp-masterclass-de-liderancas-2d0aac022e479f92032f
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.90.68.34.bc.googleusercontent.com
Software
/
Resource Hash
c9e9051131c001e1d09d4e3c3870f615fdb85b8d1d15689d30c66f73d211f770
Security Headers
Name Value
Strict-Transport-Security max-age=7776000
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=7776000
date
Thu, 21 Mar 2024 22:39:35 GMT
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options
sameorigin
content-type
text/html
access-control-allow-origin
*
content-length
38948
f553f094-teste_10000000cx0y00k7000028.png
d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/f553f094-teste_10000000cx0y00k7000028.png
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a52f1dfd87dcf1eb54bda2cce52c3abe29b17dca054b793ceef3d1813416d6e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:58:35 GMT
x-amz-version-id
JEVgebtcaM7YECI59fkhopZmxn4lb.z7
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2024 13:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
632461
etag
"a4949c008fe7801802ed21c7c5a3a4f3"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2338
x-amz-cf-id
chcK9Oy7kzywLBYUgsqzEhKcDU15Pf3SZ46rm0Yrr-M9H3ioZQPCmQ==
4163651a-dobra-5-fundo_10000001dx0hg01p000028.png
d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/4163651a-dobra-5-fundo_10000001dx0hg01p000028.png
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85295fdf18411e633d6db2ab60aea0e22919b58a3147c899a7bb5be7d023576c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:58:35 GMT
x-amz-version-id
MJ9RKSAujkLbr0AgmXjUw.n8yJ_rbuFV
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2024 13:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
632461
etag
"0403aba28d868c12a2b760dd35897a1a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1935
x-amz-cf-id
_uJ7xtEhQ5sEghPvXejJlCHq7FSoEAE_kSH9VHGgYdPPM8g09Y7s3Q==
f553f094-teste_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/f553f094-teste_1000000000000000000028.png
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7e50714520a8f0115746a001abfe95e03b76f6ed11ff57894b1d7b3188ecc05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:58:36 GMT
x-amz-version-id
LcWsZBxClHC_gUmRj5TNhmpcFsFohWXq
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2024 13:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
632460
etag
"26619c6ddd4a51dea507f1080cc7ae8f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
7574
x-amz-cf-id
8tuwqgTxDbm_PyMyNn5L_V0O01l1tS_ZMw4hh9TxgxkPKd0PFKiSig==
i
material.vexpenses.com/_ub/ 		2 B
191 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://material.vexpenses.com/_ub/i
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/_ub/static/ts/f4df309c96d8e9be008e7023f24330b4e9cd076f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.21 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://material.vexpenses.com/lideranca-financeira-do-futuro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Mar 2024 22:39:35 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://material.vexpenses.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials
true
cf-ray
8681705428e13837-FRA
content-length
2
149b23f1-bf7c-491b-8cbb-e0444b9307aa
https://material.vexpenses.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://material.vexpenses.com/149b23f1-bf7c-491b-8cbb-e0444b9307aa
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
5611
Content-Type
text/css
css
fonts.ub-assets.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/css?family=Open+Sans:600
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-47.ams1.r.cloudfront.net
Software
/
Resource Hash
94e18d3e2e9aa4187a5500654294b9e5b25b998aac4b71fc1123677bba5533bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 19:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 6750d77433312fa1bf305e9ae7af80ae.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
age
12430
x-amzn-requestid
7d4f3e92-4281-4b1f-a472-2f805aa2ef85
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
U_n3-EqnoAMER2Q=
content-length
1497
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-amzn-trace-id
Root=1-65fc8699-5445aefe7ad1139204d9bd07
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
x-amz-cf-id
_vzy9KHjkfLPMMd8Ca2GLfYsW8xXzwDQoUrYYMemd1rYF7K6lELG5w==
fbe128ce-instagam_100z00y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/ 		515 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/fbe128ce-instagam_100z00y000000000000028.png
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a33603b2498bc63c995b25840e7d8bc1e56962d8f5cbdee395f5527f15a54b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:58:36 GMT
x-amz-version-id
.4wd0ZngQPTsrJ0hNafRRVL.NT1BbDuj
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2024 13:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
632460
etag
"d90bb31493a8c3b66794ff257ecb011b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
515
x-amz-cf-id
eOKpMlTnHx7Yxrun7LLCE7khHKvSksA3FSS7Do63bIWZQ_CeRbTYrg==
74a858fe-linkedin_1013013000000000000028.png
d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/ 		483 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/74a858fe-linkedin_1013013000000000000028.png
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
