www.coronaparadise.com.br Open in urlscan Pro
45.60.34.211 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coronacerveja.com.br/
Effective URL:
https://www.coronaparadise.com.br/
Submission: On July 06 via api (July 6th 2022, 12:33:21 am UTC) from NL — Scanned from NL

Summary HTTP 69 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 19 domains to perform 69 HTTP transactions. The main IP is 45.60.34.211, located in United States and belongs to INCAPSULA, US. The main domain is www.coronaparadise.com.br.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on April 10th 2022. Valid for: a year.

This is the only time www.coronaparadise.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	192.16.48.52 192.16.48.52	15133 (EDGECAST) (EDGECAST)
1 1	68.232.34.35 68.232.34.35	15133 (EDGECAST) (EDGECAST)
20	45.60.34.211 45.60.34.211	19551 (INCAPSULA) (INCAPSULA)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	18.66.2.17 18.66.2.17	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	35.201.123.184 35.201.123.184	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.139.117 18.66.139.117	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
14	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
1 1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
69	21

2 192.16.48.52 (United States) 2 redirects

ASN15133 (EDGECAST, US)

coronacerveja.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thisisliving.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.34.35 (United States) 1 redirects

ASN15133 (EDGECAST, US)

www.coronacerveja.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 45.60.34.211 (United States)

ASN19551 (INCAPSULA, US)

www.coronaparadise.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.2.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-17.txl50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-117.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10943-6.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	coronaparadise.com.br www.coronaparadise.com.br	1 MB
14	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	1 KB
9	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 43633 d.tailtarget.com — Cisco Umbrella Rank: 51484 tt-10943-6.seg.t.tailtarget.com b.t.tailtarget.com — Cisco Umbrella Rank: 43726 cm.t.tailtarget.com — Cisco Umbrella Rank: 6576 t.tailtarget.com — Cisco Umbrella Rank: 6221	27 KB
8	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 450	129 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	130 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 627 script.hotjar.com — Cisco Umbrella Rank: 904 vars.hotjar.com — Cisco Umbrella Rank: 917	67 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	2 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	coronacerveja.com.br 2 redirects coronacerveja.com.br www.coronacerveja.com.br	278 B
1	google.nl www.google.nl — Cisco Umbrella Rank: 8162	548 B
1	google.com www.google.com — Cisco Umbrella Rank: 8	548 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 766	467 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 516	355 B
1	t.co t.co — Cisco Umbrella Rank: 455	337 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 632	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	98 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	6 KB
1	thisisliving.com.br 1 redirects thisisliving.com.br	103 B
69	19

	Domain	Requested by
20	www.coronaparadise.com.br	www.coronaparadise.com.br
14	www.facebook.com	www.coronaparadise.com.br
8	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org www.coronaparadise.com.br
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-10943-6.seg.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	www.coronaparadise.com.br d.tailtarget.com
2	fonts.gstatic.com	www.coronaparadise.com.br
1	t.tailtarget.com
1	cm.t.tailtarget.com
1	cm.g.doubleclick.net	1 redirects
1	www.google.nl	www.coronaparadise.com.br
1	www.google.com	www.coronaparadise.com.br
1	vars.hotjar.com	static.hotjar.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	script.hotjar.com	static.hotjar.com
1	analytics.twitter.com	www.coronaparadise.com.br
1	t.co	www.coronaparadise.com.br
1	googleads.g.doubleclick.net	www.googleadservices.com
1	tags.t.tailtarget.com	www.coronaparadise.com.br
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googletagmanager.com	www.coronaparadise.com.br
1	cdnjs.cloudflare.com	www.coronaparadise.com.br
1	thisisliving.com.br	1 redirects
1	www.coronacerveja.com.br	1 redirects
1	coronacerveja.com.br	1 redirects
69	28

This site contains links to these domains. Also see Links.

Domain
www.ambev.com.br
www.onetrust.com

Subject Issuer	Validity	Valid
coronaparadise.com.br Sectigo RSA Organization Validation Secure Server CA	`2022-04-10` - `2023-04-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-16` - `2022-07-15`	3 months	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-10` - `2023-07-10`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-12-13` - `2022-12-12`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.coronaparadise.com.br/
Frame ID: 9FB2A5B62FC77B25506C2AE04A072DBA
Requests: 69 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 280D932E41BB04749AF694F24B511BF2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Back ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://coronacerveja.com.br/ HTTP 301
https://www.coronacerveja.com.br/ HTTP 301
https://thisisliving.com.br/ HTTP 301
https://www.coronaparadise.com.br/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

69
Requests

99 %
HTTPS

43 %
IPv6

19
Domains

28
Subdomains

21
IPs

2
Countries

2001 kB
Transfer

3921 kB
Size

30
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ambev.com.br/politica-de-privacidade
Title: Política de Privacidade

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coronacerveja.com.br/ HTTP 301
https://www.coronacerveja.com.br/ HTTP 301
https://thisisliving.com.br/ HTTP 301
https://www.coronaparadise.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=7225398379&google_ula=7264504147&google_ula=7174926753 HTTP 302
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEGHzi1QYAHZq76WrgxFm4ZI&google_cver=1&google_ula=7225398379,0&google_ula=7264504147,0&google_ula=7174926753,0

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.coronaparadise.com.br/
Redirect Chain

http://coronacerveja.com.br/
https://www.coronacerveja.com.br/
https://thisisliving.com.br/
https://www.coronaparadise.com.br/

12 KB
3 KB

1613ms
1300ms

Document
text/html

45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fd39dd1bb8751a4cb079d4e35ea2a5a89f5c1b1c51d0cce6ab16aee0a8ec077a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: public, must-revalidate, max-age=30
content-encoding: br
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
content-type: text/html
date: Wed, 06 Jul 2022 00:33:13 GMT
etag: "75501429"
last-modified: Fri, 20 May 2022 17:07:57 GMT
referrer-policy: same-origin
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cdn: Imperva
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-frame-options: SameOrigin
x-iinfo: 10-50071918-50071921 NNNN CT(190 386 0) RT(1657067591483 34) q(0 0 5 0) r(12 12) U5
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
date: Wed, 06 Jul 2022 00:33:12 GMT
location: https://www.coronaparadise.com.br/
server: ECAcc (mib/5BC4)
x-policy: 220325-01

