urlscan.io logo urlscan.io
SecurityTrails logo

pay.kiwify.com.br Open in urlscan Pro
104.18.31.20  Public Scan

Go To Rescan Add Verdict Report
URL: https://pay.kiwify.com.br/Z0ffkik
Submission: On January 02 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 5 countries across 13 domains to perform 55 HTTP transactions. The main IP is 104.18.31.20, located in and belongs to CLOUDFLARENET, US. The main domain is pay.kiwify.com.br.
TLS certificate: Issued by E1 on November 22nd 2023. Valid for: 3 months.
This is the only time pay.kiwify.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 104.18.31.20 13335 (CLOUDFLAR...)
4 142.250.181.234 15169 (GOOGLE)
1 151.101.1.63 54113 (FASTLY)
6 157.240.0.6 32934 (FACEBOOK)
6 216.58.206.35 15169 (GOOGLE)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 142.250.181.232 15169 (GOOGLE)
2 2.16.96.190 16625 (AKAMAI-AS)
4 142.250.185.228 15169 (GOOGLE)
4 142.250.74.195 15169 (GOOGLE)
1 216.239.34.36 15169 (GOOGLE)
3 157.240.251.35 32934 (FACEBOOK)
1 104.16.123.96 13335 (CLOUDFLAR...)
2 34.95.239.181 396982 (GOOGLE-CL...)
2 104.18.30.20 13335 (CLOUDFLAR...)
1 104.198.23.205 ()
55 17
15    104.18.31.20 (None, )

ASN13335 (CLOUDFLARENET, US)
pay.kiwify.com.br
assets.kiwify.com.br
checkout-api.kiwify.com.br
4    142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net
fonts.googleapis.com
1    151.101.1.63 (United States)

ASN54113 (FASTLY, US)
assets.pagar.me
6    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
6    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f3.1e100.net
fonts.gstatic.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
cdn.lr-ingest.io
1    142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net
www.googletagmanager.com
2    2.16.96.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-96-190.deploy.static.akamaitechnologies.com
s.pinimg.com
4    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
4    142.250.74.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net
www.gstatic.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    157.240.251.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra5.facebook.com
www.facebook.com
1    104.16.123.96 (None, )

ASN13335 (CLOUDFLARENET, US)
www.cloudflare.com
2    34.95.239.181 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 181.239.95.34.bc.googleusercontent.com
pixels.cursinho.top
2    104.18.30.20 (None, )

ASN13335 (CLOUDFLARENET, US)
checkout-api.kiwify.com.br
1    104.198.23.205 (None, )

ASN- ()
r.lr-ingest.io
Apex Domain
Subdomains		 Transfer
17 kiwify.com.br
pay.kiwify.com.br
assets.kiwify.com.br
checkout-api.kiwify.com.br
1010 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
566 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
266 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 6
35 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
4 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
270 B
2 cursinho.top
pixels.cursinho.top
3 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1174
21 KB
2 lr-ingest.io
cdn.lr-ingest.io — Cisco Umbrella Rank: 23542
r.lr-ingest.io
164 KB
1 cloudflare.com
www.cloudflare.com — Cisco Umbrella Rank: 5525
450 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1695
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
84 KB
1 pagar.me
assets.pagar.me
81 KB
55 13
Domain Requested by
13 assets.kiwify.com.br pay.kiwify.com.br
6 fonts.gstatic.com fonts.googleapis.com
www.google.com
6 connect.facebook.net pay.kiwify.com.br
connect.facebook.net
assets.kiwify.com.br
pixels.cursinho.top
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com assets.kiwify.com.br
www.gstatic.com
www.google.com
4 fonts.googleapis.com pay.kiwify.com.br
3 www.facebook.com pay.kiwify.com.br
pixels.cursinho.top
3 checkout-api.kiwify.com.br assets.kiwify.com.br
2 pixels.cursinho.top assets.kiwify.com.br
pixels.cursinho.top
2 s.pinimg.com assets.kiwify.com.br
s.pinimg.com
1 r.lr-ingest.io cdn.lr-ingest.io
1 www.cloudflare.com assets.kiwify.com.br
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com assets.kiwify.com.br
1 cdn.lr-ingest.io assets.kiwify.com.br
1 assets.pagar.me pay.kiwify.com.br
1 pay.kiwify.com.br
55 17

This site contains links to these domains. Also see Links.

Domain
www.kiwify.com.br
policies.google.com
kiwify.com.br
Subject Issuer Validity Valid
kiwify.com.br
E1		 2023-11-22 -
2024-02-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.pagar.me
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-03 -
2024-08-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-11 -
2024-01-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
lr-ingest.io
E1		 2023-12-03 -
2024-03-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.cloudflare.com
GTS CA 1P5		 2023-12-26 -
2024-03-25		 3 months crt.sh
pixels.cursinho.top
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
api.logrocket.com
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://pay.kiwify.com.br/Z0ffkik
Frame ID: A0FEBEE966F9CDCCDE673EB976E5BB6F
Requests: 41 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8_M8UAAAAALMtJ4ZfOvQqVdvzfRubVs2ehpoF&co=aHR0cHM6Ly9wYXkua2l3aWZ5LmNvbS5icjo0NDM.&hl=pl&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=yjw74tm5tya6
Frame ID: 3664AAA855E604DB533B5BA17294F813
Requests: 9 HTTP requests in this frame

Frame: https://pixels.cursinho.top/pixel.html?pixel=918506683128022&product_price=25.02&event_id=9tct8tl074bezbzp6y&product_name=YOGA%20VIDA%20NATURAL&product_id=Z0ffkik&external_id=9tct8tl074bezbzp6y
Frame ID: 19A907088A4B47B2078F097BF0A4A7CC
Requests: 1 HTTP requests in this frame

Frame: https://pixels.cursinho.top/index.html?pixel=918506683128022&product_price=25.02&product_id=Z0ffkik&product_name=YOGA%20VIDA%20NATURAL&event_id=&external_id=9tct8tl074bezbzp6y
Frame ID: A8D1C96FC19D89FF9C79A5EFDD5639A7
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

YOGA VIDA NATURAL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.lr-ingest\.io
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

