urlscan.io logo urlscan.io
SecurityTrails logo

oncorretor.com.br Open in urlscan Pro
2606:4700:3037::ac43:a841  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://safeprime.com.br/
Effective URL: https://oncorretor.com.br/
Submission: On June 16 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 15 domains to perform 93 HTTP transactions. The main IP is 2606:4700:3037::ac43:a841, located in United States and belongs to CLOUDFLARENET, US. The main domain is oncorretor.com.br. The Cisco Umbrella rank of the primary domain is 883939.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.
This is the only time oncorretor.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3036::ac43:bc97 (United States)

ASN13335 (CLOUDFLARENET, US)
safeprime.com.br
29    2606:4700:3037::ac43:a841 (United States)

ASN13335 (CLOUDFLARENET, US)
oncorretor.com.br
construtor.oncorretor.com.br
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ukwest.onetrust.com
geolocation.onetrust.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.20.78.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-78-240.compute-1.amazonaws.com
api.ipify.org
10    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    177.87.154.110 (Bauru, Brazil)

ASN52579 (Noroestecom Telecomunicacoes Ltda, BR)
PTR: r-110.154-87-177.nrttelecom.com.br
t-construtor.mstech.com.br
1    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
code.jivosite.com
1    178.154.209.182 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
node-ya13.jivosite.com
Apex Domain
Subdomains		 Transfer
29 oncorretor.com.br
oncorretor.com.br — Cisco Umbrella Rank: 883939
construtor.oncorretor.com.br
2 MB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
333 KB
12 onetrust.com
cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 6942
geolocation.onetrust.com — Cisco Umbrella Rank: 818
132 KB
10 youtube.com
www.youtube.com — Cisco Umbrella Rank: 100
751 KB
8 jivosite.com
code.jivosite.com — Cisco Umbrella Rank: 29942
node-ya13.jivosite.com — Cisco Umbrella Rank: 176195
363 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
jnn-pa.googleapis.com — Cisco Umbrella Rank: 324
121 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
static.doubleclick.net — Cisco Umbrella Rank: 411
2 KB
3 mstech.com.br
t-construtor.mstech.com.br
35 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 9
14 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 122
9 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 236
2 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5111
501 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 3033
249 B
1 safeprime.com.br
safeprime.com.br
936 B
93 15
Domain Requested by
18 oncorretor.com.br oncorretor.com.br
11 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
11 construtor.oncorretor.com.br oncorretor.com.br
10 www.youtube.com oncorretor.com.br
www.youtube.com
10 cdn-ukwest.onetrust.com oncorretor.com.br
cdn-ukwest.onetrust.com
7 code.jivosite.com oncorretor.com.br
code.jivosite.com
4 jnn-pa.googleapis.com www.youtube.com
3 t-construtor.mstech.com.br oncorretor.com.br
3 fonts.googleapis.com oncorretor.com.br
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.google.com oncorretor.com.br
www.youtube.com
2 www.google-analytics.com oncorretor.com.br
www.google-analytics.com
2 geolocation.onetrust.com cdn-ukwest.onetrust.com
1 node-ya13.jivosite.com code.jivosite.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.google.de oncorretor.com.br
1 stats.g.doubleclick.net www.google-analytics.com
1 api.ipify.org oncorretor.com.br
1 safeprime.com.br 1 redirects
93 22
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.onetrust.com
DigiCert SHA2 Secure Server CA		 2020-05-21 -
2022-07-27		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2022-02-07 -
2023-03-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.mstech.com.br
Go Daddy Secure Certificate Authority - G2		 2022-03-02 -
2023-04-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2		 2022-05-26 -
2023-06-04		 a year crt.sh

This page contains 2 frames:

Primary Page: https://oncorretor.com.br/
Frame ID: BBBE343A4BDEF1872EB1494764FE397C
Requests: 73 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Frame ID: A321607F7DDBD8BB36BE8FC2B725478E
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OnCorretor Back ButtonFilter Button

Page URL History Show full URLs

  1. https://safeprime.com.br/ HTTP 301
    https://oncorretor.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

93
Requests

99 %
HTTPS

85 %
IPv6

15
Domains

22
Subdomains

20
IPs

5
Countries

3596 kB
Transfer

8443 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://safeprime.com.br/ HTTP 301
    https://oncorretor.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

93 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
oncorretor.com.br/
Redirect Chain
  • https://safeprime.com.br/
  • https://oncorretor.com.br/
96 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET ARR/3.0
Resource Hash
96f8f0b1337dc317d30b3eb33f4544fd4bdd520aa915b328dc7f77ba4a900312
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
71bfd0577fe390e0-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 16 Jun 2022 01:36:19 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afl9TTB1THNzRRKXitBgr6VFFx3qoaXos8PjtcQYoWucVbwjFj%2FH9r2xB%2B7trv2m6jmX9sMPO1NxHf2wXB%2BlWnqzkEMSpcvs5Kv0xRs5zMdVZCDbh8YE%2FAr9cHj2je1HAhMQdIcrIyfZV868CqTxBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
statustext
OK
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
4.0
x-frame-options
AllowAll
x-powered-by
ASP.NET ARR/3.0
x-ua-compatible
IE=edge

