promopages-cloudflare.pages.dev Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://promopages-cloudflare.pages.dev/
Submission: On June 12 via automatic, source certstream-suspicious (June 12th 2023, 4:38:43 pm UTC) — Scanned from NL

Summary HTTP 26 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 26 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is promopages-cloudflare.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on June 12th 2023. Valid for: 3 months.

This is the only time promopages-cloudflare.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	35.173.31.50 35.173.31.50	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	18.213.25.212 18.213.25.212	14618 (AMAZON-AES) (AMAZON-AES)
1	18.235.172.216 18.235.172.216	14618 (AMAZON-AES) (AMAZON-AES)
26	11

10 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

promopages-cloudflare.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.173.31.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-31-50.compute-1.amazonaws.com

launcher.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.213.25.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-25-212.compute-1.amazonaws.com

identification.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.172.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-172-216.compute-1.amazonaws.com

tracking-api.hotmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	pages.dev promopages-cloudflare.pages.dev	121 KB
5	hotmart.com launcher.hotmart.com — Cisco Umbrella Rank: 196565 identification.hotmart.com — Cisco Umbrella Rank: 208880 tracking-api.hotmart.com — Cisco Umbrella Rank: 87147	9 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	270 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	136 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	132 KB
2	gstatic.com fonts.gstatic.com	29 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1892	265 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1014 B
26	8

	Domain	Requested by
10	promopages-cloudflare.pages.dev	promopages-cloudflare.pages.dev
3	www.facebook.com	promopages-cloudflare.pages.dev
2	identification.hotmart.com	launcher.hotmart.com
2	launcher.hotmart.com	promopages-cloudflare.pages.dev launcher.hotmart.com
2	connect.facebook.net	promopages-cloudflare.pages.dev connect.facebook.net
2	www.googletagmanager.com	promopages-cloudflare.pages.dev www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
1	tracking-api.hotmart.com	launcher.hotmart.com
1	region1.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	promopages-cloudflare.pages.dev
26	10

This site contains links to these domains. Also see Links.

Domain
livrosdeumbanda.com.br

Subject Issuer	Validity	Valid
promopages-cloudflare.pages.dev GTS CA 1P5	`2023-06-12` - `2023-09-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-22` - `2023-06-20`	3 months	crt.sh
data.hotmart.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-02`	10 months	crt.sh

This page contains 1 frames:

Primary Page: https://promopages-cloudflare.pages.dev/
Frame ID: 64EDE6088771AC0526CC85A8E85D5507
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Livros de Umbanda.com.br - Umbanda Eu Curto Promo

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-
vue[.-]([\d.]*\d)[^/]*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

26
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

429 kB
Transfer

1110 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://livrosdeumbanda.com.br/
Title: Livros de Umbanda.com.br