882f851d46637b0bb657a7ed83e861022abb8ab41f275dd1d824a8129cd1f9da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:58:36 GMT
x-amz-version-id
_tnRP02q3xdqaWnBDeS81RoQLC.3ImBE
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2024 13:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
632460
etag
"8f70c9f4302355559eb6243d6cb216d0"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
483
x-amz-cf-id
qZPA6dDBs8yZZsfxdQBHMg5Cma9ktwuuO-iFpoyFl23SPQ0dqDwO-g==
3a1c82be-facebook_1016015000000000000028.png
d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/ 		376 B
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/3a1c82be-facebook_1016015000000000000028.png
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e09ed2b00b04979c1588ae2d87b5cbc4e91b56d96b97b031ffa3e73db5bdad8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:58:36 GMT
x-amz-version-id
XaK6c.LgdMnBDUmXSk3VgyW.IoBCGP.l
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2024 13:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
632460
etag
"d94330659e614ea819a54f6c824303aa"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
376
x-amz-cf-id
AG4qRM7jWuyHQHp5VZrPFkm2V_65EjMwyHF110H93gcPooENHZ5tfw==
a9a26e91-titulo_10ec040000000000000028.png
d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/a9a26e91-titulo_10ec040000000000000028.png
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5288cd95d43ae5e8476e17ba75f0c8b5ff2d81d6a366dcc6c88e63810b259104

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:58:36 GMT
x-amz-version-id
mUazMNhos5ns3rcPaHb1cjsRWVWS.lYV
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2024 13:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
632460
etag
"2129e9fc95c4f5b0e54fa24caf8bf97e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
7378
x-amz-cf-id
mVb4jvb3XvF4adsxlQINJlQxsGs1apretPyWYwewTI-MIV8n-ILiTw==
8866286e-calendario_100q00w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/ 		440 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/8866286e-calendario_100q00w000000000000028.png
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecd57c45a976e7d0679ccba8ec468a95f7e07249ea1c8a187bfa2b93d2baca2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:58:36 GMT
x-amz-version-id
eVCpHuGJ8SRG38zSAxfFHqNLYcDJ9L6x
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2024 13:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
632460
etag
"f100aa32edab96e02cb5044caefd2cb4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
440
x-amz-cf-id
O52DBcpvveszJ-Dn9bjcJJp1XIxYx1dvGQpG5n9VMnKe6y8jt0eNdg==
c5706853-lp-divulgacao-curso-de-lideranca-financeira_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/c5706853-lp-divulgacao-curso-de-lideranca-financeira_1000000000000000000028.png
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f9cd777289ff3d24fe3ee726e10c64d75c54609ffe39c64fe7c58568d96aba0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:58:37 GMT
x-amz-version-id
.ctQGDRHo_Y913CpPkiz3qNgo5GSt51d
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2024 13:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
632459
etag
"c39ebb1acec5d4e5d2b4c2578dbd77b4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
35723
x-amz-cf-id
OZiqSIT-H7KzqZpdJTrLbpsISFYU6nyKa_rNmjtm5JrBd5VdzTN1CA==
f17bf032-logo_103h00v000000000000028.png
d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/f17bf032-logo_103h00v000000000000028.png
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
222d9701120e132e4a2b1fca566c3480f651441e9c3bf036361bf4c418f6b609

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:58:37 GMT
x-amz-version-id
fgb3gLk7iPlzzfh19x_zHjQQWBQ7O9bU
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2024 13:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
632459
etag
"6ec1f9c0050282abb98445e12abcc698"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1794
x-amz-cf-id
Gd0qt-r4NAuM9q_yJtPDfZGRlr6RUvvF9E8Vq2HyCtzdvhIwW2mHEw==
b5472ca0-lau_105q061000000000000028.png
d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/b5472ca0-lau_105q061000000000000028.png
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d66a0e6f8772ba7b00e8b8a310c7f5f1bf174e68fd3daf16413c9b6febe6b945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:58:37 GMT
x-amz-version-id
I_.c.MF2OMa0qdkS3ex68YIl3Y6MmHA3
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2024 13:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
632459
etag
"df06862db7365f3c3d985d51940d1adc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
21060
x-amz-cf-id
GX885WZ_S_ZBlujAyQbWCtrKwjNuC9apvml34cQ9oLe-5NDOBsYMcQ==
8cc473e1-afonso_1062062000000000000028.png
d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/8cc473e1-afonso_1062062000000000000028.png
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9437a4d3f71834c11889f775ad07fa1cef0434ac258abbaab1092626017abc79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:58:37 GMT
x-amz-version-id
1SQvDqdGCr0OlDsRJYFGnR5ZJGH79PED
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2024 13:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
632459
etag
"e346138170f73660fa60739f3b88ee4d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
18282
x-amz-cf-id
o7kMfSVDJ0xc_AohMGeJIYWw3FZPk49rYoe9s_hn9mSQLZTe9aM_Mg==