55
Requests

98 %
HTTPS

0 %
IPv6

13
Domains

17
Subdomains

17
IPs

5
Countries

2236 kB
Transfer

6409 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Z0ffkik
pay.kiwify.com.br/ 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
358f5ede9fb45ab86b2277e3fbbd91f598859cfdb7958abca7e88e0574eb7934
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
83f2fd9edf0691d2-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 12:26:41 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-cloud-trace-context
f49cbc3acf0a96c616dc63f117a0e8f1
css2
fonts.googleapis.com/ 		2 KB
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@400&display=swap
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
0c5ef99b072e33db9aa57c3e8f5b77dd09c6d6b905331f69768f0b0413be78fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:26:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 12:26:41 GMT
css2
fonts.googleapis.com/ 		1 KB
495 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
a9013a737d5a92af5fa83b598cbd897ca98275812fea86e8434bd96daa2c0eb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 11:17:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 12:26:41 GMT
css2
fonts.googleapis.com/ 		23 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
195354a23b1fdd59189b86bc6eec46b02f52ef00833d1c453d537fe7c667787c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 11:45:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 12:26:41 GMT
css2
fonts.googleapis.com/ 		7 KB
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;600;700&display=swap
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:26:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:25:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 12:26:41 GMT
pagarme.min.js
assets.pagar.me/pagarme-js/4.5/ 		294 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pagar.me/pagarme-js/4.5/pagarme.min.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.63 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea66632826a434319dd8083b6dabaff9b2c74c67ff85e3ebcb95fd47ed2b9a13