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 85ms
31ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1654587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LyYF8D%2FdRcGNfNsSaj0s9HTQgJyoFUyoAsoaCrC1ntn6yLFPjhpxMRDEiqEsmjM6lTtcOWjM8adgFVbmLdhPivaDSbzqfvElH1Xh%2BD55LusEFRaPjK6hF%2F%2BoXMnzqsnxVzEzZZ8HlamWHoKqiKZPljRA"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72643f6cf8b1b788-AMS
expires: Mon, 26 Jun 2023 00:33:13 GMT

GET
H2 200 015bc1268cb8af1f.css
www.coronaparadise.com.br/_next/static/css/ 462 B
374 B 344ms
344ms Stylesheet
text/css 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_next/static/css/015bc1268cb8af1f.css

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a6a6fbe98c0b96362b5da53e555151f38af65adb748f87b677d4dcb78e772e56

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-dns-prefetch-control: off
x-iinfo: 10-50071918-50071921 PNNN RT(1657067591483 1338) q(0 0 0 -1) r(3 3) U5
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-frame-options: SameOrigin
etag: "75501429"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'

GET
H2 200 349b8f6fbf6f9a3a.css
www.coronaparadise.com.br/_next/static/css/ 2 KB
1 KB 922ms
922ms Stylesheet
text/css 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_next/static/css/349b8f6fbf6f9a3a.css

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fc5d5c96e58d8e381f72e3d9831b0a7f383c64ea232c2a5f19ea236cf653294b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-dns-prefetch-control: off
x-iinfo: 10-50071918-50072011 NNNN CT(190 382 0) RT(1657067591483 1341) q(0 0 5 -1) r(9 9) U5
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-frame-options: SameOrigin
etag: "75501429"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'

GET
H2 200 webpack-df4cf1c8d23aa877.js Show response
www.coronaparadise.com.br/_next/static/chunks/ 2 KB
1 KB 1294ms
1291ms Script
text/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_next/static/chunks/webpack-df4cf1c8d23aa877.js

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0f6438a218efdf31490216989c7ac3fec3319ddb50785c6d42474ffa4db21458

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-dns-prefetch-control: off
x-iinfo: 10-50071918-50072013 NNNN CT(190 381 0) RT(1657067591483 1358) q(0 0 6 -1) r(13 13) U5
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-frame-options: SameOrigin
etag: "75501429"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'

GET
H2 200 framework-5f4595e5518b5600.js Show response
www.coronaparadise.com.br/_next/static/chunks/ 127 KB
42 KB 1607ms
1604ms Script
text/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-dns-prefetch-control: off
x-iinfo: 10-50071918-50072015 NNNN CT(190 383 0) RT(1657067591483 1361) q(0 0 6 -1) r(14 16) U5
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-frame-options: SameOrigin
etag: "75501429"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'

GET
H2 200 main-ee60f566826858c4.js Show response
www.coronaparadise.com.br/_next/static/chunks/ 102 KB
28 KB 1568ms
1565ms Script
text/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_next/static/chunks/main-ee60f566826858c4.js

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

188a96e2195f7203173d57de362b9cd2d950ac0a5373de713f260d8f266c23c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-dns-prefetch-control: off
x-iinfo: 10-50071918-50072017 NNNN CT(189 383 0) RT(1657067591483 1363) q(0 0 6 -1) r(13 15) U5
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-frame-options: SameOrigin
etag: "75501429"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'

GET
H2 200 _app-ce410205321d9167.js Show response
www.coronaparadise.com.br/_next/static/chunks/pages/ 40 KB
15 KB 1455ms
1452ms Script
text/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_next/static/chunks/pages/_app-ce410205321d9167.js

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

acdbf65d651ae39cebd81d7725f8b2217f72a8020b74f51e3e6e51860ec6fb4e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-dns-prefetch-control: off
x-iinfo: 10-50071918-50072020 NNNN CT(189 383 0) RT(1657067591483 1364) q(0 0 6 -1) r(12 14) U5
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-frame-options: SameOrigin
etag: "75501429"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'

GET
H2 200 926-8ebf1107af23f367.js Show response
www.coronaparadise.com.br/_next/static/chunks/ 355 KB
104 KB 833ms
831ms Script
text/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_next/static/chunks/926-8ebf1107af23f367.js

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ef08ab21c5e4336e0db6219dfc6526dc07b0f2e9c69afe08482353f31c2a15e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-dns-prefetch-control: off
x-iinfo: 10-50071918-50071921 PNNN RT(1657067591483 1365) q(0 3 3 -1) r(6 8) U5
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-frame-options: SameOrigin
etag: "75501429"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'

GET
H2 200 606-875ac0ebf7c6b07d.js Show response
www.coronaparadise.com.br/_next/static/chunks/ 54 KB
14 KB 1403ms
1401ms Script
text/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_next/static/chunks/606-875ac0ebf7c6b07d.js

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

57e35549872e8e435cc5aedb8264fd490ade40591d42302e95eedd5943d8382f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-dns-prefetch-control: off
x-iinfo: 10-50071918-50072011 PNNN RT(1657067591483 1366) q(0 9 9 -1) r(12 14) U5
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-frame-options: SameOrigin
etag: "75501429"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'

GET
H2 200 751-636781b4adda087d.js Show response
www.coronaparadise.com.br/_next/static/chunks/ 33 KB
9 KB 1601ms
1599ms Script
text/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_next/static/chunks/751-636781b4adda087d.js