e7946c6e-desenho-cronograma_10j909w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/e7946c6e-desenho-cronograma_10j909w000000000000028.png
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c84d9fd518341a7e82e8d189829c7f37bb98123b5f0169a4db2574010edc29b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:58:37 GMT
x-amz-version-id
_y7J.V6hVSVi9IC8tQbNKYlAzHeJ1Gus
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2024 13:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
632459
etag
"d477a44afc0c7ae4f8b366885368380c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
3098
x-amz-cf-id
RqJZLiVZlD7HW150L4zUBkkxf6aHr71ntWP7WetQoRZZ5PI2cIe6RQ==
09ed973c-desenho-cronograma2_1001001000000000000028.png
d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/ 		116 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/09ed973c-desenho-cronograma2_1001001000000000000028.png
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
971e167eb8ab21e4167fe9b547cbbde7d903140c3a00b0b8b7391a47f14e4156

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:58:38 GMT
x-amz-version-id
6zPy_JdEs3PGUNaODkQvBmxsrYTJuZI7
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2024 13:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
632458
etag
"bf849f6aaaa78404e410477086ede744"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
116
x-amz-cf-id
CkFXZ_uisrvBc55UfmGxFcJP4rnBNH79bYxYIq4KfnQ_ExnuUW8ESw==
5a017926-campaz_105y05w000000000000028.png
d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/material.vexpenses.com/lideranca-financeira-do-futuro/5a017926-campaz_105y05w000000000000028.png
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-21.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7bf962fdc4840354eb387baccedfc70aa1356146c081d48f8454655a1d8bfd43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:58:38 GMT
x-amz-version-id
q6.mt0nht69Oagi06ReaFssvuLoO94mq
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
last-modified
Thu, 14 Mar 2024 13:58:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
632458
etag
"62607fd6e9c1a6caf200dfa216b201fc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
16195
x-amz-cf-id
qvpqannD4BIrRfCzjH6dIK5LkBsMEhNsKq_c3ZzBtAVV3V3uuzwa7A==
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.ub-assets.com/fonts/s/opensans/v40/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-47.ams1.r.cloudfront.net
Software
/
Resource Hash
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Open+Sans:600
Origin
https://material.vexpenses.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 20:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
18596
via
1.1 b26a5eb677aed7368a2c7fd7f1d673dc.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P1
age
5708745
x-amzn-requestid
ca2c5d0a-5ee5-4175-a5d8-63ad8e8f3af7
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
RmU2vFe7oAMEvzw=
content-length
18624
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:40 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-65a59b5e-484877c302437c490f8371e5
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
rt4BttbFlidePO_3m087qgL2a0KLROTk4K_c5ChHugBWi6LuONWepw==
js
www.googletagmanager.com/gtag/ 		298 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KC8FYJCH58&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4SZP7M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ead2d5c4705f98f39249bd4c4874f9721daa8105ee6c05e0a7751b2414c574df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 22:39:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99661
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Mar 2024 22:39:35 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4SZP7M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 21:38:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3653
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 21 Mar 2024 23:38:42 GMT
destination
www.googletagmanager.com/gtag/ 		240 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-818737305&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4SZP7M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29b575790df026b8cd8fc65d347d7ecde104cf69328606d59eda99627c251ca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 22:39:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85495
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Mar 2024 22:39:35 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4SZP7M
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 22:39:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2024 16:03:53 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=83528
accept-ranges
bytes
content-length
17224
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4SZP7M
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 21 Mar 2024 22:39:34 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DDEEB94502954FDFA2579D792C014FA6 Ref B: FRAEDGE1522 Ref C: 2024-03-21T22:39:35Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
vexpensesCookie.js
app.vexpenses.com/assets/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.vexpenses.com/assets/js/vexpensesCookie.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4SZP7M
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.28.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-28-98.compute-1.amazonaws.com