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:41 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3504
x-cache
HIT, HIT
content-length
82955
x-served-by
cache-bfi-krnt7300099-BFI, cache-fra-eddf8230134-FRA
last-modified
Tue, 15 Oct 2019 00:23:11 GMT
server
nginx
etag
"5da5116f-49870"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
70871, 1
sdk.js
connect.facebook.net/en_GB/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
5c94ba511f6b306aa3344e3d3b23e1f503692936a03484ed445c5d5336fe7aa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pay.kiwify.com.br/
Origin
https://pay.kiwify.com.br
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 12:26:41 GMT
content-md5
wDxnYUQnHwdMvzITTbpBiQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
x-fb-debug
PjiMWZkYc55eofp64rWHqYUAwO/tYb8IYHihHudtLv9z2YB+4K0cxAy1zDhDLYUkulsKHQR0hqeA7DON8BjpwA==
x-fb-content-md5
7c2bc2bf3693036f78eb29aa6949584e
cross-origin-opener-policy
same-origin-allow-popups
etag
"8ede27282b41623d4b99e32b57145309"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 02 Jan 2024 12:42:22 GMT
cc72410.js
assets.kiwify.com.br/custom_checkout/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/cc72410.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa706282dff86b2373e845058203f70f766a064240aa1e9cd82a2866a8236eed
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:41 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
759
x-guploader-uploadid
ABPtcPoCCmyRXrkz1wU3hnjyCJuxNKMfzMOT9uIs9AQQjLfy1CPxqA0fu_MhfNZu4J_AlwlElfAaHB3zDw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1238
last-modified
Tue, 26 Dec 2023 14:04:01 GMT
server
cloudflare
etag
"3adf27bcc7653c609372f8a268a69a3c"
vary
Accept-Encoding
x-goog-generation
1703599441695883
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=v+b/Jg==, md5=Ot8nvMdlPGCTcviiaKaaPA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
1238
accept-ranges
bytes
cf-ray
83f2fde95be091d2-FRA
expires
Tue, 02 Jan 2024 16:26:41 GMT
5f5161c.js
assets.kiwify.com.br/custom_checkout/ 		250 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/5f5161c.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9863b56525aed7ef38b7c251681997fbc68b521a58f94a25cc714b0440e52a1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:41 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
1114
x-guploader-uploadid
ABPtcPonFwTDFlbzljSaes7s0hQHdyv6yFiOCKpoRQ7f1WxTc4uh4d2uvs7Vq_eA3pu9C6qPg47ZutA_gw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
87064
last-modified
Fri, 08 Dec 2023 18:03:20 GMT
server
cloudflare
etag
"2703c8c671fd4371789db97166feac3c"
vary
Accept-Encoding
x-goog-generation
1702058599999556
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=smfiaQ==, md5=JwPIxnH9Q3F4nblxZv6sPA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
87064
accept-ranges
bytes
cf-ray
83f2fde94bd691d2-FRA
expires
Tue, 02 Jan 2024 16:26:41 GMT
771aa75.js
assets.kiwify.com.br/custom_checkout/ 		600 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/771aa75.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec130b86ee1b4b2203db61fbfcc79ee45d51d58821cdc8ec3cc72251dda41889
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:41 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
820
x-guploader-uploadid
ABPtcPqFHoB3t6aW3gC-dhPSTfzpoHhZFL7ZZqXe0NrX53dARVyAtLZlz_IWRKXjL-1f6PN-bq4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
150972
last-modified
Fri, 08 Dec 2023 18:03:20 GMT
server
cloudflare
etag
"e87df3f2b93bfa21a72295f07ef4dd34"
vary
Accept-Encoding
x-goog-generation
1702058600053923
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=TvMHXg==, md5=6H3z8rk7+iGnIpXwfvTdNA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
150972
accept-ranges
bytes
cf-ray
83f2fde94bd891d2-FRA
expires
Tue, 02 Jan 2024 16:26:41 GMT
f0b6d2c.js
assets.kiwify.com.br/custom_checkout/ 		156 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/f0b6d2c.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0455d96e662fe2b75e56a0f2f2e663db19afea49ae9d933c454ede3814f0a88
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:41 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
676
x-guploader-uploadid
ABPtcPraIWEHQvz1Tr0D6XQxSgY8UBo9VJz6gC3AtrdYdl71ojl483llT7J8cLg9VUvv0RHTOlv07P5JPw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
46635
last-modified
Tue, 26 Dec 2023 14:04:01 GMT
server
cloudflare
etag
"ac269c8f8a74b8b5b40bf33799342fc3"
vary
Accept-Encoding
x-goog-generation
1703599441721027
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=05hlFg==, md5=rCacj4p0uLW0C/M3mTQvww==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
46635
accept-ranges
bytes
cf-ray
83f2fde94bd991d2-FRA
expires
Tue, 02 Jan 2024 16:26:41 GMT
7ca30d3.js
assets.kiwify.com.br/custom_checkout/ 		381 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/7ca30d3.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67f49113cbb3b5d54f496fcc944cafb7e7b450a618579b2831d7d7c61c5188dc
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:41 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
1114
x-guploader-uploadid
ABPtcPqvEPzUswl9OMRlypXoXDFlJ7jYXVZFA-fY4r2ELUravP0n9dZwFMioIymuakTlBdf_1sX6frahOw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
97754
last-modified
Tue, 26 Dec 2023 14:04:01 GMT
server
cloudflare
etag
"efeb50b0435f4269a18f410e1b0cd4e3"
vary
Accept-Encoding
x-goog-generation
1703599441736456
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=rVTALA==, md5=7+tQsENfQmmhj0EOGwzU4w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
97754
accept-ranges
bytes
cf-ray
83f2fde94bda91d2-FRA
expires
Tue, 02 Jan 2024 16:26:41 GMT
70b3a28.js
assets.kiwify.com.br/custom_checkout/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/70b3a28.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3d1612d0388302643b44894ace4103b6a787b353167eec42440cf2b854e15f8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:41 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
3300
x-guploader-uploadid
ABPtcPpiahkydrL9JDJsYgyY5BISKd19l-douGTIjPF3ka4Wfv9tyrmfz7MMEV_gZnUj7j1J9Dk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
4878
last-modified
Wed, 13 Dec 2023 14:45:48 GMT
server
cloudflare
etag
"397ff8fa0025f464b5fefeecf0284f86"
vary
Accept-Encoding
x-goog-generation
1702478748102123
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=D8aALg==, md5=OX/4+gAl9GS1/v7s8ChPhg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
4878
accept-ranges
bytes
cf-ray
83f2fde95bdc91d2-FRA
expires
Tue, 02 Jan 2024 16:26:41 GMT
8c0aaca.js
assets.kiwify.com.br/custom_checkout/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/8c0aaca.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d70ecff186a8dff915a4933631a94fe6b3cc68f6874d49e43ab91bc87e2c21e7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:41 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
3410
x-guploader-uploadid
ABPtcPqeeebzmBEE9LyqArYYXNaxA8jY8bSV0Wuk1V0NL6GdThtmn_yIpaM_9an451oOpjGf3JM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
5273
last-modified
Wed, 13 Dec 2023 14:45:48 GMT
server
cloudflare
etag
"a405ff2661cdd8c88d9b5d8f9f722f24"
vary
Accept-Encoding
x-goog-generation
1702478748082602
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=u4gDpg==, md5=pAX/JmHN2MiNm12Pn3IvJA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
5273
accept-ranges
bytes
cf-ray
83f2fde95bdd91d2-FRA
expires
Tue, 02 Jan 2024 16:26:41 GMT
90ab04b.js
assets.kiwify.com.br/custom_checkout/ 		225 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/90ab04b.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53d8289eaf8367dded48ee95ecf4a4b8676e8ce7e3ab93a94ffaef38d58fd41b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:41 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
2046
x-guploader-uploadid
ABPtcPqaVsmCHWxXKaIr010j-ePy8jtObYuqthyiEUpKgQL0BWceAkQOQhCg-KGaQ3ZE1k_7YJ0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
75691
last-modified
Wed, 13 Dec 2023 14:45:48 GMT
server
cloudflare
etag
"9fe6b49a4c850654baba9b5168df2d7d"
vary
Accept-Encoding
x-goog-generation
1702478748078982
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=CCeY2w==, md5=n+a0mkyFBlS6uptRaN8tfQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
75691
accept-ranges
bytes
cf-ray
83f2fde95bde91d2-FRA
expires
Tue, 02 Jan 2024 16:26:41 GMT
2ce56cd.js
assets.kiwify.com.br/custom_checkout/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/2ce56cd.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba220fd6b7c31872638140561ab66fffcb7ac750088e8cb7045c9dd476be3e25
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:41 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
1432
x-guploader-uploadid
ABPtcPqaZZV80SylAjlAYwtL-Zk8FrsfX_mXZ6N_uVrRoD3W1CAe3vT53_GTAe-gybu1s5Ho6GQzzucJ2Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
2457
last-modified
Wed, 13 Dec 2023 14:45:48 GMT
server
cloudflare
etag
"7d6e3c7de6b45ee9d45a1caf64f8606e"
vary
Accept-Encoding
x-goog-generation
1702478748083209
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=450I9A==, md5=fW48fea0XunUWhyvZPhgbg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
2457
accept-ranges
bytes
cf-ray
83f2fde95bdf91d2-FRA
expires
Tue, 02 Jan 2024 16:26:41 GMT
YOGA-13_320ebbcb3a7b483cb3c6b38d4bcbfa51.png
assets.kiwify.com.br/cdn-cgi/image/fit=scale-down,width=128/jdJWIClHfy2FRkK/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.kiwify.com.br/cdn-cgi/image/fit=scale-down,width=128/jdJWIClHfy2FRkK/YOGA-13_320ebbcb3a7b483cb3c6b38d4bcbfa51.png