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
promopages-cloudflare.pages.dev/ 9 KB
5 KB 138ms
54ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promopages-cloudflare.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce1485d34dcc7e1ff61fb656b27c1d0edfab48d730a42b8ec49832555a9eeb1b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: HIT
cf-ray: 7d6386744a77b936-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 12 Jun 2023 16:38:37 GMT
etag: W/"2b76e3573abb19dc9f8ac4cd5d2da307"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tu1Cbb04joIlRhkbE5ScmzZKMAWVfO9bm9DQq8uJmOVPZdU0fwEfNyGYE6o8T3%2FxBx4TNTEWRlxM%2F5EUTyhiP%2FOPk45U6nG9BTqtkfQG2huk9voOxg8eFSeCoF32jPgAkjDDvG3yXAIlYUgFuuDMnIMiPr3AoMAgI8KR9Kpi"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 app.ae9e9ae5.js Show response
promopages-cloudflare.pages.dev/assets/js/ 190 KB
68 KB 652ms
651ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promopages-cloudflare.pages.dev/assets/js/app.ae9e9ae5.js
Requested by: Host: promopages-cloudflare.pages.dev
URL: https://promopages-cloudflare.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afbd7755a93bcf3d7255bd4834f54e11c9441ff9d68f1a1cbedbde285d74fa8f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:38:38 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1cebc4a1dffaa53af3a4e9c7071369dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXc01IK3xpxibEAGY9EYEDMs9BkN2QanJUIFE79FWZeaLOtrr16MQcIKPreocFsEldWD8%2Fuh6EFsdzxaOl1kn%2FnLnNZ%2F3r9JGsORyBrAGWSeC0ltVYkwCfuN7ISPLljkajUbfL6kOq61GFl9b1FQFjwN8U35u0SlEABBCkx8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
cf-ray: 7d638674aaf0b936-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 page--src--pages--index-vue.0453d31a.js Show response
promopages-cloudflare.pages.dev/assets/js/ 579 B
742 B 218ms
218ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promopages-cloudflare.pages.dev/assets/js/page--src--pages--index-vue.0453d31a.js
Requested by: Host: promopages-cloudflare.pages.dev
URL: https://promopages-cloudflare.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9b2b38ecacd42e00de92dd88274a1ed181781d54662555df9ce32871cddcecf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:38:37 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7a742e0f4db204da5eeb8e8fc26696f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kb9ns%2B0t%2B%2FBwEm9IH2zXUthj%2FU10gKB3Nu96KXvTl73Tx82l7YtCm5wgKbs0rMK91HxtclGh%2BiqTDF9Ye15au4vYBqLGhIQDrJ8arL1vRAteYzmjV8ZLZbALc985%2Br6LWsg5WEbDoBttciNEV%2F9cc2U63XYC0B4rrfnHpfyH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
cf-ray: 7d638674aaf8b936-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 0.styles.aff5aa41.css
promopages-cloudflare.pages.dev/assets/css/ 10 KB
3 KB 262ms
261ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promopages-cloudflare.pages.dev/assets/css/0.styles.aff5aa41.css
Requested by: Host: promopages-cloudflare.pages.dev
URL: https://promopages-cloudflare.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1386e39ae504c6299959bb31e6369a5626aa3cffe6e259d5e8473cf640669c5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:38:37 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a83a7ba57fe8c6dc27e3d36e2d820dfb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfV4W9BVcTFMwzrqPolrigKamAooUnVuekdihs%2FzuS%2BgSjd8b2qQ7u1r6Q8H5LQBnNh%2Ffo2pCHGFeihhuhJUXqj2jnNiqtJLnRkyjAlfNfzD4i01lTj4BuVnwbfi2hgWO31I66NC5k%2FhKjM3Mq9iGPZHTNDyxDG0M0831dIk"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=0, must-revalidate
cf-ray: 7d638674aaf5b936-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 7.69365b8c.js
promopages-cloudflare.pages.dev/assets/js/ 0
6 KB 255ms
254ms Other
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promopages-cloudflare.pages.dev/assets/js/7.69365b8c.js
Requested by: Host: promopages-cloudflare.pages.dev