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3056ec90ce77d72dd57e3d4ed653e0a729a64ba7f096fd407af5bdf48f711f46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-dns-prefetch-control: off
x-iinfo: 10-50071918-50072013 PNNN RT(1657067591483 1367) q(0 13 13 -1) r(16 16) U5
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-frame-options: SameOrigin
etag: "75501429"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'

GET
H2 200 401-229100163fad7912.js Show response
www.coronaparadise.com.br/_next/static/chunks/ 10 KB
2 KB 1720ms
1718ms Script
text/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_next/static/chunks/401-229100163fad7912.js

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

eb6b88ce0bfd26523cfeda88e0b1d2438efc9b88d22bbe1b58215a5606f130a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-dns-prefetch-control: off
x-iinfo: 10-50071918-50072011 PNNN RT(1657067591483 1368) q(0 14 14 -1) r(17 17) U5
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-frame-options: SameOrigin
etag: "75501429"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'

GET
H2 200 index-0f5da8d932ab98fe.js Show response
www.coronaparadise.com.br/_next/static/chunks/pages/ 51 KB
11 KB 1770ms
1768ms Script
text/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_next/static/chunks/pages/index-0f5da8d932ab98fe.js

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

006abae75f7e41378fbebbd88affb47633674e258fb993dc4fd5e72e821be577

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-dns-prefetch-control: off
x-iinfo: 10-50071918-50072020 PNNN RT(1657067591483 1368) q(0 14 14 -1) r(17 17) U5
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-frame-options: SameOrigin
etag: "75501429"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'

GET
H2 200 _buildManifest.js Show response
www.coronaparadise.com.br/_next/static/m2xLJC0qwcBmfq7HGXF_J/ 1 KB
642 B 1842ms
1840ms Script
text/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_next/static/m2xLJC0qwcBmfq7HGXF_J/_buildManifest.js

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6e2c485acfcb7d1f7272373433ec36a4e8e4db26670c81e32cfd91b3c5a5352c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-dns-prefetch-control: off
x-iinfo: 10-50071918-50071921 PNNN RT(1657067591483 1369) q(0 15 15 -1) r(18 18) U5
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-frame-options: SameOrigin
etag: "75501429"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'

GET
H2 200 _ssgManifest.js Show response
www.coronaparadise.com.br/_next/static/m2xLJC0qwcBmfq7HGXF_J/ 164 B
208 B 1879ms
1878ms Script
text/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_next/static/m2xLJC0qwcBmfq7HGXF_J/_ssgManifest.js

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1901d1d03feb33b5a69f032eff9ba4fa150a94cf2c1fc7226f4b73c764c6d11e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-dns-prefetch-control: off
x-iinfo: 10-50071918-50072017 PNNN RT(1657067591483 1370) q(0 15 15 -1) r(18 18) U5
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-frame-options: SameOrigin
etag: "75501429"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'

GET
H2 200 _middlewareManifest.js Show response
www.coronaparadise.com.br/_next/static/m2xLJC0qwcBmfq7HGXF_J/ 92 B
156 B 1912ms
1910ms Script
text/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_next/static/m2xLJC0qwcBmfq7HGXF_J/_middlewareManifest.js

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
x-cdn: Imperva
x-dns-prefetch-control: off
x-iinfo: 10-50071918-50072013 PNNN RT(1657067591483 1370) q(0 16 16 -1) r(19 19) U5
strict-transport-security: max-age=31536000 ; includeSubDomains
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-frame-options: SameOrigin
etag: "75501429"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'

GET
H2 200 _Incapsula_Resource Show response
www.coronaparadise.com.br/ 143 KB
20 KB 51ms
49ms Script
application/javascript 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1874961271

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9095190c6ca878a2bdf97c49f93e34efdb211f5ecf489c1faed63e33c1594611

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SameOrigin
content-type: application/javascript
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000 ; includeSubDomains
x-robots-tag: noindex
content-length: 20580

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 _Incapsula_Resource
www.coronaparadise.com.br/ 1 B
39 B 31ms
30ms Image
text/plain 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.coronaparadise.com.br/_Incapsula_Resource?SWKMTFSR=1&e=0.7756541687303453

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
x-content-type-options: nosniff
x-frame-options: SameOrigin
content-type: text/plain
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000 ; includeSubDomains
x-robots-tag: noindex
content-length: 1

GET
H2 200 age_back_wide.png
www.coronaparadise.com.br/images/ 1 MB
1 MB 1026ms
1025ms Image
image/png 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.coronaparadise.com.br/images/age_back_wide.png

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

cf902ac59c80c72cc989ab70ebeef66aba3db6c94bec0d4382c8c4bd79e56993

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:15 GMT
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-cdn: Imperva
etag: "75501429"
x-frame-options: SameOrigin
content-type: image/png
x-iinfo: 10-50071918-50072015 PNNN RT(1657067591483 2264) q(0 7 7 -1) r(10 10) U5
x-xss-protection: 1; mode=block
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
strict-transport-security: max-age=31536000 ; includeSubDomains
x-dns-prefetch-control: off
x-content-type-options: nosniff

GET
H2 200 CoronaHeadline-SemiBold-Web.3ee2aa6d.ttf
www.coronaparadise.com.br/_next/static/media/ 62 KB
63 KB 619ms
619ms Font
font/ttf 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.coronaparadise.com.br/_next/static/media/CoronaHeadline-SemiBold-Web.3ee2aa6d.ttf

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/_next/static/css/015bc1268cb8af1f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a2e1ed4ec850ad8191335238dd7cc70c45271c0d6d4035cfb5d79ba1fb6730fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.coronaparadise.com.br/_next/static/css/015bc1268cb8af1f.css
Origin: https://www.coronaparadise.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:15 GMT
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-cdn: Imperva
etag: "75501429"
x-frame-options: SameOrigin
content-type: font/ttf
x-iinfo: 10-50071918-50071921 PNNN RT(1657067591483 2267) q(0 3 3 -1) r(6 6) U5
x-xss-protection: 1; mode=block
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
strict-transport-security: max-age=31536000 ; includeSubDomains
x-dns-prefetch-control: off
x-content-type-options: nosniff