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4f2d8fec5c2ed13499777f8872e99332101c73322024ac3b6dccbfebb58148
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:42 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
7808
cf-resized
internal=ok/m q=0 n=732+0 c=13+21 v=2023.9.8 l=7808
last-modified
Wed, 02 Mar 2022 13:17:09 GMT
cf-bgj
imgq:83,h2pri
server
cloudflare
etag
"cf4_viVgghJxO8DPN9YHmFO81tRSJ46Bukp7lDOpS4DQ:c30c355b08a3f6c3f3a297049160d5a0"
vary
Accept, Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
83f2fdea5cbe91d2-FRA
priority
u=4;i=?0,cf-chb=(37;u=2;i=?0 963;u=5;i=?0)
sdk.js
connect.facebook.net/en_GB/ 		302 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js?hash=26f95033b559172c7d43ed93a44f726a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
8b69aea291dd2a65d232c655eaaaca9b23f2940c9ffda7c47b32e5ec4d9fbf9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pay.kiwify.com.br/
Origin
https://pay.kiwify.com.br
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 12:26:41 GMT
content-md5
FF7PMePdso+zeNt7j1JApQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88327
reporting-endpoints
x-fb-debug
l3r6vrbzABsiWSsxrPLU8WHMKT1boSn2xezCacdEzE8Ab5YrtZwGlnMt2nEDOnz1uVtS4ieJvuJUXxMJG8kehg==
x-fb-content-md5
9776feb3e62040ed297ed6304f38743f
cross-origin-opener-policy
same-origin-allow-popups
etag
"7e9668176b1347094a2f5d1454773cfa"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 01 Jan 2025 11:50:14 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pay.kiwify.com.br
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 06:01:29 GMT
x-content-type-options
nosniff
age
455113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Dec 2024 06:01:29 GMT
img_builder_e6330037-3abe-4173-857c-be265ecad947_fa6b05bcbdf64447b4aabec951d7fd4e.png
assets.kiwify.com.br/cdn-cgi/image/fit=scale-down,width=1000/jdJWIClHfy2FRkK/ 		456 KB
457 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.kiwify.com.br/cdn-cgi/image/fit=scale-down,width=1000/jdJWIClHfy2FRkK/img_builder_e6330037-3abe-4173-857c-be265ecad947_fa6b05bcbdf64447b4aabec951d7fd4e.png
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0502780fe42a75d9a42b81c192ce8410252d3d44d517a399cc0b3fe743a595
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:42 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
467063
cf-resized
internal=ok/m q=0 n=411+0 c=6+0 v=2023.9.8 l=467063
last-modified
Wed, 02 Mar 2022 13:28:05 GMT
cf-bgj
imgq:0,h2pri
server
cloudflare
etag
"cf4zqwCQlwdaM9eRSzwC5p6MMV3AXlcW87mYT04_G0DQ:237da50196c6de439364d9d34a16460c"
vary
Accept, Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31535999
accept-ranges
bytes
cf-ray
83f2fdeb6db491d2-FRA
priority
u=4;i=?0,cf-chb=(58;u=5;i)
img_builder_8b552533-3183-49ea-b4be-7ed230026059_fa08b2ba2d71403ba3e1d60845274f47.png
assets.kiwify.com.br/cdn-cgi/image/fit=scale-down,width=300/jdJWIClHfy2FRkK/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.kiwify.com.br/cdn-cgi/image/fit=scale-down,width=300/jdJWIClHfy2FRkK/img_builder_8b552533-3183-49ea-b4be-7ed230026059_fa08b2ba2d71403ba3e1d60845274f47.png
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7daa18bda933cbffb7ec87361a15779378bd1152e1fd01b56fbf6827b465f91
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:42 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
60917
cf-resized
internal=ok/m q=0 n=618+0 c=4+38 v=2023.9.8 l=60917
last-modified
Wed, 02 Mar 2022 13:28:05 GMT
cf-bgj
imgq:92,h2pri
server
cloudflare
etag
"cf8C25ywduJh-lG-c-m3tUJieEEJoZU4G6ZTvfUGVIDQ:56d10ebd0860d534b5fc3fb01eb95d8a"
vary
Accept, Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31535999
accept-ranges
bytes
cf-ray
83f2fdeb6db591d2-FRA
priority
u=4;i=?0,cf-chb=(37;u=2;i=?0 904;u=5;i=?0)
logger-1.min.js
cdn.lr-ingest.io/ 		827 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.lr-ingest.io/logger-1.min.js
Requested by
Host: assets.kiwify.com.br
URL: https://assets.kiwify.com.br/custom_checkout/771aa75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8576d905876b01f12d1dfee3edc169e764bbde61f2bdc3735b83d5a19624a8ee
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:42 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
243
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-mrs1050101-MRS
last-modified
Thu, 28 Dec 2023 20:13:46 GMT
server
cloudflare
x-timer
S1703794704.117642,VS0,VE2
etag
W/"e5765d0c1691f5d04da24456a3e3e5b7ccf243c59788c1e333df33467a1b6ca7"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7DuBlyAifcsZNynIUpaDFhIdpjJo8wL0E6XSambK8AVks7zbVtEeqOZHRhd0VTMkoCRJRj%2BJYJ3UxPX3dKhhJ2M6NF4CHyOVkUYr0X51C2PyCdGv2ND38mZ90Y69G7BZc3U"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
83f2fdee68402291-CDG
x-cache-hits
1
js
www.googletagmanager.com/gtag/ 		241 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GN9MC80Y2B&l=dataLayer
Requested by
Host: assets.kiwify.com.br
URL: https://assets.kiwify.com.br/custom_checkout/771aa75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6133e6f60808d1466808c3ffb09a3da8ac0b28bfd1a197051cfa888c8d818b94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85487
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 12:26:42 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: assets.kiwify.com.br
URL: https://assets.kiwify.com.br/custom_checkout/f0b6d2c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 12:26:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
8Z8JjCmKWU+VnCJAZ9oTb4j2gvpNkOwXqSS8vIbumtJoWOnAnnMAN/3zGlZgLla1+RmcIRv74BVMN1RUe5PdUA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
core.js
s.pinimg.com/ct/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: assets.kiwify.com.br
URL: https://assets.kiwify.com.br/custom_checkout/f0b6d2c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.96.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-96-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"8d7d8ce32aa2a45d64e9f04a9a5cb1c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1793
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lc8_M8UAAAAALMtJ4ZfOvQqVdvzfRubVs2ehpoF
Requested by
Host: assets.kiwify.com.br
URL: https://assets.kiwify.com.br/custom_checkout/f0b6d2c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
7cceeca5a894739c2150225b4e3bf4d9ba29d7205fc5be178908fb8ea5d6d20c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 02 Jan 2024 12:26:42 GMT
Z0ffkik
checkout-api.kiwify.com.br/link/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout-api.kiwify.com.br/link/Z0ffkik?custom=true
Requested by
Host: assets.kiwify.com.br
URL: https://assets.kiwify.com.br/custom_checkout/771aa75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcc45187d685a10e23ed531c79dbe6849811dc21e184ab414fbdcb90083e056e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://pay.kiwify.com.br/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:43 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pay.kiwify.com.br
x-cloud-trace-context
95e738a3430d076e987f729e8ec9660d
cache-control
max-age=60
access-control-allow-credentials
true
cf-ray
83f2fdec9e8291d2-FRA
access-control-allow-headers
Content-Type
recaptcha__pl.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		507 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__pl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc8_M8UAAAAALMtJ4ZfOvQqVdvzfRubVs2ehpoF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
3ac0bc8b7bbd6863a3a41bcb3b8c687f56bc663544c7ac38fc7a9403d92cafe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.kiwify.com.br/
Origin
https://pay.kiwify.com.br
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 17:14:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207754
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 17:14:07 GMT
main.74d80534.js
s.pinimg.com/ct/lib/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.74d80534.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.96.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-96-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"cb251578b1e91b3cc440fd1521770cc5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18895
475913216709140
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/475913216709140?v=2.9.138&r=stable&domain=pay.kiwify.com.br
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
3541382e204714963f5fa4765ffcb22cda8b13e5173b4f2c89d5ff98044f73db
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 12:26:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
F4gcaIC3Dq1srlHDrCIQGRJBeQzEGUjeSHTr/t1tIyQ6plWnr5jBXhZYDahpRh2TGzRTS6m7w4iMcLtpxN7urQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GN9MC80Y2B&gtm=45je3bt0v878871083&_p=1704198401841&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1251166060.1704198402&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=1&sid=1704198402&sct=1&seg=0&dl=https%3A%2F%2Fpay.kiwify.com.br%2FZ0ffkik&dt=YOGA%20VIDA%20NATURAL&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&tfd=13331
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GN9MC80Y2B&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:26:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pay.kiwify.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e187ad36-ac74-490b-b19e-e99f5b98e4d4
https://pay.kiwify.com.br/ 		461 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://pay.kiwify.com.br/e187ad36-ac74-490b-b19e-e99f5b98e4d4
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52e0dcb7253dca4573b37151d41f2d6afed7cd6051fb7862914196733a3d810f