URL: https://promopages-cloudflare.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:38:37 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e197c9549aaacfba6991d3d32732be57"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qrin54gJEfKNNqdUtcYazO%2Buq4RI2AMDiBClVn0FaOEakxh7t3Knl38grE8QYmLrLsj7RZAoVTsrjyfnP8S%2FEMlbPMsNkgvNF77063NYpiFmBYigj018fwA9y3B0M2b%2BYrXtwrqH8PBHsAFcxR13xHNWHlxQnZzXxqiQu36N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
cf-ray: 7d638674aafab936-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 page--node-modules--gridsome--app--pages--404-vue.529984de.js
promopages-cloudflare.pages.dev/assets/js/ 0
544 B 236ms
235ms Other
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promopages-cloudflare.pages.dev/assets/js/page--node-modules--gridsome--app--pages--404-vue.529984de.js
Requested by: Host: promopages-cloudflare.pages.dev
URL: https://promopages-cloudflare.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:38:37 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"16a206adedd41450221f0432c945faf4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hRJ4O2OntxPpykBSKmaBVSDmVwwShgqupxl5XjPPgsSkgy2RyRP9oWPB0DAFdKdHXqB8ogn1rys8nGkxX2b%2BAzuGOHk%2FGSMZNpFj6UQZZS8ffoQuAqvMk7dvJkaRUF6pzlDF64OZwjQhbU16tscW5co5vSkzgkTzwoepHdi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
cf-ray: 7d638674bafbb936-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 page--src--templates--autor-vue.2f6dd779.js
promopages-cloudflare.pages.dev/assets/js/ 0
543 B 240ms
238ms Other
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promopages-cloudflare.pages.dev/assets/js/page--src--templates--autor-vue.2f6dd779.js
Requested by: Host: promopages-cloudflare.pages.dev
URL: https://promopages-cloudflare.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:38:37 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b474ff70243c663243e763ac3b967669"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBMtfMCy59D8I%2F9BGs87j6vH7YS%2FOr%2Fy307nwRXgrKFuSa%2B2aRDI%2FfDviXzhUL9D3H1JNaTIH%2Fxj%2BdXbtkDvtPdbOk8BCa3I8fabEtceK8c3bog%2FWoPBJIW0WLGH9AJ5LOqGYCfx1BRWBvHsZqvkNga3wIdSRkW%2B5%2FFsU2py"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
cf-ray: 7d638674bafcb936-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 page--src--templates--landing-vue.447c4022.js
promopages-cloudflare.pages.dev/assets/js/ 0
25 KB 351ms
350ms Other
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promopages-cloudflare.pages.dev/assets/js/page--src--templates--landing-vue.447c4022.js
Requested by: Host: promopages-cloudflare.pages.dev
URL: https://promopages-cloudflare.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:38:37 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"57b3cd1349ae7b82097b3a54404ac13f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvulZB0E57C%2BjdgcbxmgQWE6OCuYlc0yARmuqy8aS7tfy1virAXUAgdlE%2BE0ZXuUtfIzJAfRkJJWVxXDhfWgowL5sWnlYMq5lIUN3eGphsv6%2Ba1J5yilIPdNm%2FSAO69D2wjIgIdLolJcX7qHgFl14UKX%2F3fpFF0WmKLWPV63"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
cf-ray: 7d638674bafdb936-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 vendors~page--src--templates--landing-vue.4a0dd787.js
promopages-cloudflare.pages.dev/assets/js/ 0
9 KB 285ms
284ms Other
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promopages-cloudflare.pages.dev/assets/js/vendors~page--src--templates--landing-vue.4a0dd787.js
Requested by: Host: promopages-cloudflare.pages.dev
URL: https://promopages-cloudflare.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:38:37 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d4aedb47e86514bcbf0072ba9838169c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1%2FJ0ooVfVVrcJKblf8xwe3CdJeauZUR2Gp7Rh9Hdh6e3ee228ERC%2B%2F76Psw4ukz%2B0iakc5ErUluBNusELlnes6l1eSp6hf1P640mHOdLd%2BlD67r0G%2BJAQWh0bpBmmm8JL4h5ITkPKL0M0rszTCuevRNMuNcJ%2BqoIGOZgcP9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
cf-ray: 7d638674bafeb936-AMS
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58aca11c52aeeb1e07263bd4b722b6880976aabfb4200ff8ee5d40f6b585ebd4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1014 B 118ms
43ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:wght@300;700&family=Poppins:wght@700&display=swap