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 293 KB
98 KB 129ms
57ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-596BCRQ

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

be98d473ba716134a65ad8730e4bebe4ba9953fa0ea851170c7f062a0dd8f412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100271
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Jul 2022 00:33:15 GMT

GET
H2 200 white_logo.c8e44080.png
www.coronaparadise.com.br/_next/static/media/ 12 KB
12 KB 367ms
366ms Image
image/png 45.60.34.211
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.coronaparadise.com.br/_next/static/media/white_logo.c8e44080.png?w=1920

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.34.211 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

af5bad0e0377b7741008b693274f86793272c7ed24cacf53648102c4e7ea61b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.coronaparadise.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:15 GMT
referrer-policy: same-origin
last-modified: Fri, 20 May 2022 17:07:57 GMT
x-cdn: Imperva
etag: "75501429"
x-frame-options: SameOrigin
content-type: image/png
x-iinfo: 10-50071918-50071921 PNNN RT(1657067591483 3178) q(0 0 0 -1) r(3 3) U5
x-xss-protection: 1; mode=block
cache-control: public, must-revalidate, max-age=30
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self'
strict-transport-security: max-age=31536000 ; includeSubDomains
x-dns-prefetch-control: off
x-content-type-options: nosniff

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 102ms
32ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.coronaparadise.com.br/
Origin: https://www.coronaparadise.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:24:58 GMT
x-content-type-options: nosniff
age: 536897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:24:58 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 55 KB
15 KB 119ms
36ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-596BCRQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:15 GMT
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 16:20:35 GMT
etag: "f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 15166
x-served-by: cache-iad-kcgs7200096-IAD, cache-muc13948-MUC

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 113ms
42ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-596BCRQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:33:15 GMT

GET
H2 200 hotjar-2601837.js Show response
static.hotjar.com/c/ 4 KB
2 KB 187ms
83ms Script
application/javascript 18.66.2.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2601837.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-596BCRQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-2-17.txl50.r.cloudfront.net

Software

Resource Hash

cd9a16489db2341153b331ba9a117430d2273b18b39540eae36cf66a51daa161

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: TXL50-P1
etag: W/34f70e6390d7177ba1b8b2943fae49ea
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: lIoY0ImZMXUZgQuJdMlfvncLai-ePPH2KIJmZR8A6SthH1ldbU3z8A==
via: 1.1 b4da6d96c003c62f2930bf5be4b14730.cloudfront.net (CloudFront)

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 98ms
33ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-596BCRQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: KclUj4sk31KPm8T33k28coYujKKUaaX15ec6jWIALtQxRFeMBiSDCG+6hjlXhtswvKm/oLuiKM//cBMFxhZBVg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 06 Jul 2022 00:33:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 53 KB
11 KB 168ms
110ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-10943-6/CT-395
Requested by: Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 77989276b59319c57b904fcbcf76b896738143c13929546dff7bd18d478520a5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:15 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdvLejCGqDxBzUMl-gXUBYjGptkQiEH5wtoeHPa9v4hrsL1UTupnSbGmK6hzaB7ooxpgqUZD1H_684sgP_gqL1WsyrOvIfZY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10662
last-modified: Fri, 01 Jul 2022 13:50:34 GMT
server: nginx/1.8.1
etag: "7d14149a535f64c7f756e9a6c9229fc7"
vary: Accept-Encoding
x-goog-hash: md5=fRQUmlNfZMf3VummySKfxw==
x-goog-generation: 1656683434761011
via: 1.1 google
cache-control: max-age=7200,public
x-goog-stored-content-length: 10662
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 06 Jul 2022 02:33:15 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 89ms
35ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-596BCRQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 06 Jul 2022 00:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4m3LBpuQ5au3un+sbdTm6g==
age: 4972
vary: Accept-Encoding
content-length: 6922
x-ms-lease-status: unlocked
last-modified: Mon, 04 Jul 2022 02:38:02 GMT
server: cloudflare
etag: 0x8DA5D66372E5D82
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 75a9b1d0-a01e-0097-1652-8fbb2f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72643f79dbc9b8ee-AMS

GET
H2 200 fd1d7b60-2d5d-46ec-8b49-d66476ddbc8e.json Show response
cdn.cookielaw.org/consent/fd1d7b60-2d5d-46ec-8b49-d66476ddbc8e/ 3 KB
2 KB 99ms
47ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/fd1d7b60-2d5d-46ec-8b49-d66476ddbc8e/fd1d7b60-2d5d-46ec-8b49-d66476ddbc8e.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

476f4fcda7a37930b0b98b8f2113cdb842e0584819da303fc0ae09f93b131cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 06 Jul 2022 00:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +2OuQxJAgA3EABlQGo/NjA==
vary: Accept-Encoding
content-length: 1364
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 13:33:49 GMT
server: cloudflare
etag: 0x8DA3809E05C978C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4d52a3de-901e-0118-43f2-69b326000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72643f7a6ad6b7ae-AMS
expires: Wed, 06 Jul 2022 04:33:15 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 32ms
31ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.64

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

53564b513bb9ea2e70b6218aaff24c15852c942d10fa698c983e4be59dce27ac

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20716
x-xss-protection: 0
pragma: public
x-fb-debug: g7d+3Nv+TDaITYK+cCeXJwF+qJIFiFwD3PF3g0RiFOM5F5JqYB1VE3brkQ427fGSsXNgipdvPE5R+syQ06sGBw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 06 Jul 2022 00:33:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 656321792368704 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 112ms
111ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/656321792368704?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e320e90ea495862cce07e979d182330cc9156942d8046bc9efc174e0a99df258