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
71bfd053e96f9bb8-FRA
content-type
text/html; charset=utf-8
date
Thu, 16 Jun 2022 01:36:18 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://oncorretor.com.br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awmONFIe0MQHk1V35%2Bb23edTtOCKt0bSTlSFykPC4FV3Dxd9XIkB93TmQ5E88r%2F4ODuEaKgifurWdMNNjCGSE95%2FsVhmcJk8DdNiQy2PfRTZ5lKIIUO1k1p%2BUt8%2FwlGmRYFSohVCbDwV3n1Cu4GS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
statustext
Moved Permanently
x-aspnet-version
4.0.30319
x-aspnetmvc-version
4.0
x-frame-options
AllowAll
x-powered-by
ASP.NET ARR/3.0
x-ua-compatible
IE=edge
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
29a33a79af48c8ad7d48d1a3855b17c954160b7c68a2b0213236330b61e8149e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 00:22:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Jun 2022 01:36:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Jun 2022 01:36:19 GMT
otSDKStub.js
cdn-ukwest.onetrust.com/scripttemplates/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 16 Jun 2022 01:36:19 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
2R9GKwuxJTUynP4on2KYxQ==
age
13105
content-length
6921
x-ms-lease-status
unlocked
last-modified
Thu, 09 Jun 2022 16:29:45 GMT
server
cloudflare
etag
0x8DA4A3543A0728D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a7e6d8af-301e-0025-670c-7fbc28000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71bfd05aecf09143-FRA
expires
Thu, 16 Jun 2022 05:36:19 GMT
ThemesBase.min.css
oncorretor.com.br/content/bundles/ 		211 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
dde3fc2ba4dfaefd6743e37a32ebd98ecf8479a33df5cac651195f4e14ff7ea6
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:19 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Thu, 27 Jan 2022 22:08:49 GMT
server
cloudflare
x-frame-options
AllowAll
etag
W/"80aee975ca13d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8FczLEpwdCqTbWTcjf0Z5QLcurheFrYfXcN%2FIkGRGdOkYULnwk4pi56vLOa7%2BszHlju8yZmjqLwLbYoP6YK8JJ%2Fk6tfxIP04Njyv8Iv1EfoTSM6wKU6ezBV%2B0NbI91w24brmhaqDt4MvS%2FwXe9PBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
71bfd05aba1d90e0-FRA
statustext
OK
Tema_VinteDois.min.css
oncorretor.com.br/content/bundles/ 		52 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
e2629961fc2091083268d0be0af51b3f8f2a02963d162018e57e7dc1d26e75eb
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:19 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Thu, 26 Mar 2020 15:42:00 GMT
server
cloudflare
x-frame-options
AllowAll
etag
W/"664fb016853d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIt6frqF65pso7dpnoTP8cUyOyzbazUSKM2AogerXzclBw%2Fola8l7A%2BUm9PNJyoydyioJuOQrAEqWhhKU0o2zmMBrJseyAqWdXjr27VrGcZMqkSmCh8VJK8bqNaUpcV6GRXTX4YgGwwehGzca8631w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
71bfd05aba1e90e0-FRA
statustext
OK
bundleModernizr.min.js
oncorretor.com.br/scripts/bundles/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleModernizr.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
228e5724f42da8822bb4c023aa371dd929c43657c76a7a0cb6b13f555a29f79a
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:39:10 GMT
server
cloudflare
x-frame-options
AllowAll
etag
W/"0a337664157d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIuhpXr8m9fHF%2FXALAOWEVWhjTKimeeOMiPVpoh4ABwgWbO5Ep6wtjmc%2BUcDa5UFLUsauP0Mfz42nDpkD1FD3RrU0QYG5Jh%2BL14yuwaKok33Z5YrswrgiBYXjytOUeZ14iuK8e9DunZnofyOEb%2B0MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
71bfd05aba1f90e0-FRA
statustext
OK
bundleJQuery.min.js
oncorretor.com.br/scripts/bundles/ 		321 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleJQuery.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
793cd383b4dbe9f79f2b888a125618fc5d32178dda23bc3efe94d0ad82e15194
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Mon, 11 Mar 2019 13:48:40 GMT
server
cloudflare
x-frame-options
AllowAll
etag
W/"0ec2c2211d8d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxklMpqqdqsar9dsDeRjUYm13g8L27euNOF%2F163w52ZdyaFZ%2BEm5QhnXErXGmEC6WUxdLqooe9pPCljWD1OkgiVwOAxQMiVbrKYiF2U%2BVxP8Kca0p1%2B%2FrTTk%2By9LYkeAOwGVQBZsbbMY2kPH%2FQ7pvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
71bfd05aba2090e0-FRA
statustext
OK
bundleCustomUI.min.js
oncorretor.com.br/scripts/bundles/ 		257 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleCustomUI.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
00893508f19853cf53e765f8684789c6b51b74061bc28c0fd773a5a0e2e2ee46
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Thu, 27 Jan 2022 22:08:56 GMT
server
cloudflare
x-frame-options
AllowAll
etag
W/"0cc157aca13d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4q0dh6bCgQdcm7nKX7Ri8f0Bq5Sl0FsNnavOeMXes9s%2FCjiqnIvjJGvGQEdjY3cjPRZWOYxWY9zogjFswr5VmwCmlqIKo93Ftoa86v5l2PFBnS%2BQZ7dbPjrch%2FoKZARli3ASGHSoD17owu6s0yuSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
71bfd05aba2190e0-FRA
statustext
OK
bundleMst.min.js
oncorretor.com.br/scripts/bundles/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleMst.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
26e3c64b00ad8007a54332911a6c5a67c1a7d6303e51d7f24b90ee6fa91f1297
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:19 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Thu, 26 Mar 2020 15:42:11 GMT
server
cloudflare
x-frame-options
AllowAll
etag
W/"80cb3b1d853d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnFbEJPJtS%2BHaOjEAWkdJsGfY2Bz0%2BCtGo24jsYfC2v5ezY1z3qsXOCB3C%2BxmO5nHNiNgPuyrm3Qwczfoq5T24xd8I7Gy58KEu83AwQHfduk81i7ia9ARBcSTq9WLoqSBl2F2WYkTggGWel1M%2F3Ifg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
71bfd05aba2290e0-FRA
statustext
OK
echo.min.js
oncorretor.com.br/scripts/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/echo.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
21466243c4482fa9843b9b7bb460076520cab54532c018a86c9151db666bac40
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:19 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Mon, 18 Feb 2019 19:22:10 GMT
server
cloudflare
x-frame-options
AllowAll
etag
W/"0dd633ebfc7d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXF%2FGL2K27FQiaDHBGys19PjyoDFu6IDffQM5E%2BT%2Fx7MUdY1tiZFx%2Baatksrg3u85JfN4S1gW%2BAbJzsa7CNv5CarXEeQT%2B8rzPNhaFUyUlSJ4G8SECTEzofYFAfsTpbDR9J9k%2B0Wz9bojvekwTSQ1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
71bfd05aba2490e0-FRA
statustext
OK
ajax-loader.gif
oncorretor.com.br/Content/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/Content/images/ajax-loader.gif
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3208
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:38:44 GMT
server
cloudflare
x-frame-options
AllowAll
etag
"05ab8564157d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0ThTZcf3ztd%2FKPLwjsddioETlQTpR67W3VJGJoXlfelVVzm%2F6Ag4yJvwGBRZT0I7FFZUaQbUhfU3vW5HabiomqdLrRwBysidpfK3AJiYToB1PcZSIcT%2BIiv0T2d6grP0Y2OciksfDpgpcMwrR9RIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
accept-ranges
bytes
cf-ray
71bfd05cdcd89a0f-FRA
statustext
OK
http_imgload1.gif
oncorretor.com.br/content/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/content/images/http_imgload1.gif
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
e60853622a54f85bfb4bab4c133c54e3a304386dfb19c23c8512d10e50d56bf4
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1460
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:38:44 GMT
server
cloudflare
x-frame-options
AllowAll
etag
"05ab8564157d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJ9U%2BLuv02fYtd%2Fz1cS04i4pA2bn%2BYVAomhf3l%2Bni6ly6JMDGII1sd5ii6p2WmhereAiw7mBNyHzV5m9JzLiJ8W6Tg1gZmKbh9Ziy5GtpHV2dBeCSGR2hRfdqtb8Qxr3TyFnXZ6cs0PUwatiSjstBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
accept-ranges
bytes
cf-ray
71bfd05cdd069a0f-FRA
statustext
OK
ico-headset.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		403 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-headset.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
1c08d75229d36229f9db2aac485b2fd3d0a48c787afecbbbb8058d3fa0cda8d2
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aBRb2SD84UDcJtfDeuxHxpvtRWXODaWLrwrI8ITdIkEncOrU3LJUOLOUuGrMzI5QI%2BmGEG9Cp8zGtMW593isrQGLs2HwqTBMlTQvFK5v11RiRxAqmdf0GAJTEdRJhh8ATkwIMOVOLTLowYYg90EvlyxpAQENM9eh8uL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
71bfd05ceb3190e0-FRA
statustext
OK
ico-whatsapp.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		503 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-whatsapp.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
4fbe0518411a4427a60e5e7baf7c1b2d11731efd024cb239333ac0d530506456
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:19 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
39633
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8487l%2B10CX9OPXYLO9veNS1Zu7V%2FK2SXabuNXLm32x%2FAc%2Fc7JJBvV9iCpdyqr02UtWhkE050PE%2BDa8W8cYC1h7OLdpWDuj0Y5GVvpRBaCHO0m6GFYC8uDR1V7E8H9Bjk22uHVYVDuDrbdHD%2BEGQvEEN%2BJgLgVch6ZEt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
71bfd05ceb2d90e0-FRA
statustext
OK
ico-usuario.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		798 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-usuario.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
37f117fe797c82efbddf3dc26f13fa2a5e95897ea8d9b695de7caf206dd27565
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpsiEP%2FSPgS6srrd5qT5XzU46J8mlork7OlphWcos7ef%2Bkld%2BDVbhkNdKCHgE54DNYCODjrIJsKWtEq66iRUiLFg1HXIDuxywQ9bl9csain0Fy6ewkOnXFmMSHKT2YQj%2F%2Fqzg1LOYM2vmFQqQjK4gPWRob65aFvMeN7W"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
71bfd05ceb2b90e0-FRA
statustext
OK
ico-suporte.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-suporte.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
ebfd38a16291aa6acd56699f5839b9c6adc54be515d77bc8b25ac0d044e029ad
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:19 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
3764
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Thu, 12 Mar 2020 12:46:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YVfxm5mnscB6KF5csI5avMHSPn4rDsXqqnvhhTXHiiMVK1jrhVkNzYqCI4H6P0vy6eCfz8JCjQbkB%2FogzhtkU5N4%2B6FAtV608HXUq7JYyq1Mknb7lLRNFXDLx9WcTIaquTh3srK5Z10Y3%2FUvWVos7WZp53hv%2FxpQtmg"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
71bfd05ceb2f90e0-FRA
statustext
OK
ico-produtos-prontos.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-produtos-prontos.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
cfbb7d3aee4af4a0846149bd38dd50b4d12c624a20952150cc60159176a977fb
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:19 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
3764
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Mon, 27 Apr 2020 12:07:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Wh0bfMfXyfKA41X7D2alsALw1ncsXoVODFuRlF89gRdloTkUCVxREH3dDWGKmJZqF%2FyFKbdvgVhbDq4v%2FEPvqXoMFhKOgWB%2Fp9l60pZBC88lfZouAeoT1jDF9PNGMwRg%2BgVcxzJoiAnKMcsjhkPJonuy%2BJRVkR7r4Jp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
71bfd05ceb2e90e0-FRA
statustext
OK
ico-potencializa-presenca.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-potencializa-presenca.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
055740ee6c82f82a64354b7916b547e6946ba467dbbf6bf0c1c4eae0eaaedbaf
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:19 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
3764
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Mon, 27 Apr 2020 12:19:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=js36R5gWWOoBgfM6X5ebSbREw3Oze9W5%2FL83AlPTYHzOdB2TVmsce5huoMHqUtlaE56sE7I%2Fuw%2Ba6FoidNOT9%2FkbDS7tU5Pr6bMCTM7pgAOfHCCSxsR0jzNc0l4NJSU1Qwr2dQ5KLBHeuAgLkr%2BjhG4UmdQ3FwHic8CV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
71bfd05ceb3090e0-FRA
statustext
OK
ico-email-mkt.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-email-mkt.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
e3c408ae38a005bd07ee5354fe2e349e6578ed9d28ac65af523486e4873df4ea
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Thu, 12 Mar 2020 12:46:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TXPUvHj89HotebUvwV031%2FOopo%2Fy%2BvIm75oeCo3uX6tx3bnz9fTkF%2FxxKKVFXa4e16dK2b1jKOjQxAxnBU5QiVzaRpvCQZ%2BgO889TFn48RB0HWctn87suajG7Qh5R%2F7UEbaVEPtlX6%2FNUTKPrkO6sAmQf%2B%2BF%2BXB%2Fj%2FZ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