Software
nginx /
Resource Hash
decb509babf355febb523bcb457f311a591467bd5ac007410a6469ef330111de
Security Headers
Name Value
Content-Security-Policy default-src https: wss: data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; worker-src https: blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 22:39:35 GMT
content-security-policy
default-src https: wss: data:; style-src https: 'unsafe-inline'; script-src https: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; worker-src https: blob:;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 16 Nov 2021 20:43:24 GMT
server
nginx
etag
"619417ec-1f1f"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
7967
x-xss-protection
1; mode=block
fbevents.js
connect.facebook.net/en_US/ 		216 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 21 Mar 2024 22:39:35 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57659
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
2+ycN+pAsZw/f69y01KsJ9abFeyp6pppxZQApbo0S/+b2nAdeK1FbzY+jyZO5gVFsgtfLo3EAsRQxBNlfUTHOA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1711060775329&li_adsId=e61fcce1-fc73-4570-ab55-5746b70d51ed&url=https%3A%2F%2Fmaterial.vexpenses.com%2Flideranca-financeira-do-futuro%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1711060775329&li_adsId=e61fcce1-fc73-4570-ab55-5746b70d51ed&url=https%3A%2F%2Fmaterial.vexpenses.com%2Flideranca-financeira-do-futuro%...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D525153%26time%3D1711060775329%26li_adsId%3De61fcce1-fc73-4570-ab55-5746b70d51ed%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1711060775329&li_adsId=e61fcce1-fc73-4570-ab55-5746b70d51ed&url=https%3A%2F%2Fmaterial.vexpenses.com%2Flideranca-financeira-do-futuro%...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1711060775329&li_adsId=e61fcce1-fc73-4570-ab55-5746b70d51ed&url=https%3A%2F%2Fmaterial.vexpenses.com%2Flideranca-financeira-do-futuro...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1711060775329&li_adsId=e61fcce1-fc73-4570-ab55-5746b70d51ed&url=https%3A%2F%2Fmaterial.vexpenses.com%2Flideranca-financeira-do-futuro%2F&cookiesTest=true&liSync=true&e_ipv6=AQIF9M5uOjh81QAAAY5jK3MvOroPSycac6PCtepRGPaYEbReSX2TLKSGf2r2FdZgH8byKC7W
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 22:39:35 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 2AA684225D0544F4ADAF926D0F24C0D1 Ref B: FRAEDGE1515 Ref C: 2024-03-21T22:39:35Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYUM2G79HDIFLc3Cak9XQ==

Redirect headers

date
Thu, 21 Mar 2024 22:39:35 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 877A4A11D8534E19BBBBC48608AAD021 Ref B: FRAEDGE1105 Ref C: 2024-03-21T22:39:35Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=525153&time=1711060775329&li_adsId=e61fcce1-fc73-4570-ab55-5746b70d51ed&url=https%3A%2F%2Fmaterial.vexpenses.com%2Flideranca-financeira-do-futuro%2F&cookiesTest=true&liSync=true&e_ipv6=AQIF9M5uOjh81QAAAY5jK3MvOroPSycac6PCtepRGPaYEbReSX2TLKSGf2r2FdZgH8byKC7W
x-li-proto
http/2
content-length
0
x-li-uuid
AAYUM2G5zv/VVUvFbWUOoA==
899472353483770
connect.facebook.net/signals/config/ 		54 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/899472353483770?v=2.9.150&r=stable&domain=material.vexpenses.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f91bf0a7077cccf0c7c700d6d30647c92e5ea816570669044fd7b527764a3627
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 21 Mar 2024 22:39:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=63, mss=1326, tbw=63017, tp=-1, tpl=-1, uplat=72, ullat=0
pragma
public
x-fb-debug
hntOxt5bWwygwE516EQtMruokgoiLfXCRqtnNxJsQYvZBKVErmxyG5cG4sP8QYDhE5/wOHxf6wzvJgHZIxpQhQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
25058104.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25058104.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 21 Mar 2024 22:39:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 17AC659DBED24294A5A1B9D8BF2C6153 Ref B: FRAEDGE1522 Ref C: 2024-03-21T22:39:35Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25058104&tm=gtm002&Ver=2&mid=21223c87-6a98-4433-8a88-a140683f8dd2&sid=e48dec00e7d311ee97927dc8f1e4d5de&vid=e48dfb10e7d311ee967afd32f23aacce&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fmaterial.vexpenses.com%2Flideranca-financeira-do-futuro%2F&r=&lt=784&evt=pageLoad&sv=1&rn=250457
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:39:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 758FD6BFB8FD41B6A6C8FD1BF5D88C97 Ref B: FRAEDGE1522 Ref C: 2024-03-21T22:39:35Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KC8FYJCH58&gtm=45je43k0v893931961z878297146za200&_p=1711060775039&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1397529610.1711060775&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711060775&sct=1&seg=0&dl=https%3A%2F%2Fmaterial.vexpenses.com%2Flideranca-financeira-do-futuro%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1166