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: qIWzmi74Oa5rPktfuVTXrxIOR8ZpWCsnYPRSqkYwQcDTOEPPxHl+RHfxM0nqg8J4h3/dhAROmNIlchJaeK4TJg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 06 Jul 2022 00:33:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1657067595967
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/668857562/ 2 KB
2 KB 115ms
42ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/668857562/?random=1657067595871&cv=9&fst=1657067595871&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.coronaparadise.com.br%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5fa6b3910a5bdf9762856799eb438b349b0e881e4dcc677f68055b4d40cba6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 00:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 992
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
337 B 200ms
136ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=253ce85b-8c0e-4ec0-b26d-2343eda5c955&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=3e212417-5335-4836-b188-ccd5deaf508b&tw_document_href=https%3A%2F%2Fwww.coronaparadise.com.br%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3b9s&type=javascript&version=2.4.12

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 105
date: Wed, 06 Jul 2022 00:33:15 GMT
server: tsa_f
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 36f444fa6179c37a0f7a987b53bbcfd5e591d3ae0e2ffcacbfdc1161f795080e
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 269ms
135ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=253ce85b-8c0e-4ec0-b26d-2343eda5c955&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=3e212417-5335-4836-b188-ccd5deaf508b&tw_document_href=https%3A%2F%2Fwww.coronaparadise.com.br%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3b9s&type=javascript&version=2.4.12

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 06 Jul 2022 00:33:16 GMT
server: tsa_f
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e4bdebbd49a27878641a124dcaf05925e19bbc43ad1cea8c797066c726ec01c2
content-length: 43

GET
H2 200 modules.eaa59710f7e60ac1d235.js Show response
script.hotjar.com/ 243 KB
63 KB 117ms
36ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.eaa59710f7e60ac1d235.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2601837.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

a482008da2fe0c09824c63004a9152849f1581670c5e82fc252b9658abc9f032

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 08:42:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143470
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64077
access-control-allow-origin: *
last-modified: Mon, 04 Jul 2022 08:41:34 GMT
etag: "db52ab3b370d0f21f8ed961bf7934556"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: MEiBjCEL-GMHT2x0CxeHXL0bH_ZhbP8NHBBw-ssJE1KzBc5-YAtQWg==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 184 B
467 B 115ms
48ms XHR
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ffe46125c2a270822a1c04a7f3d80cfff046267e4a42ed1f4cd25383429d483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:16 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 72643f7b2846bb83-FRA
access-control-allow-headers: Content-Type

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame 280D 2 KB
1 KB 106ms
32ms Document
text/html 18.66.139.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2601837.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-117.fra60.r.cloudfront.net

Software

Resource Hash

f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 406397
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Jul 2022 07:39:59 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Thu, 30 Jun 2022 14:48:22 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-cf-id: ogeInD1Lpmxqb2-LO2zyHdAB5NKnD4hFhkIJ59Hs8BkU3dw6t5QAGg==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 /
www.google.com/pagead/1p-user-list/668857562/ 42 B
548 B 117ms
45ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/668857562/?random=1657067595871&cv=9&fst=1657065600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.coronaparadise.com.br%2F&async=1&fmt=3&is_vtc=1&random=2663764401&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 00:33:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/668857562/ 42 B
548 B 114ms
41ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/668857562/?random=1657067595871&cv=9&fst=1657065600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.coronaparadise.com.br%2F&async=1&fmt=3&is_vtc=1&random=2663764401&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Jul 2022 00:33:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 101ms
34ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=656321792368704&ev=PageView&dl=https%3A%2F%2Fwww.coronaparadise.com.br%2F&rl=&if=false&ts=1657067596035&sw=1600&sh=1200&v=2.9.64&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.2.1657067596034.2040163206&it=1657067595866&coo=false&tm=1&exp=p1&rqm=GET

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 06 Jul 2022 00:33:16 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.35.0/ 360 KB
85 KB 32ms
31ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 06 Jul 2022 00:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bDp57sS049dDkRqCL4m53Q==
age: 4966
vary: Accept-Encoding
content-length: 87115
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:21:06 GMT
server: cloudflare
etag: 0x8DA4784BD4AE529
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 74e8856d-c01e-0004-086f-792d64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72643f7b7dccb8ee-AMS

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/fd1d7b60-2d5d-46ec-8b49-d66476ddbc8e/b10b6291-6fa5-463a-bf67-560257f7526d/ 47 KB
13 KB 47ms
47ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/fd1d7b60-2d5d-46ec-8b49-d66476ddbc8e/b10b6291-6fa5-463a-bf67-560257f7526d/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f6046797ffcbbb4225e3be6300877b0df3c30facd18418a6414d9a89caf0a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 06 Jul 2022 00:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3M1Q0GfDaZBwUvX/EFsZRg==
vary: Accept-Encoding
content-length: 12612
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 13:33:52 GMT
server: cloudflare
etag: 0x8DA3809E1E34E64
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2008ac56-401e-00d9-35f4-697eca000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72643f7c3c6db7ae-AMS
expires: Wed, 06 Jul 2022 04:33:16 GMT

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/6.35.0/assets/ 10 KB
3 KB 44ms
44ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fad8eccf058216f2489b00b6317daded6946aaed503d2795e65a7a2768e696

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 06 Jul 2022 00:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: c6ksyO17/HquXDlCF+2Lnw==
vary: Accept-Encoding
content-length: 2565
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:20:58 GMT
server: cloudflare
etag: 0x8DA4784B896182A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b778fca2-e01e-0018-338a-79f573000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72643f7c8cc0b7ae-AMS

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.35.0/assets/v2/ 59 KB
13 KB 41ms
41ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b74420758de35d9e305c4be91525ace39bc3961b99841ab0624834b863b7cd01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 06 Jul 2022 00:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: LrLVzrJD9h3ON5w7RMLtUg==
vary: Accept-Encoding
content-length: 12974
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:20:59 GMT
server: cloudflare
etag: 0x8DA4784B8F89D0B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 64b4f2b1-e01e-0158-678a-799ac8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 72643f7c8cc2b7ae-AMS

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.35.0/assets/ 21 KB
4 KB 42ms
42ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 06 Jul 2022 00:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:21:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 3b07312b-b01e-00ee-3b8a-79d265000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 72643f7c8cc5b7ae-AMS