71bfd05d0d4d9a0f-FRA
statustext
OK
ico-cofrinho.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-cofrinho.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
41dfba8c597663a81aa3b5685cbfeb86ec2eb49ac5663bd3232f0aa42862ffcb
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Thu, 12 Mar 2020 12:46:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50Jf1eAHcyLUM7xUO3dTJ0HNk3z2ig02gHOZ4shjVMHQCf0EVKp%2F%2BrclRdY9uRJRU0Jv%2F14DrJMTvHUdIZ2vNdOCcYURWfwMh70FRNVwKeqQHL7tpK0EqdG9QawtCEuSYX39mcDMTawhu3%2Beuf0ekON%2BuecptIQ3WnDW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
71bfd05d0d4f9a0f-FRA
statustext
OK
ico-usuario-md.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-usuario-md.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
d69055c0bb25f88931abe7a5483ed1a66744a3b2960586c2d93891015a1d3b94
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHL3pJtrp6pcuJCSl7TMbdHTp7kzs0NImyJGUfXxq6Qpk62BE2hGsck8nzs3N%2BhuUDt%2BDErshFvsYmg3l09854n7AE0ureAfnlWclLdnBKgf7NQhxlbTEz250n3Bx1smwyqOgu%2F%2FausU8FiVRmILII67ebfLqmjaN442"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
71bfd05d0d509a0f-FRA
statustext
OK
email-decode.min.js
oncorretor.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 10 Jun 2022 21:22:53 GMT
server
cloudflare
etag
W/"62a3b62d-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2WLQ7oLYD5l1wGEHxnu2fg3UJN%2BaMFPfPwJbuBdlOatOeySSOy51en3j93%2FN2qIku4TXcKvFGwIkE1yr1qdt07BrTqJ3NjIxO8Ijnrf77u3SEsmKPBmy17KIk%2BD6WsabPeujXj4TMVFjWDQkm2fQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
71bfd05c7c799a0f-FRA
vary
Accept-Encoding
expires
Sat, 18 Jun 2022 01:36:19 GMT
4a4794da-bb8f-4f22-9f90-361901d2867b.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/4a4794da-bb8f-4f22-9f90-361901d2867b.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce2e0617f95c297d9cdb2ac5a31e520d929122c73a8ab2c22abf17d049cde74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 16 Jun 2022 01:36:19 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
ZAKwUaFYEsEwrgOPhKB5IA==
age
9206
content-length
1083
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:36 GMT
server
cloudflare
etag
0x8D86548C9A2AE38
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7b45d3ef-d01e-0024-7212-7fbdd5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71bfd05b2ba190a9-FRA
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		176 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bb57548114158248eff7588b52a51a1740695dd8792bd45227246b0f77d31c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://oncorretor.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:19 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
71bfd05b6bca90a9-FRA
access-control-allow-headers
Content-Type
css
fonts.googleapis.com/ 		14 KB
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700&display=swap
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
65cb2d8f09372a036e5b08b554323cd5c1760b49d25acb20ce37dca7ae989dba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 01:36:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Jun 2022 01:36:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Jun 2022 01:36:19 GMT
icon-zapzap.png
oncorretor.com.br/Content/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/Content/images/icon-zapzap.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
b2921cdf4de2dc6ade3d36eeb95dce7cd56bfdac50c346fcfe50cbf7d799b1f9
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19212
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:38:44 GMT
server
cloudflare
x-frame-options
AllowAll
etag
"05ab8564157d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNz%2Ff2wcAXDp2mjK5QwLqdz2g2oJZPYGemPLnQjNZ3yXul%2BIIYqeVhG%2Ff0GLCOQTxxNiBRpoPn%2FptwnMF4bGXlp8YWLZ4EdsOKTLQaBVA%2Bi0BWfVIIdqRGdEU8qubcttIaK695z3Ir2EzmWnWvQCtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
accept-ranges
bytes
cf-ray
71bfd05ced0b9a0f-FRA
statustext
OK
bundleUnobtrusive.min.js
oncorretor.com.br/scripts/bundles/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleUnobtrusive.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
ce6187956822e965a48b8f8d5af506c9308282cea73c424c3573013c09c87adb
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Wed, 02 Jun 2021 15:12:14 GMT
server
cloudflare
x-frame-options
AllowAll
etag
W/"01b1abc157d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lah3GBHwLRWCZJOtuv2%2BUjt0jgZUKiYbcVDsxXcJ5aMdNLRlbcSMYaWKfzNqwTavREwl9dlpGb77fmTsUvIBo9VYaPEh34zncBo7wuGu0v%2FfjOS0fXcIvo062AnSFHrrtxTSq5Z29ytgQOxPGbpYCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
71bfd05cacaa9a0f-FRA
statustext
OK
otBannerSdk.js
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/ 		338 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 16 Jun 2022 01:36:19 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
Xs4BplpA7QV+zkRYpo3+wA==
age
10357
content-length
73082
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:31 GMT
server
cloudflare
etag
0x8D854CC113CF89C
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
da7810b5-501e-0071-490c-7f56a2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71bfd05ceee99143-FRA
expires
Thu, 16 Jun 2022 05:36:19 GMT
css
fonts.googleapis.com/ 		328 KB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
602e6102a9d386bf6321e43dc289605c5c3d413f98a84abcf9addae89633e1cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 01:36:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 16 Jun 2022 01:36:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Jun 2022 01:36:19 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2833
date
Thu, 16 Jun 2022 00:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 16 Jun 2022 02:49:07 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 19:26:22 GMT
x-content-type-options
nosniff
age
22198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:26:22 GMT
/
api.ipify.org/ 		65 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=jsonp&callback=jQuery17109674408474494216_1655343380018&_=1655343380034
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/scripts/bundles/bundleJQuery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.20.78.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-78-240.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
a42bb5b86a55ca2acac4cb468eccde96b5352c0b20f2dd37021613901d714d46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 01:36:20 GMT
Via
1.1 vegur
Server
Cowboy
Connection
keep-alive
Content-Length
65
Vary
Origin
Content-Type
application/javascript
banner-home1.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		661 KB
661 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/banner-home1.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
546cd586e691a114a7dd6a258b7c1e07561b3232226375dc54d80133d687a1f8
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlBaZ0BE5Dn1gNiZSIWkG99n0i5P7pUZYT9Ntht9g9XXnxyP%2F4rNiPeAPFbTWPpS44wCIYIWubkvFTIX6XRU%2FnjcgQmMpzDS5Au149bE3b837gP6kbn41mmc%2BfXXmw3iWwJ4B3o5jjsVqPLBHf0srZdMneJX0HGl%2F2AB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
71bfd05d4d8d9a0f-FRA
statustext
OK
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.118.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21bcdb45a9da93f60db773abfc0660347b15f2f363baacf2b2be56747befc3d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 18:07:00 GMT
x-content-type-options
nosniff
age
199760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17576
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:55:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 18:07:00 GMT
xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.118.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40f23f7fb2798d8febd60d5c42ea1694370b18e5fe91fbe7783df98358d7973b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 16:17:54 GMT
x-content-type-options
nosniff
age
206306
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17684
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 16:17:54 GMT
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.117.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34a693cbdc7707515a18d4a070c9422d9ffa212148ffc19407e7da937e0bffc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 14:59:26 GMT
x-content-type-options
nosniff
age
211014
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13340
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:55:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 14:59:26 GMT
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.119.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a31dd135b233457652c1f5373c3eb05202bf106bef31f0a6a46654e5235f7719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 10:42:53 GMT
x-content-type-options
nosniff
age
226407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60552
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:55:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 10:42:53 GMT
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.59.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.59.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0668f33995f935ba82833d444f697f83d9bc10829895199f30aed5eb63ee4c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 12:21:10 GMT
x-content-type-options
nosniff
age
220510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18900
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:03:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 12:21:10 GMT
xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.119.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c79f1d4b1143b7b00fc82fbc8d80557525d7d127e0203a90ba23fbd8578fedee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 08:45:40 GMT
x-content-type-options
nosniff
age
147040
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60536
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:04:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 08:45:40 GMT
NFhZ1WJYYy0
www.youtube.com/embed/ Frame A321 		64 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fdcb31e5328da3481e0abc7877e27247f541d8cd1949dd105640e95ca00f9a27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oncorretor.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 16 Jun 2022 01:36:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 12:16:38 GMT
x-content-type-options
nosniff
age
220782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 12:16:38 GMT
4a4794da-bb8f-4f22-9f90-361901d2867b.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/4a4794da-bb8f-4f22-9f90-361901d2867b.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce2e0617f95c297d9cdb2ac5a31e520d929122c73a8ab2c22abf17d049cde74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 16 Jun 2022 01:36:20 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
ZAKwUaFYEsEwrgOPhKB5IA==
age
9207
content-length
1083
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:36 GMT
server
cloudflare
etag
0x8D86548C9A2AE38
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7b45d3ef-d01e-0024-7212-7fbdd5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71bfd05d6cbf90a9-FRA
multicanal.woff
oncorretor.com.br/content/themes/base/fonts/multicanal/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/base/fonts/multicanal/multicanal.woff?-t2jzsm
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
fa558d01b7f707708794361234c368ea9891bbc35ba8b029cc8dd983e020468f
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2952
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:39:02 GMT
server
cloudflare
x-frame-options
AllowAll
etag
"0ef72614157d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWa9q8lOZBmpihKmvksRnt%2FfaQaUuZafoHPg5K2M3FV11zxneImSWKHCvCDHgASyvvgx2%2FI4NYB7mdEP%2BP2WwBg9FSXmkq%2FISwYcngEHYHUEWkvVBdTb5n7ziv4mWfY6178nOeiWSzKJ1yJxSgXv4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-woff
accept-ranges
bytes
cf-ray
71bfd05d7e059a0f-FRA
statustext
OK
pt.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/ 		20 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/pt.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157cef6e4bf8b2f6648030cec38d547ae654e35bca30baa4201dfc12031a6ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 16 Jun 2022 01:36:20 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
pD91Xah8p1mVB+xlu8vNyg==
age
9207
content-length
7803