Requested by

Host: promopages-cloudflare.pages.dev
URL: https://promopages-cloudflare.pages.dev/assets/css/0.styles.aff5aa41.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9a5bbed18c3e5c38417f37cc621b65ed7cd81ae6d9d4f0c563afcae8f90397d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Jun 2023 16:38:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 16:38:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jun 2023 16:38:37 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 136ms
64ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@300;700&family=Poppins:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://promopages-cloudflare.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 17:47:42 GMT
x-content-type-options: nosniff
age: 168656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 17:47:42 GMT

GET
H2 200 7cHqv4kjgoGqM7E3p-ks51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 107ms
36ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3p-ks51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@300;700&family=Poppins:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6563f08627fa2cd60c0c300318405b6f545f0d7f469df6ba87c9e31ecc987217

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://promopages-cloudflare.pages.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 19:22:53 GMT
x-content-type-options: nosniff
age: 162945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20992
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:13:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 19:22:53 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 147 KB
56 KB 126ms
52ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR7DJ8D

Requested by

Host: promopages-cloudflare.pages.dev
URL: https://promopages-cloudflare.pages.dev/assets/js/app.ae9e9ae5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72bc64158198f9eb4d92e9c226d339b697cbe1c291ff22f6486666ca220465bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:38:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57390
x-xss-protection: 0
last-modified: Mon, 12 Jun 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jun 2023 16:38:38 GMT

GET
H3 200 uec-livros-de-umbanda.6b79d84.8dcafb417b0cd5c0a9faeaf9549adf40.svg
promopages-cloudflare.pages.dev/assets/static/ 11 KB
4 KB 89ms
88ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promopages-cloudflare.pages.dev/assets/static/uec-livros-de-umbanda.6b79d84.8dcafb417b0cd5c0a9faeaf9549adf40.svg
Requested by: Host: promopages-cloudflare.pages.dev
URL: https://promopages-cloudflare.pages.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61ad4324478ea7472f5fc458dee3e6bc11f7ac5c8a4cc049dc108611a1b071b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:38:38 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3ecfcbc09b69267f62fecbf08e59facc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOROexrfrTGLP2N3Lw1rH9Ys9beJSlbp79%2BwEs4jnqzD2tizh0GFkrCLaXvASkQlwtCEUVD5KG5fv%2BerjRNhV94Z%2B77A4iKljXOek66h1t1LGxZGCcY7NR9dmvtjcYh9W%2F7mh%2BMZIVbCh43P9lrRxBckgK3oUdDDSYa%2BzSwl"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
cf-ray: 7d6386790f770c21-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 108 KB
28 KB 105ms
34ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: promopages-cloudflare.pages.dev
URL: https://promopages-cloudflare.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Jun 2023 16:38:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27810
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: nOuwTGqsiJP1wOfmIKjiopg4KnK2CYZdvYYNs30vLEJyxvoHl2L+xijFjE0BAh+LN5/vb2YWrmk+xSkLBCCwxg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 launcher.js Show response
launcher.hotmart.com/ 6 KB
3 KB 344ms
111ms Script
application/javascript 35.173.31.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://launcher.hotmart.com/launcher.js

Requested by

Host: promopages-cloudflare.pages.dev
URL: https://promopages-cloudflare.pages.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.31.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-31-50.compute-1.amazonaws.com

Software

Resource Hash

1690d9be98a0d0eae94c70bac71dbe9a8ba67fd946fb4f5ef3245d2c09253c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:38:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Mon, 12 Jun 2023 16:38:38 GMT
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 2619
x-xss-protection: 1; mode=block
expires: Mon, 12 Jun 2023 16:38:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
76 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RCMR2E1QGV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR7DJ8D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

061d75e9b25eae640c76f286c3442576766174dedbca718fb77ac94b94570708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:38:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77559
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Jun 2023 16:38:38 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
265 B 84ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RCMR2E1QGV&gtm=45je3671&_p=1303550395&cid=1162801386.1686587919&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1686587918&sct=1&seg=0&dl=https%3A%2F%2Fpromopages-cloudflare.pages.dev%2F&dt=Livros%20de%20Umbanda.com.br%20-%20Umbanda%20Eu%20Curto%20Promo&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RCMR2E1QGV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 16:38:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://promopages-cloudflare.pages.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 514361476134564 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 289ms
288ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/514361476134564?v=2.9.107&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5793b67528c9d8faf5c588443c5ab7ded377f376c98186d32f6d67354153ff1a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 12 Jun 2023 16:38:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: dn1gBXFEi7kSUQTlLnfDM/8N96xa2V5sXhCsIvNHsl3Z0c51kxpq+NZ8f8dgT6Oud5Z74JRz1ghfr5b5osRqsg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 load-js Show response
launcher.hotmart.com/rest/v1/module/ 48 B
486 B 320ms
111ms XHR
application/json 35.173.31.50
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://launcher.hotmart.com/rest/v1/module/load-js?hotid=eyJzaWQiOiI4MDVhNmMwZmExYWE0M2E0YTRmMTY4MDVkMzMxZjhiNiIsInBhZ2V2aWV3X2lkIjoiUFYwNTdsa3llOWZuZHdsaXQyd2V4dSIsInRyYWNlX2lkIjoiTFR2c2pvaW02eThmbGl0MndleHUifQ==&locationHref=https%3A%2F%2Fpromopages-cloudflare.pages.dev%2F&account=86f95f4a-2c3f-3177-b0e9-76c0a25bf620