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 100ms
33ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.coronaparadise.com.br/
Origin: https://www.coronaparadise.com.br
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:25:00 GMT
x-content-type-options: nosniff
age: 536896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:25:00 GMT

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 33ms
33ms Image
image/svg+xml 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 06 Jul 2022 00:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: LpuayL42jB78xRllx0vkOw==
age: 4975
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Mon, 04 Jul 2022 02:38:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 1e0209f9-801e-0065-4253-8f69bb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 72643f7d1f98b8ee-AMS

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 48ms
26ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.coronaparadise.com.br
URL: https://www.coronaparadise.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 06:27:05 GMT
content-encoding: gzip
age: 65171
x-guploader-uploadid: ADPycdv7HvrZrW3D6R203twQkSCLhMQYvH4hoHysHNsIfUBT6_W1-p7FCU56wOi9a5sbWFo0mT5sgaCS0PeKGVNcVL2ZmA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6114
last-modified: Tue, 26 Apr 2022 18:06:37 GMT
server: UploadServer
etag: "6401ed812dd323a208e9e4ed7c74bb08"
x-goog-hash: crc32c=dtMtPQ==, md5=ZAHtgS3TI6II6eTtfHS7CA==
content-language: en
x-goog-generation: 1650996397146701
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 06 Jul 2022 06:27:05 GMT

GET
H3 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 79ms
25ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 09:06:35 GMT
content-encoding: gzip
age: 55601
x-guploader-uploadid: ADPycdu6VfwlyoveS2PzJ5jJO1cTRduO6hNJhbT4V7TuCLr2BdFtmYVOes5X3W3fu51pktVUbIXbhvq4BlAf0XmASslOhkUnpgjF
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8332
last-modified: Tue, 26 Apr 2022 18:06:37 GMT
server: UploadServer
etag: "c39408c14b5169b6ec7d5cc816d58e43"
x-goog-hash: crc32c=+qpsKQ==, md5=w5QIwUtRabbsfVzIFtWOQw==
content-language: en
x-goog-generation: 1650996397055202
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 06 Jul 2022 09:06:35 GMT

GET
H2 200 trk
tt-10943-6.seg.t.tailtarget.com/ 70 B
621 B 186ms
118ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-10943-6.seg.t.tailtarget.com/trk?tA=TT-10943-6&tJ=_channel:corona-paradise:1&tK=1657067597&tM=direct&tL=direct&tN=direct&tY=3&tZ=125407785
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:16 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 u Show response
b.t.tailtarget.com/ 54 B
339 B 141ms
118ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 5262a6fc20d155072dab4c31a37f8e7a27ae043b6fad1386bca51464c982e2ab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:16 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 b Show response
b.t.tailtarget.com/ 113 B
134 B 174ms
120ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-10943-6&tY=1&tS=1&tU=0100007F4CD8C462C606FAB102744703&tX=b.52&tZ=569401890
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 3a0b5dd2bbd8a7a4fcf8ea13f0a519c79dc55c14b60bb40423940e90e8e0774b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 ca Show response
tt-10943-6.seg.t.tailtarget.com/ 84 B
120 B 120ms
120ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10943-6.seg.t.tailtarget.com/ca?tZ=941227681
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: bbe2506e42ab43956f42470266e19856943daf25a80360f3aac431fca9ab9e07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 tr
www.facebook.com/ 44 B
91 B 69ms
34ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1525763847634147&ev=Tail&cd[custom_audience]=CA31484

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=1
expires: Wed, 06 Jul 2022 00:33:17 GMT

GET
H3 200 tr
www.facebook.com/ 44 B
88 B 70ms
35ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=936512340535254&ev=Tail&cd[custom_audience]=CA31484

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=1
expires: Wed, 06 Jul 2022 00:33:17 GMT

GET
H3 200 tr
www.facebook.com/ 44 B
88 B 71ms
36ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=2805243063038314&ev=Tail&cd[custom_audience]=CA31484

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=1
expires: Wed, 06 Jul 2022 00:33:17 GMT

GET
H3 200 tr
www.facebook.com/ 44 B
88 B 72ms
37ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=313158046432305&ev=Tail&cd[custom_audience]=CA31484

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=1
expires: Wed, 06 Jul 2022 00:33:17 GMT

GET
H3 200 tr
www.facebook.com/ 44 B
88 B 72ms
37ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=318845789447497&ev=Tail&cd[custom_audience]=CA31484

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=1
expires: Wed, 06 Jul 2022 00:33:17 GMT

GET
H3 200 tr
www.facebook.com/ 44 B
88 B 73ms
38ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=10152410813104227&ev=Tail&cd[custom_audience]=CA30478

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=1
expires: Wed, 06 Jul 2022 00:33:17 GMT

GET
H3 200 tr
www.facebook.com/ 44 B
88 B 73ms
38ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1525763847634147&ev=Tail&cd[custom_audience]=CA30478

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=1
expires: Wed, 06 Jul 2022 00:33:17 GMT

GET
H3 200 tr
www.facebook.com/ 44 B
88 B 74ms
39ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=936512340535254&ev=Tail&cd[custom_audience]=CA30478

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=1
expires: Wed, 06 Jul 2022 00:33:17 GMT

GET
H3 200 tr
www.facebook.com/ 44 B
88 B 74ms
39ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=2805243063038314&ev=Tail&cd[custom_audience]=CA30478

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=1
expires: Wed, 06 Jul 2022 00:33:17 GMT

GET
H3 200 tr
www.facebook.com/ 44 B
88 B 74ms
39ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=313158046432305&ev=Tail&cd[custom_audience]=CA30478

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=1
expires: Wed, 06 Jul 2022 00:33:17 GMT

GET
H3 200 tr
www.facebook.com/ 44 B
88 B 74ms
39ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=794462964430599&ev=Tail&cd[custom_audience]=CA30478

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=1
expires: Wed, 06 Jul 2022 00:33:17 GMT