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
471638
Content-Type
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=475913216709140&ev=pageView&dl=https%3A%2F%2Fpay.kiwify.com.br%2FZ0ffkik&rl=&if=false&ts=1704198402556&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1704198402556.337696261&ler=empty&it=1704198402422&coo=false&rqm=GET
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 12:26:42 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
anchor
www.google.com/recaptcha/api2/ Frame 3664 		42 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8_M8UAAAAALMtJ4ZfOvQqVdvzfRubVs2ehpoF&co=aHR0cHM6Ly9wYXkua2l3aWZ5LmNvbS5icjo0NDM.&hl=pl&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=yjw74tm5tya6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__pl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
9075742637276c1c0bd67b8a88968863053139625c41bd5a76b53d7c58a0e7c8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-m2h7uqJpFOJn-JZKYxp8GQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pay.kiwify.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-m2h7uqJpFOJn-JZKYxp8GQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 12:26:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
trace
www.cloudflare.com/cdn-cgi/ 		312 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloudflare.com/cdn-cgi/trace
Requested by
Host: assets.kiwify.com.br
URL: https://assets.kiwify.com.br/custom_checkout/771aa75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.123.96 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c56baf2f6c5f32136f0c7e84822305de387243c2b3637f3e85d58e4f4d3816ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://pay.kiwify.com.br/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
83f2fdf5a8662c73-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 3664 		55 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8_M8UAAAAALMtJ4ZfOvQqVdvzfRubVs2ehpoF&co=aHR0cHM6Ly9wYXkua2l3aWZ5LmNvbS5icjo0NDM.&hl=pl&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=yjw74tm5tya6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:13:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11616
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 09:13:07 GMT
recaptcha__pl.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 3664 		507 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__pl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8_M8UAAAAALMtJ4ZfOvQqVdvzfRubVs2ehpoF&co=aHR0cHM6Ly9wYXkua2l3aWZ5LmNvbS5icjo0NDM.&hl=pl&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=yjw74tm5tya6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
3ac0bc8b7bbd6863a3a41bcb3b8c687f56bc663544c7ac38fc7a9403d92cafe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 17:14:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207754
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 17:14:07 GMT
pixel.html
pixels.cursinho.top/ Frame 19A9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixels.cursinho.top/pixel.html?pixel=918506683128022&product_price=25.02&event_id=9tct8tl074bezbzp6y&product_name=YOGA%20VIDA%20NATURAL&product_id=Z0ffkik&external_id=9tct8tl074bezbzp6y
Requested by
Host: assets.kiwify.com.br
URL: https://assets.kiwify.com.br/custom_checkout/5f5161c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.95.239.181 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
181.239.95.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
5fa11640bb7b7ce79b842d06d5a3f9cce18b8cf71f23ba10136540d3cd6596fd