Requested by

Host: launcher.hotmart.com
URL: https://launcher.hotmart.com/launcher.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.31.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-31-50.compute-1.amazonaws.com

Software

Resource Hash

597d29c545d7a79da6b84b08603de509450bb81d0e88d3d9766b3cfae368120e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promopages-cloudflare.pages.dev/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 12 Jun 2023 16:38:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Location, Link, ETag
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 98ms
32ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=514361476134564&ev=PageView&dl=https%3A%2F%2Fpromopages-cloudflare.pages.dev%2F&rl=&if=false&ts=1686587918924&sw=1600&sh=1200&v=2.9.107&r=stable&a=tmgoogletagmanager&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22240751697292357%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22BRL%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22548776052702384%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.2.1686587918922.2048559857&cs_est=true&it=1686587918567&coo=false&rqm=GET

Requested by

Host: promopages-cloudflare.pages.dev
URL: https://promopages-cloudflare.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Jun 2023 16:38:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 98ms
33ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=514361476134564&ev=InitiateCheckout&dl=https%3A%2F%2Fpromopages-cloudflare.pages.dev%2F&rl=&if=false&ts=1686587918925&sw=1600&sh=1200&v=2.9.107&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.2.1686587918922.2048559857&it=1686587918567&coo=false&rqm=GET

Requested by

Host: promopages-cloudflare.pages.dev
URL: https://promopages-cloudflare.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Jun 2023 16:38:39 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 id.min.js Show response
identification.hotmart.com/ 5 KB
5 KB 330ms
104ms Script
text/html 18.213.25.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://identification.hotmart.com/id.min.js?account=86f95f4a-2c3f-3177-b0e9-76c0a25bf620
Requested by: Host: launcher.hotmart.com
URL: https://launcher.hotmart.com/launcher.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.25.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-25-212.compute-1.amazonaws.com
Software: WildFly/9 / Undertow/1
Resource Hash: 22abb44ac609885ebd5ed2f512451085dc43e8457e9a2cfdf8bd86dd82073258

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:38:39 GMT
last-modified: Mon, 12 Jun 2023 15:31:59 GMT
server: WildFly/9
x-powered-by: Undertow/1
content-type: text/html;charset=utf-8
cache-control: max-age=60
content-length: 5404
expires: 168658791935860000

GET
H2 200 track Show response
tracking-api.hotmart.com/rest/ 0
101 B 326ms
105ms XHR
application/json 18.235.172.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking-api.hotmart.com/rest/track?hotid=eyJzaWQiOiI4MDVhNmMwZmExYWE0M2E0YTRmMTY4MDVkMzMxZjhiNiIsImNpZCI6IjE2ODY1ODc5MTk0MDk4NTQwNTY2OTAzNzY2OTEzMDAiLCJiaWQiOiIxNjg2NTg3OTE5NDA5ODU0MDU2NjkwMzc2NjkxMzAwIiwicGFnZXZpZXdfaWQiOiJQVjA1N2xreWU5Zm5kd2xpdDJ3ZXh1IiwidHJhY2VfaWQiOiJMVG9mOWdjZnk5bW05bGl0MndmZzEifQ==&sid=805a6c0fa1aa43a4a4f16805d331f8b6&cid=1686587919409854056690376691300&bid=1686587919409854056690376691300&account=86f95f4a-2c3f-3177-b0e9-76c0a25bf620&locationHref=https%3A%2F%2Fpromopages-cloudflare.pages.dev%2F
Requested by: Host: launcher.hotmart.com
URL: https://launcher.hotmart.com/launcher.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.172.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-172-216.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://promopages-cloudflare.pages.dev/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://promopages-cloudflare.pages.dev
date: Mon, 12 Jun 2023 16:38:39 GMT
content-length: 0
content-type: application/json