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KC8FYJCH58&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 22:39:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://material.vexpenses.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KC8FYJCH58&cid=1397529610.1711060775&gtm=45je43k0v893931961z878297146za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KC8FYJCH58&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 22:39:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://material.vexpenses.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KC8FYJCH58&cid=1397529610.1711060775&gtm=45je43k0v893931961z878297146za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=360311903
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 22:39:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1237954138&t=pageview&_s=1&dl=https%3A%2F%2Fmaterial.vexpenses.com%2Flideranca-financeira-do-futuro%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1802653094&gjid=351869548&cid=1397529610.1711060775&tid=UA-73039654-1&_gid=2046384992.1711060775&_r=1&_slc=1&gtm=45He43k0n81M4SZP7Mv78297146za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2109392439
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://material.vexpenses.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 22:39:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://material.vexpenses.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=899472353483770&ev=PageView&dl=https%3A%2F%2Fmaterial.vexpenses.com%2Flideranca-financeira-do-futuro%2F&rl=&if=false&ts=1711060775459&sw=1600&sh=1200&v=2.9.150&r=stable&ec=0&o=4126&fbp=fb.1.1711060775459.315560469&ler=empty&cdl=API_unavailable&it=1711060775351&coo=false&rqm=GET
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1326, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 21 Mar 2024 22:39:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-73039654-1&cid=1397529610.1711060775&jid=1802653094&gjid=351869548&_gid=2046384992.1711060775&npa=1&_u=YADAAAAAAAAAAC~&z=708990891
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://material.vexpenses.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 21 Mar 2024 22:39:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://material.vexpenses.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-73039654-1&cid=1397529610.1711060775&jid=1802653094&npa=1&_u=YADAAAAAAAAAAC~&z=854649624
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 22:39:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-73039654-1&cid=1397529610.1711060775&jid=1802653094&npa=1&_u=YADAAAAAAAAAAC~&z=854649624
Requested by
Host: material.vexpenses.com
URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Mar 2024 22:39:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		33 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Bitter|Cabin|Crimson+Text|Droid+Sans|Droid+Serif|Lato|Lobster|Montserrat|Old+Standard+TT|Open+Sans|Oswald|Pacifico|Playfair+Display|PT+Sans|Raleway|Rubik|Source+Sans+Pro|Ubuntu|Roboto
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
67c7ca02627651328137f634d3d44a353758eda1187ffc7265cdb8e794bca5e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Mar 2024 22:39:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 22:39:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Mar 2024 22:39:35 GMT
select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 22:39:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
716790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2295
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-38aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b4iqlMPhZqbIUy6e2%2FEtzQsJCjAwN4h7FXFJBaeqyaNhvRP8YKpV6%2F0bssI0Z6kUQftrPffabWNr0yNQ3DgS0BTMn2WF5QrwmZkXewzzGWo97LeFdgFvzrqIdA9I0W7s86%2FLKsQ4vjmcphSZPTUqJcgh"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
868170581b9f35f1-FRA
expires
Tue, 11 Mar 2025 22:39:35 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 18:17:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Mar 2025 18:17:16 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter|Cabin|Crimson+Text|Droid+Sans|Droid+Serif|Lato|Lobster|Montserrat|Old+Standard+TT|Open+Sans|Oswald|Pacifico|Playfair+Display|PT+Sans|Raleway|Rubik|Source+Sans+Pro|Ubuntu|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://material.vexpenses.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 07:46:25 GMT
x-content-type-options
nosniff
age
226390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 07:46:25 GMT
bundle.js
d335luupugsy2.cloudfront.net/scout/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/scout/bundle.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/32718be9-3d67-4d65-8ccd-a1e4374ed640-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.63.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-63-49.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 22:39:37 GMT
content-encoding
gzip
via
1.1 5869d8337913ed7453262c3cf9c9a9e6.cloudfront.net (CloudFront)
x-amz-version-id
xvE1oD7N95F7Ryla0IJ0XqZzWjVm9lt6
last-modified
Thu, 28 Jan 2021 17:27:51 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
etag
W/"88819ce057f99124674a75d611e4f53a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-store
x-amz-cf-id
uOzoqsN2pKOZhga-Sxvz2ciiEGvdNcCP_yzcTTYwR31eGZ6tpygCsQ==
select2.min.js
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 22:39:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
712613
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15507