Request headers

Referer
https://pay.kiwify.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=3600
content-encoding
gzip
content-length
949
content-type
text/html
date
Tue, 02 Jan 2024 12:26:45 GMT
etag
"7f851effb92813e9bd0e34097757e720"
expires
Tue, 02 Jan 2024 13:26:45 GMT
last-modified
Tue, 04 Apr 2023 17:23:18 GMT
server
openresty
vary
Accept-Encoding
x-goog-generation
1680628998157417
x-goog-hash
crc32c=HrXxZw== md5=f4Ue/7koE+m9DjQJd1fnIA==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
949
x-guploader-uploadid
ABPtcPrkNTrctRbC8wm3NRFvCli6nwWLGdTPO7iu_R9dL7EbuspaWMMEpuA3Z_EfBdiEHaVHDCU
Z0ffkik
checkout-api.kiwify.com.br/pixel/v2/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://checkout-api.kiwify.com.br/pixel/v2/track/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://pay.kiwify.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
83f2fdf93f182bbe-FRA
content-type
text/html
date
Tue, 02 Jan 2024 12:26:45 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Access-Control-Request-Headers
x-cloud-trace-context
d75d2df1c758b982b1fc91c1ac66c335
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-xss-protection
1; mode=block
footer-kiwify-gray.png
assets.kiwify.com.br/extra/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.kiwify.com.br/extra/footer-kiwify-gray.png
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/Z0ffkik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4e1a29f24ac319560c7886b95205918cc148b182fc6e35b1a7e7fad59d631e5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:43 GMT
strict-transport-security
max-age=0; includeSubDomains
cf-cache-status
HIT
age
2284
cf-polished
origFmt=png, origSize=11947
x-guploader-uploadid
ABPtcPp_rmeDu1dZ_j8WhbK0vq17JgYtXJ_GuLtkDNhiVyIuFFTlxI6iE4lsVQ8Qqk3tGQDtgqQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="footer-kiwify-gray.webp"
content-length
4500
cf-bgj
imgq:100,h2pri
last-modified
Thu, 06 Aug 2020 03:38:07 GMT
server
cloudflare
etag
"f3206b14c98b300480549b0b62dd982e"
vary
Accept
x-goog-generation
1596685087241014
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=XDhgoQ==, md5=8yBrFMmLMASAVJsLYt2YLg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
11947
accept-ranges
bytes
cf-ray
83f2fdf6be4e91d2-FRA
expires
Tue, 02 Jan 2024 16:26:43 GMT
Z0ffkik
checkout-api.kiwify.com.br/pixel/v2/track/ 		24 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout-api.kiwify.com.br/pixel/v2/track/Z0ffkik
Requested by
Host: assets.kiwify.com.br
URL: https://assets.kiwify.com.br/custom_checkout/771aa75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee78f5075f8f090a6355c3b33268274bb9f722b724f6b6a7702876fa66328df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://pay.kiwify.com.br/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 02 Jan 2024 12:26:45 GMT
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding
x-dns-prefetch-control
off
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
7e0c6320b46e0c9cde2569fb7124143d
cache-control
private
cf-ray
83f2fe0158d02bbe-FRA
x-xss-protection
1; mode=block
truncated
/ 		181 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8000bee486673d5b27920804d3cb0554897a7c6b585b054c1ab2f62327ed63c1

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		182 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92a512fa3dbc38f0e517f072d780e4355e4a04ef5e6c71cf1ad5c087bb209d65

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2
fonts.gstatic.com/s/rubik/v28/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
c87fcac153783ea615f856ad1c0e12791952c39b8ddde7f11fa3d47c0a3b3998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pay.kiwify.com.br
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 00:37:12 GMT
x-content-type-options
nosniff
age
42571
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18856
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:30:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 00:37:12 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pay.kiwify.com.br
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 06:26:37 GMT
x-content-type-options
nosniff
age
453606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24984
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:04:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Dec 2024 06:26:37 GMT
mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js
www.google.com/js/bg/ Frame 3664 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/mL2Y2df9MP72hJspIKkaS_u6JtFhauYVKQ-w1rT0CAw.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__pl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
sffe /
Resource Hash
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8_M8UAAAAALMtJ4ZfOvQqVdvzfRubVs2ehpoF&co=aHR0cHM6Ly9wYXkua2l3aWZ5LmNvbS5icjo0NDM.&hl=pl&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=yjw74tm5tya6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 12:53:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
84775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6828
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 12:53:48 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3664 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 19:56:54 GMT
x-content-type-options
nosniff
age
59389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 08 Jan 2024 19:56:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3664 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8_M8UAAAAALMtJ4ZfOvQqVdvzfRubVs2ehpoF&co=aHR0cHM6Ly9wYXkua2l3aWZ5LmNvbS5icjo0NDM.&hl=pl&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=yjw74tm5tya6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 23:26:56 GMT
x-content-type-options
nosniff
age
392387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Dec 2024 23:26:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3664 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8_M8UAAAAALMtJ4ZfOvQqVdvzfRubVs2ehpoF&co=aHR0cHM6Ly9wYXkua2l3aWZ5LmNvbS5icjo0NDM.&hl=pl&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=yjw74tm5tya6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 20:17:31 GMT
x-content-type-options
nosniff
age
58152
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 20:17:31 GMT
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3664 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8_M8UAAAAALMtJ4ZfOvQqVdvzfRubVs2ehpoF&co=aHR0cHM6Ly9wYXkua2l3aWZ5LmNvbS5icjo0NDM.&hl=pl&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=yjw74tm5tya6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f3.1e100.net
Software
sffe /
Resource Hash
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 20:26:50 GMT
x-content-type-options
nosniff
age
57593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11936
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 20:26:50 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 3664 		102 B
209 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=pl&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8_M8UAAAAALMtJ4ZfOvQqVdvzfRubVs2ehpoF&co=aHR0cHM6Ly9wYXkua2l3aWZ5LmNvbS5icjo0NDM.&hl=pl&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=yjw74tm5tya6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
ef4caccd5b34cbb90b85f9a5f8faca4efc63fdc161a56b40dd78ea0839e70e8c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc8_M8UAAAAALMtJ4ZfOvQqVdvzfRubVs2ehpoF&co=aHR0cHM6Ly9wYXkua2l3aWZ5LmNvbS5icjo0NDM.&hl=pl&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=yjw74tm5tya6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 02 Jan 2024 12:26:43 GMT
index.html
pixels.cursinho.top/ Frame A8D1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixels.cursinho.top/index.html?pixel=918506683128022&product_price=25.02&product_id=Z0ffkik&product_name=YOGA%20VIDA%20NATURAL&event_id=&external_id=9tct8tl074bezbzp6y
Requested by
Host: pixels.cursinho.top
URL: https://pixels.cursinho.top/pixel.html?pixel=918506683128022&product_price=25.02&event_id=9tct8tl074bezbzp6y&product_name=YOGA%20VIDA%20NATURAL&product_id=Z0ffkik&external_id=9tct8tl074bezbzp6y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.95.239.181 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
181.239.95.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
f2d9ac45bdd7eee9874ee4fe8e7d8e7c65448d75e75e0cd52e76d3af956a66a0