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:39 GMT
server
cloudflare
etag
0x8D86548CB345E78
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bd657dd7-c01e-0056-3712-7fcceb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71bfd05d8cdd90a9-FRA
logo-novo.png
oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/logo-novo.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
955139a6a1bde39ba8e112a8b38f7c215573155230749bb62748ea5b91f55f47
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 12 Apr 2022 11:14:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TA6zWQgfjRJDbnROHwEtQCVSplSV3JFsYtaZZktK%2B%2Fw%2BA3%2BAEfbK%2BL9pOX2Fl%2F9G4R3GAve7WNf4gkOU4kvkRcMr80pUeXa5syO%2F5MpmlI3CqhTNIQF4jFO8Nu68CtJx9ahl7n7RxnC8waZmil1fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
cf-ray
71bfd05d8e3a9a0f-FRA
statustext
OK
taoui.woff
oncorretor.com.br/content/themes/base/fonts/ 		100 KB
101 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/base/fonts/taoui.woff
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
abff1010af6774dbb9d1c68772e63a66f95b2aeb273af6b272ddc6cc6f9b6cf8
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
102464
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:39:02 GMT
server
cloudflare
x-frame-options
AllowAll
etag
"0ef72614157d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7FlAg5MGABHYT1zCOi6KhJtYlEpg7eLXubp7QFPQNX2GKwNrzqnRNWfBoC8vUIKvFdpZFpjI%2FF7wteCzq8Tl%2F6HDe1MMiVL%2FqHVJg3Mcyb8%2F9h5KzQ%2FvwBCvSfuaFbFQiaZ4xZ7s0s9x9OzkyVpSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-woff
accept-ranges
bytes
cf-ray
71bfd05d8e3b9a0f-FRA
statustext
OK
ms-social-icon.woff
oncorretor.com.br/content/themes/Tema_VinteDois/fonts/ms-social-iconfont/ 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/Tema_VinteDois/fonts/ms-social-iconfont/ms-social-icon.woff
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
9c1517ae49ee0ae83a7da4416a0a4b797d5bfe6c822aac88a584457341875de4
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2280
x-ua-compatible
IE=edge
last-modified
Mon, 18 Feb 2019 19:21:34 GMT
server
cloudflare
x-frame-options
AllowAll
etag
"0b3ee28bfc7d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jaJTytlTSgY8KLwo4mTdKMUFznU2NLEOahBEq%2FDW9HxoeqbL7ktjL9maIa4Pyl2OdqijCRpS6d8z55NN0HMc7Vsou0krtoX2izKJ73vC8LZgCuw0Z5m6ugC6o7JFzbXNkDLzgqa%2FIOZfF97NcKUg7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-woff
accept-ranges
bytes
cf-ray
71bfd05d8e3c9a0f-FRA
statustext
OK
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		176 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bb57548114158248eff7588b52a51a1740695dd8792bd45227246b0f77d31c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://oncorretor.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
71bfd05dacf490a9-FRA
access-control-allow-headers
Content-Type
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=326434036&t=pageview&_s=1&dl=https%3A%2F%2Foncorretor.com.br%2F&ul=en-us&de=UTF-8&dt=OnCorretor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1902450771&gjid=215662557&cid=648436648.1655343380&tid=UA-56771285-5&_gid=1341478856.1655343380&_r=1&_slc=1&z=883951609
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oncorretor.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 01:36:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oncorretor.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pt.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/ 		20 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/pt.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157cef6e4bf8b2f6648030cec38d547ae654e35bca30baa4201dfc12031a6ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 16 Jun 2022 01:36:20 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
pD91Xah8p1mVB+xlu8vNyg==
age
9207
content-length
7803
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:39 GMT
server
cloudflare
etag
0x8D86548CB345E78
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bd657dd7-c01e-0056-3712-7fcceb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71bfd05e0d4390a9-FRA
bg-video.png
t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ 		16 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/bg-video.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
177.87.154.110 Bauru, Brazil, ASN52579 (Noroestecom Telecomunicacoes Ltda, BR),
Reverse DNS
r-110.154-87-177.nrttelecom.com.br
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
fdb409788f6e7f06297d50fdc6f9dcf2b50682e8d9aeb61890d490fe21203b5d
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:18 GMT
content-encoding
gzip
etag
18954868EE0F58E68DC7B7654BC5BB0F
x-aspnetmvc-version
4.0
last-modified
Fri, 18 Feb 2022 09:49:32 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
statustext
OK
x-frame-options
AllowAll
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
content-length
14974
x-ua-compatible
IE=edge
ico-mais.png
t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ 		304 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ico-mais.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
177.87.154.110 Bauru, Brazil, ASN52579 (Noroestecom Telecomunicacoes Ltda, BR),
Reverse DNS
r-110.154-87-177.nrttelecom.com.br
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
2f00a55ead5f3a0e71d787e3abe319f80fb2c7fa396462e0e564224152ebcad3
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:18 GMT
content-encoding
gzip
etag
AAD7FC5A8E838EB27BF523F5EE86CDA1
x-aspnetmvc-version
4.0
last-modified
Fri, 18 Feb 2022 15:58:48 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
statustext
OK
x-frame-options
AllowAll
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
content-length
321
x-ua-compatible
IE=edge
bg-depoimentos-fundo-azul.png
t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/bg-depoimentos-fundo-azul.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
177.87.154.110 Bauru, Brazil, ASN52579 (Noroestecom Telecomunicacoes Ltda, BR),
Reverse DNS
r-110.154-87-177.nrttelecom.com.br
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
c3b0b9c27918fc81b2e8ebcc325faa67560b7dc9a1f0437d9fbc72ecedc039ab
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:18 GMT
content-encoding
gzip
etag
42FB0D410D4C9283E5243246EFE80718
x-aspnetmvc-version
4.0
last-modified
Fri, 18 Feb 2022 19:22:50 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
statustext
OK
x-frame-options
AllowAll
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
content-length
19043
x-ua-compatible
IE=edge
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v29/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 10:35:09 GMT
x-content-type-options
nosniff
age
226871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47924
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 10:35:09 GMT
dailyaccess
oncorretor.com.br/sys/ 		0
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/sys/dailyaccess
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/scripts/bundles/bundleJQuery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Accept
*/*
Referer
https://oncorretor.com.br/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEInSqowf1Fo2IuUHF5Yn7fLXEmG87IOcuIgUS1oj9%2Fgv50keuM1QMpFsE7EVYrLBFmImb1dXJu4zQ9hdCJjaLhZrkVsH9bwap5g3lZ5iQOs7QRruRkoRp52nZwWgBe1E9I8DElq7k4vTfJvFQuYQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private
cf-ray
71bfd05e3eda9a0f-FRA
statustext
OK
www-player.css
www.youtube.com/s/player/df5197e2/ Frame A321 		338 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/df5197e2/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd775351a78c275a252b2d39d2d956d759d35ddd0ff5a4625131e1c2ba3c6c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 16:56:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
31193
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47569
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 17:17:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 15 Jun 2023 16:56:27 GMT
www-embed-player.js
www.youtube.com/s/player/df5197e2/www-embed-player.vflset/ Frame A321 		304 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/df5197e2/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecc9d1f7847e9d330923bcf866f1f51f31906076c82e4591e11bc89a55d5601a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 16:56:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
31171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96191
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 17:17:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 15 Jun 2023 16:56:49 GMT
base.js
www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/ Frame A321 		2 MB
535 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef36a1c3e9ae388659ceb39bc9b167315872e159c20e24f284d7e1774303d380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 16:58:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
31048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
547759
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 17:17:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 15 Jun 2023 16:58:52 GMT
fetch-polyfill.js
www.youtube.com/s/player/df5197e2/fetch-polyfill.vflset/ Frame A321 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/df5197e2/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 16:56:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
31171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 17:17:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 15 Jun 2023 16:56:49 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-56771285-5&cid=648436648.1655343380&jid=1902450771&gjid=215662557&_gid=1341478856.1655343380&_u=IEDAAEAAAAAAAC~&z=161944040
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oncorretor.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 16 Jun 2022 01:36:20 GMT
content-type
text/plain
access-control-allow-origin
https://oncorretor.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
otFlat.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otFlat.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 16 Jun 2022 01:36:20 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
R7qOr1WClmhADOzbz5s+Bw==
age
9207
content-length
3248
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:20 GMT
server
cloudflare
etag
0x8D854CC0AEB8866
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
68e22f44-201e-0057-4e12-7fcd16000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71bfd05e6d9e90a9-FRA
expires
Thu, 16 Jun 2022 05:36:20 GMT
otPcTab.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		57 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otPcTab.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 16 Jun 2022 01:36:20 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
Mg7iJdVoxVGmqw/VwCobbQ==
age
9207
content-length
14112
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:22 GMT
server
cloudflare
etag
0x8D854CC0BEE9132
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
244448f9-101e-0039-1312-7f643f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71bfd05e6d9f90a9-FRA
expires
Thu, 16 Jun 2022 05:36:20 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A321 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
116979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Jun 2023 17:06:41 GMT
otFlat.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otFlat.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 16 Jun 2022 01:36:20 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
R7qOr1WClmhADOzbz5s+Bw==
age
9207
content-length
3248
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:20 GMT
server
cloudflare
etag
0x8D854CC0AEB8866
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
68e22f44-201e-0057-4e12-7fcd16000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71bfd05e7daa90a9-FRA
expires
Thu, 16 Jun 2022 05:36:20 GMT
otPcTab.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		57 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otPcTab.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 16 Jun 2022 01:36:20 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
Mg7iJdVoxVGmqw/VwCobbQ==
age
9207
content-length
14112
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:22 GMT
server
cloudflare
etag
0x8D854CC0BEE9132
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
244448f9-101e-0039-1312-7f643f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