GET
H2 200 id.gif
identification.hotmart.com/ 43 B
161 B 105ms
104ms Image
image/gif 18.213.25.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://identification.hotmart.com/id.gif?cid=1686587919409854056690376691300&bid=1686587919409854056690376691300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.25.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-25-212.compute-1.amazonaws.com
Software: WildFly/9 / Undertow/1
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:38:39 GMT
cache-control: no-cache
server: WildFly/9
x-powered-by: Undertow/1
content-length: 43
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 32ms
32ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=514361476134564&ev=Microdata&dl=https%3A%2F%2Fpromopages-cloudflare.pages.dev%2F&rl=&if=false&ts=1686587920427&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Livros%20de%20Umbanda.com.br%20-%20Umbanda%20Eu%20Curto%20Promo%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.107&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.2.1686587918922.2048559857&it=1686587918567&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://promopages-cloudflare.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 12 Jun 2023 16:38:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.promopages-cloudflare.pages.dev/	1970-01-20 22:05:47	Name: _ga Value: GA1.1.1162801386.1686587919
.promopages-cloudflare.pages.dev/	1970-01-20 22:05:47	Name: _ga_RCMR2E1QGV Value: GS1.1.1686587918.1.0.1686587918.0.0.0
.promopages-cloudflare.pages.dev/	1970-01-20 14:39:23	Name: _fbp Value: fb.2.1686587918922.2048559857
.promopages-cloudflare.pages.dev/	1970-01-20 22:05:47	Name: hotid Value: eyJzaWQiOiI4MDVhNmMwZmExYWE0M2E0YTRmMTY4MDVkMzMxZjhiNiIsImNpZCI6IjE2ODY1ODc5MTk0MDk4NTQwNTY2OTAzNzY2OTEzMDAiLCJiaWQiOiIxNjg2NTg3OTE5NDA5ODU0MDU2NjkwMzc2NjkxMzAwIn0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
identification.hotmart.com
launcher.hotmart.com
promopages-cloudflare.pages.dev
region1.google-analytics.com
tracking-api.hotmart.com
www.facebook.com
www.googletagmanager.com
18.213.25.212
18.235.172.216
2001:4860:4802:32::36
2a00:1450:4001:809::2003
2a00:1450:4001:812::2008
2a00:1450:4001:828::200a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
35.173.31.50
061d75e9b25eae640c76f286c3442576766174dedbca718fb77ac94b94570708
1386e39ae504c6299959bb31e6369a5626aa3cffe6e259d5e8473cf640669c5d
1690d9be98a0d0eae94c70bac71dbe9a8ba67fd946fb4f5ef3245d2c09253c27
22abb44ac609885ebd5ed2f512451085dc43e8457e9a2cfdf8bd86dd82073258
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5793b67528c9d8faf5c588443c5ab7ded377f376c98186d32f6d67354153ff1a
58aca11c52aeeb1e07263bd4b722b6880976aabfb4200ff8ee5d40f6b585ebd4
597d29c545d7a79da6b84b08603de509450bb81d0e88d3d9766b3cfae368120e
61ad4324478ea7472f5fc458dee3e6bc11f7ac5c8a4cc049dc108611a1b071b3
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
6563f08627fa2cd60c0c300318405b6f545f0d7f469df6ba87c9e31ecc987217
72bc64158198f9eb4d92e9c226d339b697cbe1c291ff22f6486666ca220465bf
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
afbd7755a93bcf3d7255bd4834f54e11c9441ff9d68f1a1cbedbde285d74fa8f
c9a5bbed18c3e5c38417f37cc621b65ed7cd81ae6d9d4f0c563afcae8f90397d
ce1485d34dcc7e1ff61fb656b27c1d0edfab48d730a42b8ec49832555a9eeb1b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b2b38ecacd42e00de92dd88274a1ed181781d54662555df9ce32871cddcecf

promopages-cloudflare.pages.dev Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

70 %IPv6

8 Domains

10 Subdomains

11 IPs

2 Countries

429 kBTransfer

1110 kBSize

4 Cookies

1 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

4 Cookies

Indicators

promopages-cloudflare.pages.dev Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

429 kB
Transfer

1110 kB
Size

4
Cookies

26 HTTP transactions
1 data transactions