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-10424"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QuszDQrDxv5hzpCU9NGaIqjZJ6zSP9VHp45MXZVPQft8cIYj2JS%2BcAjLvm58oKX2uKsph7Xj0ACbuoZaBLIQ036X6e8hqBJyb8Po1IY3YFw2tN7INDOuSddtadvcAykHp0TkFNQV0PepMF8o8dGz%2Baj9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
868170602a5c35f1-FRA
expires
Tue, 11 Mar 2025 22:39:36 GMT
lead-tracking.min.js
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/32718be9-3d67-4d65-8ccd-a1e4374ed640-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.63.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-63-49.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
content-encoding
gzip
via
1.1 5869d8337913ed7453262c3cf9c9a9e6.cloudfront.net (CloudFront)
date
Thu, 21 Mar 2024 03:45:48 GMT
last-modified
Mon, 17 Aug 2020 12:56:23 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
age
68029
etag
W/"361325c86c17ebc03ff0f4d88d267a83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
CI9ep0J06ag0gPAsN1QfaOHQHy0X05VEVq5qGRNAhepf6c707USvdQ==
traffic-source-cookie.min.js
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/32718be9-3d67-4d65-8ccd-a1e4374ed640-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.63.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-63-49.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
QfrmjXJN9imPm0CvR.Kk8uxg0RnubrVf
content-encoding
gzip
via
1.1 5869d8337913ed7453262c3cf9c9a9e6.cloudfront.net (CloudFront)
date
Thu, 21 Mar 2024 21:47:42 GMT
last-modified
Mon, 09 Jan 2023 17:04:37 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
age
3115
x-amz-server-side-encryption
AES256
etag
W/"dae3ed517b23abad11d0bd6b79f24080"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
s0gXIjAVGK1U-I2VNdGpS9W2C0qur1DkWWKs5soxIUgMkWCGaqHHTQ==
js
www.googletagmanager.com/gtag/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N6YRLREWS2
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N6YRLREWS2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4SZP7M
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
send
pageview-notify.rdstation.com.br/ 		36 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pageview-notify.rdstation.com.br/send
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.116.223.35.bc.googleusercontent.com
Software
/
Resource Hash
0c61a5368cf74d3c4b7f38b2fa397a1aac4ec2d30de2aa3ac44f1b6a6b262196
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://material.vexpenses.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Mar 2024 22:39:37 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html;charset=utf-8
access-control-allow-origin
https://material.vexpenses.com
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
*, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length
36
x-xss-protection
1; mode=block
select2.png
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 		518 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6e577638db834fd15b0f3799b7a3848a64a8daac7c90baa64d72a8a1ed67641
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 22:39:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
716712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
522
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-206"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ACaAn5L%2Bj4Wm4%2BidySkMYzlJa3uTG8lnWa7v5jOByoLNLXjbW7LK2z5fgb3g5aH00HmvIxNYguDhu3bwTpsYbhQ5WE1vVSYAphdnqltHyFhFBwHTywJOJP4TOh9nxcXGaDjsKvvEZ31frKG0EH2KX20S"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
868170605e6b8ebb-FRA
expires
Tue, 11 Mar 2025 22:39:37 GMT
br.svg
dk9suync0k2va.cloudfront.net/js/rd/stable/flags/4x3/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dk9suync0k2va.cloudfront.net/js/rd/stable/flags/4x3/br.svg?t=1560538149
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.61.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-61-71.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27b60457a892efcd4d4cebd0135e35b92112757c657cdcdf35af14bf8d9f0f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 21 Mar 2024 03:38:16 GMT
Content-Encoding
gzip
Via
1.1 a5b856e4b06666713c5cc47a5b2ec7ae.cloudfront.net (CloudFront)
Last-Modified
Tue, 18 Jun 2019 14:20:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
AMS1-P2
Age
68496
ETag
"80934471d745e9f7973f57260ff17e39"
X-Cache
Hit from cloudfront
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2818
X-Amz-Cf-Id
CP9EHO2OIkkARURjxdFU-z0gjEd-_G7XOlfP1sYA9S9QmsgC2emDtw==
rdstation-popup.min.js
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 		202 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/32718be9-3d67-4d65-8ccd-a1e4374ed640-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.63.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-63-49.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
225343440217a5d22f3877ec17dc7ee6d830ee741a47228cfd1781362ad00474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
p5CvNmBR8Hi2L2KZd2nEga.lokO16FDg
content-encoding
gzip
via
1.1 5869d8337913ed7453262c3cf9c9a9e6.cloudfront.net (CloudFront)
date
Thu, 21 Mar 2024 20:22:54 GMT
last-modified
Mon, 29 Jan 2024 17:45:12 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
age
8204
x-amz-server-side-encryption
AES256
etag