71bfd05e7dab90a9-FRA
expires
Thu, 16 Jun 2022 05:36:20 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56771285-5&cid=648436648.1655343380&jid=1902450771&_u=IEDAAEAAAAAAAC~&z=375500326
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 01:36:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-56771285-5&cid=648436648.1655343380&jid=1902450771&_u=IEDAAEAAAAAAAC~&z=375500326
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 01:36:20 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 19:26:22 GMT
x-content-type-options
nosniff
age
22198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:26:22 GMT
id
googleads.g.doubleclick.net/pagead/ Frame A321
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H3
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25d402fa573a9ce70779e4fddf3a4c8b8f8b20dba213475dcbd29e91b9e96cfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 16 Jun 2022 01:36:20 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame A321 		29 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:34:43 GMT
x-content-type-options
nosniff
age
97
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Jun 2022 01:49:43 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 16 Jun 2022 01:36:20 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A321 		63 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ff825049b61faf3507aee77d3c1b2eba7d59fd68414bad1d0031440f217089b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
29884
x-xss-protection
0
remote.js
www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/ Frame A321 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2525fcabe966c2f81330c969432129f12cac22ab1cc9d44467a31abf48d587a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 16:58:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
31047
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37788
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 17:17:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 15 Jun 2023 16:58:53 GMT
7qS9JJo7a9zMzqgT3CXmNG9Z98ZtOs5mh5hifsJrjL4.js
www.google.com/js/th/ Frame A321 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/7qS9JJo7a9zMzqgT3CXmNG9Z98ZtOs5mh5hifsJrjL4.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eea4bd249a3b6bdccccea813dc25e6346f59f7c66d3ace668798627ec26b8cbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 05:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
73881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13857
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 11:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Jun 2023 05:04:59 GMT
embed.js
www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/ Frame A321 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44e2474118cb6ab895bd59607076b4c1f5ddb57de61ea9695cd50da147ab3694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:00:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
30954
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8105
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 17:17:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 15 Jun 2023 17:00:26 GMT
truncated
/ Frame A321 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
AKedOLQsDG91g26JSCLA5n-y3F8hGss7UnmQVXP5ZQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A321 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLQsDG91g26JSCLA5n-y3F8hGss7UnmQVXP5ZQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dc91aba1c20d01aeba865b192be8f66177a3f04a7d77f06dfc7763369a0941f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1264
x-xss-protection
0
expires
Fri, 17 Jun 2022 01:36:20 GMT
hqdefault.webp
i.ytimg.com/vi_webp/NFhZ1WJYYy0/ Frame A321 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/NFhZ1WJYYy0/hqdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19c8e4a779d69e8a000b558766466ef9d732f554170eae795bf2570b7be02f90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
x-content-type-options
nosniff
server
sffe
etag
"1587730858"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8612
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 16 Jun 2022 03:36:20 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame A321 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 16 Jun 2022 01:36:23 GMT
generate_204
www.youtube.com/ Frame A321 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?QTJ1fw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A321 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cb94cca5c88904d6095fec0fd972ac6954208efa5c81026054e9bfa7da412e69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 16 Jun 2022 01:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 16 Jun 2022 01:36:20 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame A321 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
X-YouTube-Client-Version
1.20220614.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtGODVOMHloLW9UTSiUkqqVBg%3D%3D
X-YouTube-Ad-Signals
dt=1655343380288&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C700%2C394&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 16 Jun 2022 01:36:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 16 Jun 2022 01:36:22 GMT
cast_sender.js
www.gstatic.com/eureka/clank/102/ Frame A321 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/102/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 07:23:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15092
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 15:13:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 16 Jun 2022 07:23:50 GMT
log_event
www.youtube.com/youtubei/v1/ Frame A321 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/df5197e2/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
X-YouTube-Client-Version
1.20220614.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtGODVOMHloLW9UTSiUkqqVBg%3D%3D
X-YouTube-Ad-Signals
dt=1655343380387&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C700%2C394&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 16 Jun 2022 01:36:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 16 Jun 2022 01:36:25 GMT
E03uZOYcoB
code.jivosite.com/script/widget/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/script/widget/E03uZOYcoB
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2075fed6f64580bf3b7b6dc67d2a20ac46609c6e8d3ef1b7fbb049034e1f404e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Thu, 16 Jun 2022 01:36:26 GMT
content-encoding
br
access-control-allow-origin
*
x-geo-shard
ya
content-length
5948
last-modified
Tue, 07 Jun 2022 12:08:11 GMT
server
nginx
etag
"629f3fab-173c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 sharxy
cache-control
max-age=7200
cache
MISS
accept-ranges
bytes
expires
Thu, 16 Jun 2022 03:36:26 GMT
E03uZOYcoB
code.jivosite.com/script/widget/config/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/script/widget/config/E03uZOYcoB
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/script/widget/E03uZOYcoB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
39b7d1e2624361603740ffbaacd6ffff551af02749acfa33929f75e91e5543ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 16 Jun 2022 01:36:26 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
MISS
accept-ranges
bytes
x-geo-shard
ya
content-length
1052
via
1.1 sharxy
expires
Thu, 16 Jun 2022 03:36:26 GMT
E03uZOYcoB
node-ya13.jivosite.com/widget/status/466355/ 		79 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node-ya13.jivosite.com/widget/status/466355/E03uZOYcoB?rnd=0.9006615457383551
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/script/widget/E03uZOYcoB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.154.209.182 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
foxy/1.6.8 /
Resource Hash
676f3f91bcbfd92e2e31953e740f83279fa1f6ee4cb300080d7af150a604edaf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
frame-ancestors 'none';
server
foxy/1.6.8
x-botmode
no
x-geoip
DE;SH;T\u00f6nning
x-frame-options
DENY
content-type
application/json; charset=utf-8;
access-control-allow-origin
https://oncorretor.com.br
access-control-expose-headers
X-Geoip, X-Botmode
cache-control
no-cache, no-store, must-revalidate
date
Thu, 16 Jun 2022 01:36:26 GMT
access-control-allow-max-age
1728000
access-control-allow-credentials
true
content-length
79
bundle_pt_BR.js
code.jivosite.com/js/ 		1 MB
284 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/js/bundle_pt_BR.js?rand=1654607199
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/script/widget/E03uZOYcoB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4fc3621810236e437fbb699c663670cfcd14923f7dba3aaae4d3966b784fc73c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Thu, 16 Jun 2022 01:36:26 GMT
content-encoding
br
access-control-allow-origin
*
x-cached-since
2022-06-15T13:09:44+00:00
x-geo-shard
ya
content-length
290474
last-modified
Tue, 07 Jun 2022 12:09:31 GMT
server
nginx
etag
"629f3ffb-46eaa"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 sharxy
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
widget.css
code.jivosite.com/css/9cb05c5/ 		273 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/css/9cb05c5/widget.css
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9d49c5d196b6fcf5c3041c700dd918bf8d9b9e8d88e716543ab4ae46241ea1d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-id
fr5-up-gc37
date
Thu, 16 Jun 2022 01:36:27 GMT
content-encoding
br
x-cached-since
2022-06-08T13:13:38+00:00
x-geo-shard
ya
content-length
57739
last-modified
Tue, 07 Jun 2022 12:09:08 GMT
server
nginx
etag
"629f3fe4-e18b"
vary
Accept-Encoding
content-type
text/css
via
1.1 sharxy
cache-control
max-age=864000
cache
HIT
accept-ranges
bytes
expires
Sat, 18 Jun 2022 13:13:38 GMT
truncated
/ 		393 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		447 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbff77a83a31dea8639a147fd79cad4fd3dbfda07977788c2d6b3f6bf9a88e1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
agent_message.mp3
code.jivosite.com/sounds/ 		4 KB
4 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/agent_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer
https://oncorretor.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc34
date
Thu, 16 Jun 2022 01:36:27 GMT
via
1.1 sharxy
x-cached-since
2022-06-08T13:24:04+00:00
Content-Range
bytes 0-3759/3760
x-geo-shard
ya
Content-Length
3760
last-modified
Tue, 07 Jun 2022 12:07:25 GMT
server
nginx
etag
"629f3f7d-eb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Fri, 08 Jul 2022 13:24:04 GMT
notification.mp3
code.jivosite.com/sounds/ 		6 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/notification.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer
https://oncorretor.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc32
date
Thu, 16 Jun 2022 01:36:27 GMT
via
1.1 sharxy
x-cached-since
2022-06-08T13:14:24+00:00
Content-Range
bytes 0-5807/5808
x-geo-shard
ya
Content-Length
5808
last-modified
Tue, 07 Jun 2022 12:07:25 GMT
server
nginx
etag
"629f3f7d-16b0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Fri, 08 Jul 2022 13:14:24 GMT
outgoing_message.mp3
code.jivosite.com/sounds/ 		5 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/outgoing_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer
https://oncorretor.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc32
date
Thu, 16 Jun 2022 01:36:27 GMT
via
1.1 sharxy
x-cached-since
2022-06-08T13:14:51+00:00
Content-Range
bytes 0-5013/5014
x-geo-shard
ya
Content-Length
5014
last-modified
Tue, 07 Jun 2022 12:07:25 GMT
server
nginx
etag
"629f3f7d-1396"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Fri, 08 Jul 2022 13:14:51 GMT
banner-home2.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		715 KB
716 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/banner-home2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
d69a134b0217c76f17237a5a4c240a63b085f3013a5e5d2490a81ada18704459
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 01:36:28 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqDZXyIZPuPccLmB6viKu0wghJstDLhyyvZcBYU%2Fvey%2FCmdhYgbd34d9fHbHqAevxZxarAENX4%2Bx%2FtZg5Ft%2BmE8nRdabAWrdrVsiPV5vebL7SQNfJ8l%2BL0QZUW4pfCYwgPLerIkJnpCbhKoCr9ZokOWhHoDOSl1MFv43"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
71bfd0905cbf9a0f-FRA
statustext
OK