Request headers

Referer
https://pixels.cursinho.top/pixel.html?pixel=918506683128022&product_price=25.02&event_id=9tct8tl074bezbzp6y&product_name=YOGA%20VIDA%20NATURAL&product_id=Z0ffkik&external_id=9tct8tl074bezbzp6y
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=3600
content-encoding
gzip
content-length
1486
content-type
text/html
date
Tue, 02 Jan 2024 12:26:45 GMT
etag
"8fe8838bc6e4c8e2a6ca46b7000523c2"
expires
Tue, 02 Jan 2024 13:26:45 GMT
last-modified
Tue, 04 Apr 2023 17:23:17 GMT
server
openresty
vary
Accept-Encoding
x-goog-generation
1680628997572866
x-goog-hash
crc32c=lr2a0w== md5=j+iDi8bkyOKmyka3AAUjwg==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1486
x-guploader-uploadid
ABPtcPp2a37ZMuPEdx6kRyk7UVcOnDn8N-js53fUcL61zZg6cDOvEkuPhlox09wSjD0yCTYZYA
i
r.lr-ingest.io/ 		212 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.lr-ingest.io/i?a=gzquv2%2Ftest&r=5-a545f160-2efe-48e7-aa99-dd103b2688d9&t=623d69c0-1754-4427-b2e3-fc302190c4f1&s=0&rs=0%2Cu&u=7c9a0ff3-dde2-4498-a16d-bda15bf376e4&is=1
Requested by
Host: cdn.lr-ingest.io
URL: https://cdn.lr-ingest.io/logger-1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.23.205 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
2ce9994607f743ac0d2db8d188add080d810a43690b303a43452281a067f84b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:26:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
etag
W/"d4-tEKvqOV1sWh/K9KP20olFeCAt6w"
x-powered-by
Express
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret
content-length
212
fbevents.js
connect.facebook.net/en_US/ Frame A8D1 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pixels.cursinho.top
URL: https://pixels.cursinho.top/index.html?pixel=918506683128022&product_price=25.02&product_id=Z0ffkik&product_name=YOGA%20VIDA%20NATURAL&event_id=&external_id=9tct8tl074bezbzp6y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pixels.cursinho.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 12:26:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
8Z8JjCmKWU+VnCJAZ9oTb4j2gvpNkOwXqSS8vIbumtJoWOnAnnMAN/3zGlZgLla1+RmcIRv74BVMN1RUe5PdUA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
918506683128022
connect.facebook.net/signals/config/ Frame A8D1 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/918506683128022?v=2.9.138&r=stable&domain=pixels.cursinho.top
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
55a00dc141c799a5e37c4574763e37a7adf90a3190e13edadf011c6ae6cd0445
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pixels.cursinho.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 02 Jan 2024 12:26:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
hYZLkL4k7mhhQ1LJ7NVlvkUxKrjIIUNaEZNUOUuzxjcl4IQn+IP5qdOJ5lDSojFuTp9kbI3tFCeSxly1ZPiDgQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame A8D1 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=918506683128022&ev=PageView&dl=https%3A%2F%2Fpixels.cursinho.top%2Findex.html%3Fpixel%3D918506683128022%26product_price%3D25.02%26product_id%3DZ0ffkik%26product_name%3DYOGA%2520VIDA%2520NATURAL%26event_id%3D%26external_id%3D9tct8tl074bezbzp6y&rl=https%3A%2F%2Fpixels.cursinho.top%2Fpixel.html%3Fpixel%3D918506683128022%26product_price%3D25.02%26event_id%3D9tct8tl074bezbzp6y%26product_name%3DYOGA%2520VIDA%2520NATURAL%26product_id%3DZ0ffkik%26external_id%3D9tct8tl074bezbzp6y&if=true&ts=1704198405951&cd[external_id]=9tct8tl074bezbzp6y&sw=1600&sh=1200&ud[external_id]=c37bc1de76750d9664e3ddf22678de7b3b20b2b7c58410fc324cad95680ded73&v=2.9.138&r=stable&ec=0&o=4126&it=1704198405671&coo=false&rqm=GET
Requested by
Host: pixels.cursinho.top
URL: https://pixels.cursinho.top/index.html?pixel=918506683128022&product_price=25.02&product_id=Z0ffkik&product_name=YOGA%20VIDA%20NATURAL&event_id=&external_id=9tct8tl074bezbzp6y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pixels.cursinho.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 12:26:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ Frame A8D1 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=918506683128022&ev=InitiateCheckout&dl=https%3A%2F%2Fpixels.cursinho.top%2Findex.html%3Fpixel%3D918506683128022%26product_price%3D25.02%26product_id%3DZ0ffkik%26product_name%3DYOGA%2520VIDA%2520NATURAL%26event_id%3D%26external_id%3D9tct8tl074bezbzp6y&rl=https%3A%2F%2Fpixels.cursinho.top%2Fpixel.html%3Fpixel%3D918506683128022%26product_price%3D25.02%26event_id%3D9tct8tl074bezbzp6y%26product_name%3DYOGA%2520VIDA%2520NATURAL%26product_id%3DZ0ffkik%26external_id%3D9tct8tl074bezbzp6y&if=true&ts=1704198405951&cd[currency]=BRL&cd[value]=25.02&cd[contents]=%5B%7B%22id%22%3A%22Z0ffkik%22%2C%22name%22%3A%22YOGA%20VIDA%20NATURAL%22%2C%22quantity%22%3A1%7D%5D&cd[content_type]=product&cd[external_id]=9tct8tl074bezbzp6y&sw=1600&sh=1200&ud[external_id]=c37bc1de76750d9664e3ddf22678de7b3b20b2b7c58410fc324cad95680ded73&v=2.9.138&r=stable&ec=1&o=4126&it=1704198405671&coo=false&rqm=GET
Requested by
Host: pixels.cursinho.top
URL: https://pixels.cursinho.top/index.html?pixel=918506683128022&product_price=25.02&product_id=Z0ffkik&product_name=YOGA%20VIDA%20NATURAL&event_id=&external_id=9tct8tl074bezbzp6y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://pixels.cursinho.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 02 Jan 2024 12:26:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| FB object| __NUXT__ object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady function| _lrMutationObserver object| __SDKCONFIG__ object| dataLayer function| gtag function| Pusher object| core object| DD_RUM function| fbq function| _fbq function| pintrk function| _lrXMLHttpRequest object| _tfa string| TiktokAnalyticsObject object| ttq string| KwaiAnalyticsObject object| kwaiq object| install object| $nuxt function| recaptchaSuccessCallback function| recaptchaExpiredCallback function| recaptchaErrorCallback object| __buffer object| _crypto object| pagarme object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| _LRLogger boolean| _lr_loaded object| recaptcha object| closure_lm_127860