"ebe3e4ed1116d2f30c297f590cf2bfc7"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
56869
x-amz-cf-id
UuE8LbpUyU3MmXvAF2y6LFJxd7vRb7JjFW2qKTWzL0uldqnVTloB6Q==
rd-js-integration.min.js
d335luupugsy2.cloudfront.net/js/integration/stable/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/32718be9-3d67-4d65-8ccd-a1e4374ed640-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.63.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-63-49.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f98dd5a52d1b5eae7b5846936ae0ebbddc0a10466d818706696144157d207d0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
Ue47Arb7o21QIXzXdR.6SzkIvhr7p6iy
content-encoding
gzip
via
1.1 5869d8337913ed7453262c3cf9c9a9e6.cloudfront.net (CloudFront)
date
Thu, 21 Mar 2024 19:40:07 GMT
x-amz-cf-pop
AMS58-P4
age
10771
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4699
last-modified
Wed, 29 Mar 2023 14:00:58 GMT
server
AmazonS3
etag
"1f7cabf79794bdf27abc546d74059ded"
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
x-amz-cf-id
J8t5hAEyWpyfOo_8qfq_Q0Bnuu-1kjwO681J2f13QThqfvpYQPZgkg==
show.json
popups.rdstation.com.br/popup/ 		13 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://popups.rdstation.com.br/popup/show.json?account_id=11920&uniq=_0j89d2w9a&ref=aHR0cHM6Ly9tYXRlcmlhbC52ZXhwZW5zZXMuY29tL2xpZGVyYW5jYS1maW5hbmNlaXJhLWRvLWZ1dHVyby8%3D
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.90.68.34.bc.googleusercontent.com
Software
/
Resource Hash
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://material.vexpenses.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=7776000
date
Thu, 21 Mar 2024 22:39:37 GMT
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options
sameorigin
content-type
application/json
access-control-allow-origin
*
content-length
13

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ub object| dataLayer object| RdstationForms function| RDStationForms function| ubSnowplow boolean| ubSnowplowInitialized function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| fbq function| _fbq function| lintrk boolean| _already_called_lintrk function| UET function| UET_init function| UET_push object| ueto_e229460629 object| uetq function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| $ function| jQuery function| loadScoutScript object| RDStation object| RDCookieControl function| initScoutBanner boolean| RDStationTrackingCodeChecker object| ORIBILI function| CookieConsent function| Scout string| countryCallingCode object| LeadTracking object| Select2 object| TrafficSourceCookie function| _classCallCheck function| _defineProperties function| _createClass function| _typeof function| RDStationFormIntegration function| doRequest object| FormFields function| RDErrorNotifier object| RDIntegrationCookieConsent object| RDIntegrationCreditCard object| RegexNamesFactory object| SensitiveDataFilter object| RDIntegrationDataPrivacy object| FieldMapping object| RdIntegrationIdentifier object| RdIntegration object| RdstationPopup object| credentials

23 Cookies

Domain/Path Name / Value
material.vexpenses.com/lideranca-financeira-do-futuro/ Name: ubpv
Value: a%2C85f4991c-50a2-4ec1-aec3-1bcc646ffbe3
material.vexpenses.com/ Name: ubvs
Value: 942849c1-9c6a-43cb-a943-788d36530426
.vexpenses.com/ Name: ubvt
Value: v2%7C942849c1-9c6a-43cb-a943-788d36530426%7C85f4991c-50a2-4ec1-aec3-1bcc646ffbe3%3Aa%3Asingle
.material.vexpenses.com/ Name: __cf_bm
Value: l4JpQ3MROXW9NE9lMduXjRwGvRKxCdEWzjoAEtTAMwA-1711060774-1.0.1.1-_9mWqf59gWDFlyTOWYxgQyX3BIQk5k318aPxgIbfitrg1vk32jDm.BqrVkuToWpu3QDzRzt8OUWhx4g7A9uZeg
.vexpenses.com/ Name: _uetsid
Value: e48dec00e7d311ee97927dc8f1e4d5de
.vexpenses.com/ Name: _uetvid
Value: e48dfb10e7d311ee967afd32f23aacce
.vexpenses.com/ Name: _ga_KC8FYJCH58
Value: GS1.1.1711060775.1.0.1711060775.60.0.0
.vexpenses.com/ Name: _ga
Value: GA1.1.1397529610.1711060775
.bing.com/ Name: MUID
Value: 277022B48EF2640A012036FD8F996591
.linkedin.com/ Name: li_sugr
Value: 3ed3e2cc-7a00-4d65-9754-7755334aa789
.linkedin.com/ Name: bcookie
Value: "v=2&b2c08352-e286-403b-832f-97be85f14413"
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2932:u=1:x=1:i=1711060775:t=1711147175:v=2:sig=AQEaJmcTSIsHj12RwXCoWGG1wf2T9oJx"
.material.vexpenses.com/ Name: _ga
Value: GA1.3.1397529610.1711060775
.material.vexpenses.com/ Name: _gid
Value: GA1.3.2046384992.1711060775
.material.vexpenses.com/ Name: _gat_UA-73039654-1
Value: 1
.vexpenses.com/ Name: _fbp
Value: fb.1.1711060775459.315560469
.linkedin.com/ Name: UserMatchHistory
Value: AQJeGAQ9DAcGxQAAAY5jK3JTSeqkF_jqvcnro8i0x7E0DQs5lX_xN0Gggl-P_coQ0hUEAYZ7mn_eVA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJdqax3FHKIzQAAAY5jK3JUGVs4KikfXClgo5tFTKonf12Zq0NJxczhmHhgL3UUjLlR5BZc2zJfbYCz7pnR1w
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240321223935b48729c0-0a4e-46b1-8987-b407fca066cbAQE_wJ826EIEH_OYKKgb9hHes4jqi4F6"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTEwNjA3NzU7MjswMjFTitFxhMzdgsLxE6WWKE72oS5rKBpTnl6mde3sZHZrqg==
.vexpenses.com/ Name: VExpensesCookie