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| OneTrustStub function| OptanonWrapper string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData string| GoogleAnalyticsObject function| ga function| RemoverClasseImgLoadDataEcho object| _arrMaps object| html5 object| Modernizr function| yepnope function| $ function| jQuery function| ShowLayoutEmpty function| ValidateCpf function| ValidateCnpj object| tao function| isMobile function| NodeInfo object| jQuery17109674408474494216 function| $DNA_Web function| $DNA_Page function| $DNA_FUC_InstallPKG function| $DNA_Application object| echo string| ip boolean| allowCookie function| aceitarCookie boolean| existeMensagemAviso function| fecharModalMensagemAviso function| setCookie function| getCookie function| checkCookie undefined| jQuery17109674408474494216_1655343380018 object| Video string| css boolean| first boolean| chatNaBarra function| mostraChat object| barraMulti number| alturaBarra object| divChat function| jivo_onLoadCallback function| jivo_onOpen string| eventType string| eventTypeTel object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| webId boolean| fullScreen boolean| aparenciaComFundoImagemTopo function| requireWidgetScript function| countClickVendaOnline function| contaBarra function| bindVideoFullScreen function| onVideoFullScreen function| AtualizarImagemFundoTopo function| abrirModalLoginCorretor function| redirecionarParaLoginCorretor function| validarModalLoginCorretor object| app object| $T object| Optanon object| OneTrust function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| jivo_config string| jivo_version object| jivo_api