6 Cookies

Domain/Path Name / Value
.kiwify.com.br/ Name: _ga_GN9MC80Y2B
Value: GS1.1.1704198402.1.0.1704198402.0.0.0
.kiwify.com.br/ Name: _ga
Value: GA1.1.1251166060.1704198402
pay.kiwify.com.br/ Name: _lr_tabs_-gzquv2%2Ftest
Value: {%22sessionID%22:0%2C%22recordingID%22:%225-a545f160-2efe-48e7-aa99-dd103b2688d9%22%2C%22webViewID%22:null%2C%22lastActivity%22:1704198402506}
pay.kiwify.com.br/ Name: _lr_hb_-gzquv2%2Ftest
Value: {%22heartbeat%22:1704198402506}
pay.kiwify.com.br/ Name: _lr_uf_-gzquv2
Value: a6451a0c-182d-4084-a713-6b4b380adaee
.kiwify.com.br/ Name: _fbp
Value: fb.2.1704198402556.337696261

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.kiwify.com.br
assets.pagar.me
cdn.lr-ingest.io
checkout-api.kiwify.com.br
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
pay.kiwify.com.br
pixels.cursinho.top
r.lr-ingest.io
region1.google-analytics.com
s.pinimg.com
www.cloudflare.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.16.123.96
104.18.30.20
104.18.31.20
104.198.23.205
142.250.181.232
142.250.181.234
142.250.185.228
142.250.74.195
151.101.1.63
157.240.0.6
157.240.251.35
188.114.97.3
2.16.96.190
216.239.34.36
216.58.206.35
34.95.239.181
0c5ef99b072e33db9aa57c3e8f5b77dd09c6d6b905331f69768f0b0413be78fc
195354a23b1fdd59189b86bc6eec46b02f52ef00833d1c453d537fe7c667787c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2ce9994607f743ac0d2db8d188add080d810a43690b303a43452281a067f84b8
3541382e204714963f5fa4765ffcb22cda8b13e5173b4f2c89d5ff98044f73db
358f5ede9fb45ab86b2277e3fbbd91f598859cfdb7958abca7e88e0574eb7934
3ac0bc8b7bbd6863a3a41bcb3b8c687f56bc663544c7ac38fc7a9403d92cafe4
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
52e0dcb7253dca4573b37151d41f2d6afed7cd6051fb7862914196733a3d810f
53d8289eaf8367dded48ee95ecf4a4b8676e8ce7e3ab93a94ffaef38d58fd41b
55a00dc141c799a5e37c4574763e37a7adf90a3190e13edadf011c6ae6cd0445
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b0502780fe42a75d9a42b81c192ce8410252d3d44d517a399cc0b3fe743a595
5c94ba511f6b306aa3344e3d3b23e1f503692936a03484ed445c5d5336fe7aa0
5fa11640bb7b7ce79b842d06d5a3f9cce18b8cf71f23ba10136540d3cd6596fd
60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb
6133e6f60808d1466808c3ffb09a3da8ac0b28bfd1a197051cfa888c8d818b94
67f49113cbb3b5d54f496fcc944cafb7e7b450a618579b2831d7d7c61c5188dc
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7cceeca5a894739c2150225b4e3bf4d9ba29d7205fc5be178908fb8ea5d6d20c
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
8000bee486673d5b27920804d3cb0554897a7c6b585b054c1ab2f62327ed63c1
8576d905876b01f12d1dfee3edc169e764bbde61f2bdc3735b83d5a19624a8ee
8b69aea291dd2a65d232c655eaaaca9b23f2940c9ffda7c47b32e5ec4d9fbf9a
9075742637276c1c0bd67b8a88968863053139625c41bd5a76b53d7c58a0e7c8
92a512fa3dbc38f0e517f072d780e4355e4a04ef5e6c71cf1ad5c087bb209d65
98bd98d9d7fd30fef6849b2920a91a4bfbba26d1616ae615290fb0d6b4f4080c
a9013a737d5a92af5fa83b598cbd897ca98275812fea86e8434bd96daa2c0eb3
a9863b56525aed7ef38b7c251681997fbc68b521a58f94a25cc714b0440e52a1
ba220fd6b7c31872638140561ab66fffcb7ac750088e8cb7045c9dd476be3e25
bcc45187d685a10e23ed531c79dbe6849811dc21e184ab414fbdcb90083e056e
c56baf2f6c5f32136f0c7e84822305de387243c2b3637f3e85d58e4f4d3816ad
c87fcac153783ea615f856ad1c0e12791952c39b8ddde7f11fa3d47c0a3b3998
cf4f2d8fec5c2ed13499777f8872e99332101c73322024ac3b6dccbfebb58148
d3d1612d0388302643b44894ace4103b6a787b353167eec42440cf2b854e15f8
d70ecff186a8dff915a4933631a94fe6b3cc68f6874d49e43ab91bc87e2c21e7
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
e0455d96e662fe2b75e56a0f2f2e663db19afea49ae9d933c454ede3814f0a88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40dbc6da95b47d932014e5a93f35b13a341a37ea6fe7559dca041dc77271cd6
e4e1a29f24ac319560c7886b95205918cc148b182fc6e35b1a7e7fad59d631e5
e7daa18bda933cbffb7ec87361a15779378bd1152e1fd01b56fbf6827b465f91
ea66632826a434319dd8083b6dabaff9b2c74c67ff85e3ebcb95fd47ed2b9a13
ec130b86ee1b4b2203db61fbfcc79ee45d51d58821cdc8ec3cc72251dda41889
eee78f5075f8f090a6355c3b33268274bb9f722b724f6b6a7702876fa66328df
ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c
ef4caccd5b34cbb90b85f9a5f8faca4efc63fdc161a56b40dd78ea0839e70e8c
f2d9ac45bdd7eee9874ee4fe8e7d8e7c65448d75e75e0cd52e76d3af956a66a0
fa706282dff86b2373e845058203f70f766a064240aa1e9cd82a2866a8236eed