GET
H3 200 tr
www.facebook.com/ 44 B
88 B 75ms
40ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=318845789447497&ev=Tail&cd[custom_audience]=CA30478

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=1
expires: Wed, 06 Jul 2022 00:33:17 GMT

GET
H2

200

doubleclick
cm.t.tailtarget.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=7225398379&google_ula=7264504147&google_ula=7174926753
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEGHzi1QYAHZq76WrgxFm4ZI&google_cver=1&google_ula=7225398379,0&google_ula=7264504147,0&google_ula=7174926753,0

70 B
374 B

162ms
119ms

Image
image/png

34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEGHzi1QYAHZq76WrgxFm4ZI&google_cver=1&google_ula=7225398379,0&google_ula=7264504147,0&google_ula=7174926753,0
Protocol: H2
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
via: 1.1 google
server: nginx/1.17.8
content-type: image/png
cache-control: no-cache
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

Redirect headers

pragma: no-cache
date: Wed, 06 Jul 2022 00:33:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEGHzi1QYAHZq76WrgxFm4ZI&google_cver=1&google_ula=7225398379,0&google_ula=7264504147,0&google_ula=7174926753,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 377
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
299 B 158ms
118ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-10943-6&tE=0&tF=&tI=_rotterdam_south%20holland_nl_1657067597054_533501579&tJ=CA31186,CA31484,CA30478&tQ=corona-paradise&tU=0100007F4CD8C462C606FAB102744703&tX=b.52&tY=1&tZ=230296551
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 33ms
32ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=656321792368704&ev=Microdata&dl=https%3A%2F%2Fwww.coronaparadise.com.br%2F&rl=&if=false&ts=1657067597540&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22Conhe%C3%A7a%20nossa%20curadoria%20exclusiva%20de%20destinos%2C%20hospedagens%20e%20experi%C3%AAncias%2C%20inspirada%20no%20seu%20lifestyle.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.64&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.2.1657067596034.2040163206&it=1657067595866&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 00:33:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 06 Jul 2022 00:33:17 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.coronaparadise.com.br/	1970-01-20 13:03:16	Name: visid_incap_2611231 Value: 3e8MUX/CTbGAts6HLrWQ+EfYxGIAAAAAQUIPAAAAAAB32XHDv3mslcxUCBoFJI8l
.coronaparadise.com.br/	1969-12-31 23:59:59	Name: incap_ses_273_2611231 Value: zN9sbZGgcUbhQIEPuuTJA0jYxGIAAAAA1TipPiI5frEy38WpZ4sh1Q==
.coronaparadise.com.br/	1970-01-20 06:27:23	Name: _gcl_au Value: 1.1.474526462.1657067596
.coronaparadise.com.br/	1970-01-20 06:27:23	Name: _fbp Value: fb.2.1657067596034.2040163206
.t.co/	1970-01-20 21:48:59	Name: muc_ads Value: 91d95e15-04e8-4f8c-859a-ce86fd93a0be
.twitter.com/	1970-01-20 21:48:59	Name: personalization_id Value: "v1_swRzzcu1wxOZWfBuSMhOnQ=="
.coronaparadise.com.br/	1970-01-20 13:03:23	Name: _hjSessionUser_2601837 Value: eyJpZCI6ImNkYjQ4YzcyLTRjM2MtNTk0ZC1iYjAxLTkwOGU0ZTkyYWZmNyIsImNyZWF0ZWQiOjE2NTcwNjc1OTYxNDAsImV4aXN0aW5nIjpmYWxzZX0=
.coronaparadise.com.br/	1970-01-20 04:17:49	Name: _hjFirstSeen Value: 1
www.coronaparadise.com.br/	1970-01-20 04:17:47	Name: _hjIncludedInSessionSample Value: 0
.coronaparadise.com.br/	1970-01-20 04:17:49	Name: _hjSession_2601837 Value: eyJpZCI6IjNhNjY2ODYxLTU5ZjgtNDYxNC04NTczLTIxZWQxODNjZWIyNyIsImNyZWF0ZWQiOjE2NTcwNjc1OTYxNjUsImluU2FtcGxlIjpmYWxzZX0=
.coronaparadise.com.br/	1970-01-20 04:17:49	Name: _hjAbsoluteSessionInProgress Value: 0
.coronaparadise.com.br/	1970-01-20 13:03:23	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Jul+06+2022+00%3A33%3A16+GMT%2B0000+(GMT)&version=6.35.0&isIABGlobal=false&hosts=&consentId=168d6f3d-97e9-4e25-b5ab-f319c81ccab4&interactionCount=0&landingPath=https%3A%2F%2Fwww.coronaparadise.com.br%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0
www.coronaparadise.com.br/	1970-01-20 04:17:49	Name: tt_c_vmt Value: 1657067597
www.coronaparadise.com.br/	1970-01-20 04:17:49	Name: tt_c_c Value: direct
www.coronaparadise.com.br/	1970-01-20 04:17:49	Name: tt_c_s Value: direct
www.coronaparadise.com.br/	1970-01-20 04:17:49	Name: tt_c_m Value: direct
www.coronaparadise.com.br/	1970-01-20 21:34:35	Name: _ttuu.s Value: 1657067596691
.tt-10943-6.seg.t.tailtarget.com/	1970-01-20 05:00:59	Name: trk Value: 9xWF5TeYxYZeMgKZWK3VML7J9/NIrt3xnhAmWKXOz5E=
.t.tailtarget.com/	1970-01-20 04:20:40	Name: _ssc Value: y
.t.tailtarget.com/	1970-01-20 13:03:23	Name: u Value: fwAAAWLE2Eyx+gbGA0d0AgB=
www.coronaparadise.com.br/	1970-01-20 13:03:23	Name: tt.u Value: 0100007F4CD8C462C606FAB102744703
.t.tailtarget.com/	1970-01-20 05:00:59	Name: ttbprf Value: _rotterdam_south holland_nl_1657067597054_533501579