11 Cookies

Domain/Path Name / Value
safeprime.com.br/ Name: .ASPXANONYMOUS
Value: i_Ea9nnvJEKBRGG6vCEuz2YpU1bls0RmWdxOi-vIUuju1Y8V_92MzBpV8QS6Ne9xOblyUgSVpCHTpwNEIcymkTfjrdTOP_Qclpxtmx6o8i4W7Tf0RbgXmxtA6GXtRLkruwvUWKq05tW-Lzph2wssdw2
.safeprime.com.br/ Name: OnCorretorAffinity
Value: 79df80744d23799ed90d56191c3ef493022f074b9b4f1d1d4d46c94b65d04224
oncorretor.com.br/ Name: .ASPXANONYMOUS
Value: oCiajElpH1wEve5261AevsezRBTKK8CTe3xjs2uDkOsBtsswKBOuln-DmQm0LKfURrV1DqM_NmW4L5V6NcS8DNb1tnxR898MIB6qOiyQkA2fc5fk8WMosPRWI3ieOqSxiU9ieTslVzlq0mPlh9T49g2
.oncorretor.com.br/ Name: OnCorretorAffinity
Value: 79df80744d23799ed90d56191c3ef493022f074b9b4f1d1d4d46c94b65d04224
oncorretor.com.br/ Name: popup-mensagemAviso-aberto
Value: 0
.oncorretor.com.br/ Name: _ga
Value: GA1.3.648436648.1655343380
.oncorretor.com.br/ Name: _gid
Value: GA1.3.1341478856.1655343380
.oncorretor.com.br/ Name: _gat_newTracker
Value: 1
.youtube.com/ Name: YSC
Value: kVRpAgMvIHk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: F85N0yh-oTM
.oncorretor.com.br/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Thu+Jun+16+2022+01%3A36%3A20+GMT%2B0000+(GMT)&version=6.6.0&hosts=&consentId=964525e6-025e-4a5d-9ee8-12fd3726e840&interactionCount=0&landingPath=https%3A%2F%2Foncorretor.com.br%2F&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options AllowAll