Value: eyJmaXJzdFNlc3Npb24iOlt7Imhvc3RuYW1lIjoibWF0ZXJpYWwudmV4cGVuc2VzLmNvbS9saWRlcmFuY2EtZmluYW5jZWlyYS1kby1mdXR1cm8vIiwicmVmZXJyZXIiOiIiLCJjcmVhdGVkX2F0IjoxNzExMDYwNzc1LjY5NywidXRtX3NvdXJjZSI6IihOb25lKSIsImRvbWFpbiI6IlVua25vd24ifV0sImxhc3RTZXNzaW9uIjp7Imhvc3RuYW1lIjoibWF0ZXJpYWwudmV4cGVuc2VzLmNvbS9saWRlcmFuY2EtZmluYW5jZWlyYS1kby1mdXR1cm8vIiwicmVmZXJyZXIiOiIiLCJjcmVhdGVkX2F0IjoxNzExMDYwNzc1LjY5NywidXRtX3NvdXJjZSI6IihOb25lKSJ9LCJwYWdlQ291bnRlciI6MSwiaWRMZWFkIjoiYTM2ZWVmMDktNjQ1ZC00ZjJhLTk0M2YtMGVhZDNjNTk4MGM0Iiwib3BlcmF0aW9uYWxTeXN0ZW0iOiJXaW5kb3dzIE5UIDEwLjAiLCJicm93c2VyIjoiQ2hyb21lIiwiY3JlYXRlZF9hdCI6MTcxMTA2MDc3NS42OTcsInVwZGF0ZWRfYXQiOjE3MTEwNjA3NzUuNjk3fQ==
.vexpenses.com/ Name: __trf.src
Value: encoded_eyJmaXJzdF9zZXNzaW9uIjp7InZhbHVlIjoiKG5vbmUpIiwiZXh0cmFfcGFyYW1zIjp7fX0sImN1cnJlbnRfc2Vzc2lvbiI6eyJ2YWx1ZSI6Iihub25lKSIsImV4dHJhX3BhcmFtcyI6e319LCJjcmVhdGVkX2F0IjoxNzExMDYwNzc3MDE3fQ==
.vexpenses.com/ Name: rdtrk
Value: %7B%22id%22%3A%222fe54a8a-dc60-4fac-a603-00144093637e%22%7D

33 Console Messages

Source Level URL
Text
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/899472353483770?v=2.9.150&r=stable&domain=material.vexpenses.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://material.vexpenses.com/lideranca-financeira-do-futuro/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.googletagmanager.com/gtag/js?id=G-N6YRLREWS2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.googletagmanager.com/gtag/js?id=G-N6YRLREWS2&l=dataLayer&cx=c
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.vexpenses.com
bat.bing.com
builder-assets.unbounce.com
cdnjs.cloudflare.com
connect.facebook.net
d335luupugsy2.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dk9suync0k2va.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fonts.ub-assets.com
forms.rdstation.com.br
material.vexpenses.com
pageview-notify.rdstation.com.br
popups.rdstation.com.br
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
stats.g.doubleclick.net
u6102634.ct.sendgrid.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.18.34.21
108.156.61.71
13.107.42.14
13.227.219.60
167.89.115.54
18.239.63.49
18.65.39.47
2001:4860:4802:34::36
2606:4700::6811:190e
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2008
2a00:1450:4001:813::200a
2a00:1450:4001:827::200a
2a00:1450:4001:829::2003
2a00:1450:400c:c00::9a
2a02:26f0:3500:16::215:149b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.160.156.21
3.231.28.98
34.68.90.188
35.223.116.65
0c61a5368cf74d3c4b7f38b2fa397a1aac4ec2d30de2aa3ac44f1b6a6b262196
1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e
222d9701120e132e4a2b1fca566c3480f651441e9c3bf036361bf4c418f6b609
225343440217a5d22f3877ec17dc7ee6d830ee741a47228cfd1781362ad00474
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29b575790df026b8cd8fc65d347d7ecde104cf69328606d59eda99627c251ca3
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
5288cd95d43ae5e8476e17ba75f0c8b5ff2d81d6a366dcc6c88e63810b259104
54506d6275c3d09572d1ab044f7343378fc9b40fa9b1769c5fccd543ee497348
5c5e2a9ae1890dbe30077d1b115d44afa4ea6b25ca3171a7a23db55ed9b634b5
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
67c7ca02627651328137f634d3d44a353758eda1187ffc7265cdb8e794bca5e5
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7bf962fdc4840354eb387baccedfc70aa1356146c081d48f8454655a1d8bfd43
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85295fdf18411e633d6db2ab60aea0e22919b58a3147c899a7bb5be7d023576c
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
882f851d46637b0bb657a7ed83e861022abb8ab41f275dd1d824a8129cd1f9da
8c84d9fd518341a7e82e8d189829c7f37bb98123b5f0169a4db2574010edc29b
8f9cd777289ff3d24fe3ee726e10c64d75c54609ffe39c64fe7c58568d96aba0
939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d
9437a4d3f71834c11889f775ad07fa1cef0434ac258abbaab1092626017abc79
94a33603b2498bc63c995b25840e7d8bc1e56962d8f5cbdee395f5527f15a54b
94e18d3e2e9aa4187a5500654294b9e5b25b998aac4b71fc1123677bba5533bf
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
971e167eb8ab21e4167fe9b547cbbde7d903140c3a00b0b8b7391a47f14e4156
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
a52f1dfd87dcf1eb54bda2cce52c3abe29b17dca054b793ceef3d1813416d6e4
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee
c9e9051131c001e1d09d4e3c3870f615fdb85b8d1d15689d30c66f73d211f770
ccf4b3ccea59f35d60a35d076ed6deb9b5574fc2f184596452d477383e834cc5
d66a0e6f8772ba7b00e8b8a310c7f5f1bf174e68fd3daf16413c9b6febe6b945
d6e577638db834fd15b0f3799b7a3848a64a8daac7c90baa64d72a8a1ed67641
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
decb509babf355febb523bcb457f311a591467bd5ac007410a6469ef330111de
e09ed2b00b04979c1588ae2d87b5cbc4e91b56d96b97b031ffa3e73db5bdad8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73b1251bca5f8b63c21fcf87382c4fa7f3a4680ace6106ffaa5506fd151bf98
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e7e50714520a8f0115746a001abfe95e03b76f6ed11ff57894b1d7b3188ecc05
e8b69073abd76ef6fb071117441e540edeaa4ebb410a5b3a1e8b1b0107f28a6a
ead2d5c4705f98f39249bd4c4874f9721daa8105ee6c05e0a7751b2414c574df
ecd57c45a976e7d0679ccba8ec468a95f7e07249ea1c8a187bfa2b93d2baca2e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27b60457a892efcd4d4cebd0135e35b92112757c657cdcdf35af14bf8d9f0f3
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5
f91bf0a7077cccf0c7c700d6d30647c92e5ea816570669044fd7b527764a3627
f98dd5a52d1b5eae7b5846936ae0ebbddc0a10466d818706696144157d207d0b
ff68cad91230b2c98665f41e3c8f1db6135de9358a6ace970c5dd7b8b93b0c30