.t.tailtarget.com/	1970-01-20 04:17:49	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 05:00:59	Name: ttnprf Value:
www.coronaparadise.com.br/	1970-01-20 04:19:13	Name: tt.nprf Value:
.tt-10943-6.seg.t.tailtarget.com/	1970-01-20 04:17:51	Name: ttca Value: CA31186,CA31484,CA30478_1657067597
.doubleclick.net/	1970-01-20 13:39:23	Name: IDE Value: AHWqTUljM3lvxLSbEB13mzQWfBoLTa79xYq4pwjVUwl19etdH6smvQfBWkK0n5z1xGo
.t.tailtarget.com/	1970-01-20 05:00:59	Name: n Value: 1657067597
.t.tailtarget.com/	1970-01-20 05:00:59	Name: tp1 Value: CAESEGHzi1QYAHZq76WrgxFm4ZI
.t.tailtarget.com/	1970-01-20 05:00:59	Name: dc Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SameOrigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
b.t.tailtarget.com
cdn.cookielaw.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.t.tailtarget.com
connect.facebook.net
coronacerveja.com.br
d.tailtarget.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
script.hotjar.com
static.ads-twitter.com
static.hotjar.com
t.co
t.tailtarget.com
tags.t.tailtarget.com
thisisliving.com.br
tt-10943-6.seg.t.tailtarget.com
vars.hotjar.com
www.coronacerveja.com.br
www.coronaparadise.com.br
www.facebook.com
www.google.com
www.google.nl
www.googleadservices.com
www.googletagmanager.com
104.244.42.195
104.244.42.69
142.250.185.98
172.217.16.130
18.66.139.117
18.66.2.17
192.16.48.52
199.232.188.157
2606:4700:10::6814:b844
2606:4700::6810:9540
2606:4700::6811:190e
2a00:1450:4001:802::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:830::2002
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.102.185.99
35.201.123.184
45.60.34.211
52.222.236.122
68.232.34.35
006abae75f7e41378fbebbd88affb47633674e258fb993dc4fd5e72e821be577
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
0f6438a218efdf31490216989c7ac3fec3319ddb50785c6d42474ffa4db21458
0ffe46125c2a270822a1c04a7f3d80cfff046267e4a42ed1f4cd25383429d483
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
188a96e2195f7203173d57de362b9cd2d950ac0a5373de713f260d8f266c23c0
1901d1d03feb33b5a69f032eff9ba4fa150a94cf2c1fc7226f4b73c764c6d11e
2f6046797ffcbbb4225e3be6300877b0df3c30facd18418a6414d9a89caf0a62
3056ec90ce77d72dd57e3d4ed653e0a729a64ba7f096fd407af5bdf48f711f46
3a0b5dd2bbd8a7a4fcf8ea13f0a519c79dc55c14b60bb40423940e90e8e0774b
476f4fcda7a37930b0b98b8f2113cdb842e0584819da303fc0ae09f93b131cf9
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
5262a6fc20d155072dab4c31a37f8e7a27ae043b6fad1386bca51464c982e2ab
53564b513bb9ea2e70b6218aaff24c15852c942d10fa698c983e4be59dce27ac
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
57e35549872e8e435cc5aedb8264fd490ade40591d42302e95eedd5943d8382f
6e2c485acfcb7d1f7272373433ec36a4e8e4db26670c81e32cfd91b3c5a5352c
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
77989276b59319c57b904fcbcf76b896738143c13929546dff7bd18d478520a5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
89fad8eccf058216f2489b00b6317daded6946aaed503d2795e65a7a2768e696
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
9095190c6ca878a2bdf97c49f93e34efdb211f5ecf489c1faed63e33c1594611
a2e1ed4ec850ad8191335238dd7cc70c45271c0d6d4035cfb5d79ba1fb6730fd
a482008da2fe0c09824c63004a9152849f1581670c5e82fc252b9658abc9f032
a6a6fbe98c0b96362b5da53e555151f38af65adb748f87b677d4dcb78e772e56
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acdbf65d651ae39cebd81d7725f8b2217f72a8020b74f51e3e6e51860ec6fb4e
af5bad0e0377b7741008b693274f86793272c7ed24cacf53648102c4e7ea61b7
b5fa6b3910a5bdf9762856799eb438b349b0e881e4dcc677f68055b4d40cba6c
b74420758de35d9e305c4be91525ace39bc3961b99841ab0624834b863b7cd01
bbe2506e42ab43956f42470266e19856943daf25a80360f3aac431fca9ab9e07
be98d473ba716134a65ad8730e4bebe4ba9953fa0ea851170c7f062a0dd8f412
cd9a16489db2341153b331ba9a117430d2273b18b39540eae36cf66a51daa161
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf902ac59c80c72cc989ab70ebeef66aba3db6c94bec0d4382c8c4bd79e56993
d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e320e90ea495862cce07e979d182330cc9156942d8046bc9efc174e0a99df258
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb6b88ce0bfd26523cfeda88e0b1d2438efc9b88d22bbe1b58215a5606f130a0
ef08ab21c5e4336e0db6219dfc6526dc07b0f2e9c69afe08482353f31c2a15e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
fc5d5c96e58d8e381f72e3d9831b0a7f383c64ea232c2a5f19ea236cf653294b
fd39dd1bb8751a4cb079d4e35ea2a5a89f5c1b1c51d0cce6ab16aee0a8ec077a

www.coronaparadise.com.br Open in urlscan Pro 45.60.34.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

99 %HTTPS

43 %IPv6

19 Domains

28 Subdomains

21 IPs

2 Countries

2001 kBTransfer

3921 kBSize

30 Cookies

2 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.coronaparadise.com.br Open in urlscan Pro
45.60.34.211 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

99 %
HTTPS

43 %
IPv6

19
Domains

28
Subdomains

21
IPs

2
Countries

2001 kB
Transfer

3921 kB
Size

30
Cookies

69 HTTP transactions
1 data transactions