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
cdn-ukwest.onetrust.com
code.jivosite.com
construtor.oncorretor.com.br
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
node-ya13.jivosite.com
oncorretor.com.br
safeprime.com.br
static.doubleclick.net
stats.g.doubleclick.net
t-construtor.mstech.com.br
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
www.youtube.com
yt3.ggpht.com
177.87.154.110
178.154.209.182
2606:4700:10::6814:b844
2606:4700:3036::ac43:bc97
2606:4700:3037::ac43:a841
2a00:1450:4001:802::200e
2a00:1450:4001:803::2004
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:813::2016
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:400c:c09::9c
2a03:90c0:41:2801::254
52.20.78.240
00893508f19853cf53e765f8684789c6b51b74061bc28c0fd773a5a0e2e2ee46
055740ee6c82f82a64354b7916b547e6946ba467dbbf6bf0c1c4eae0eaaedbaf
0ff825049b61faf3507aee77d3c1b2eba7d59fd68414bad1d0031440f217089b
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
157cef6e4bf8b2f6648030cec38d547ae654e35bca30baa4201dfc12031a6ab8
19c8e4a779d69e8a000b558766466ef9d732f554170eae795bf2570b7be02f90
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
1c08d75229d36229f9db2aac485b2fd3d0a48c787afecbbbb8058d3fa0cda8d2
2075fed6f64580bf3b7b6dc67d2a20ac46609c6e8d3ef1b7fbb049034e1f404e
21466243c4482fa9843b9b7bb460076520cab54532c018a86c9151db666bac40
21bcdb45a9da93f60db773abfc0660347b15f2f363baacf2b2be56747befc3d8
228e5724f42da8822bb4c023aa371dd929c43657c76a7a0cb6b13f555a29f79a
2525fcabe966c2f81330c969432129f12cac22ab1cc9d44467a31abf48d587a1
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25d402fa573a9ce70779e4fddf3a4c8b8f8b20dba213475dcbd29e91b9e96cfb
26e3c64b00ad8007a54332911a6c5a67c1a7d6303e51d7f24b90ee6fa91f1297
29a33a79af48c8ad7d48d1a3855b17c954160b7c68a2b0213236330b61e8149e
2f00a55ead5f3a0e71d787e3abe319f80fb2c7fa396462e0e564224152ebcad3
34a693cbdc7707515a18d4a070c9422d9ffa212148ffc19407e7da937e0bffc4
37f117fe797c82efbddf3dc26f13fa2a5e95897ea8d9b695de7caf206dd27565
39b7d1e2624361603740ffbaacd6ffff551af02749acfa33929f75e91e5543ad
3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40f23f7fb2798d8febd60d5c42ea1694370b18e5fe91fbe7783df98358d7973b
41dfba8c597663a81aa3b5685cbfeb86ec2eb49ac5663bd3232f0aa42862ffcb
44e2474118cb6ab895bd59607076b4c1f5ddb57de61ea9695cd50da147ab3694
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4fbe0518411a4427a60e5e7baf7c1b2d11731efd024cb239333ac0d530506456
4fc3621810236e437fbb699c663670cfcd14923f7dba3aaae4d3966b784fc73c
546cd586e691a114a7dd6a258b7c1e07561b3232226375dc54d80133d687a1f8
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
602e6102a9d386bf6321e43dc289605c5c3d413f98a84abcf9addae89633e1cc
65cb2d8f09372a036e5b08b554323cd5c1760b49d25acb20ce37dca7ae989dba
676f3f91bcbfd92e2e31953e740f83279fa1f6ee4cb300080d7af150a604edaf
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
793cd383b4dbe9f79f2b888a125618fc5d32178dda23bc3efe94d0ad82e15194
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ce2e0617f95c297d9cdb2ac5a31e520d929122c73a8ab2c22abf17d049cde74
955139a6a1bde39ba8e112a8b38f7c215573155230749bb62748ea5b91f55f47
96f8f0b1337dc317d30b3eb33f4544fd4bdd520aa915b328dc7f77ba4a900312
9bb57548114158248eff7588b52a51a1740695dd8792bd45227246b0f77d31c0
9c1517ae49ee0ae83a7da4416a0a4b797d5bfe6c822aac88a584457341875de4
9d49c5d196b6fcf5c3041c700dd918bf8d9b9e8d88e716543ab4ae46241ea1d1
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a31dd135b233457652c1f5373c3eb05202bf106bef31f0a6a46654e5235f7719
a42bb5b86a55ca2acac4cb468eccde96b5352c0b20f2dd37021613901d714d46
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
abff1010af6774dbb9d1c68772e63a66f95b2aeb273af6b272ddc6cc6f9b6cf8
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2921cdf4de2dc6ade3d36eeb95dce7cd56bfdac50c346fcfe50cbf7d799b1f9
bbff77a83a31dea8639a147fd79cad4fd3dbfda07977788c2d6b3f6bf9a88e1a
c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c3b0b9c27918fc81b2e8ebcc325faa67560b7dc9a1f0437d9fbc72ecedc039ab
c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5
c79f1d4b1143b7b00fc82fbc8d80557525d7d127e0203a90ba23fbd8578fedee
cb94cca5c88904d6095fec0fd972ac6954208efa5c81026054e9bfa7da412e69
ce6187956822e965a48b8f8d5af506c9308282cea73c424c3573013c09c87adb
cfbb7d3aee4af4a0846149bd38dd50b4d12c624a20952150cc60159176a977fb
d0668f33995f935ba82833d444f697f83d9bc10829895199f30aed5eb63ee4c5
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d69055c0bb25f88931abe7a5483ed1a66744a3b2960586c2d93891015a1d3b94
d69a134b0217c76f17237a5a4c240a63b085f3013a5e5d2490a81ada18704459
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc91aba1c20d01aeba865b192be8f66177a3f04a7d77f06dfc7763369a0941f0
dd775351a78c275a252b2d39d2d956d759d35ddd0ff5a4625131e1c2ba3c6c96
dde3fc2ba4dfaefd6743e37a32ebd98ecf8479a33df5cac651195f4e14ff7ea6
e2629961fc2091083268d0be0af51b3f8f2a02963d162018e57e7dc1d26e75eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c408ae38a005bd07ee5354fe2e349e6578ed9d28ac65af523486e4873df4ea
e60853622a54f85bfb4bab4c133c54e3a304386dfb19c23c8512d10e50d56bf4
ebfd38a16291aa6acd56699f5839b9c6adc54be515d77bc8b25ac0d044e029ad
ecc9d1f7847e9d330923bcf866f1f51f31906076c82e4591e11bc89a55d5601a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eea4bd249a3b6bdccccea813dc25e6346f59f7c66d3ace668798627ec26b8cbe
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef36a1c3e9ae388659ceb39bc9b167315872e159c20e24f284d7e1774303d380
fa558d01b7f707708794361234c368ea9891bbc35ba8b029cc8dd983e020468f
fdb409788f6e7f06297d50fdc6f9dcf2b50682e8d9aeb61890d490fe21203b5d
fdcb31e5328da3481e0abc7877e27247f541d8cd1949dd105640e95ca00f9a27
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43