moroccwfvq.applejxsqv.site Open in urlscan Pro
104.21.3.103 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://moroccwfvq.applejxsqv.site/
Submission Tags: @phishunt_io
Submission: On December 08 via api (December 8th 2022, 12:48:38 am UTC) from DE — Scanned from DE

Summary HTTP 58 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 18 domains to perform 58 HTTP transactions. The main IP is 104.21.3.103, located in and belongs to CLOUDFLARENET, US. The main domain is moroccwfvq.applejxsqv.site.
TLS certificate: Issued by E1 on November 2nd 2022. Valid for: 3 months.

This is the only time moroccwfvq.applejxsqv.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	104.21.3.103 104.21.3.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::ac43:841d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6811:915b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2.16.241.224 2.16.241.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2014	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	52.224.31.34 52.224.31.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
58	22

15 104.21.3.103 (None, )

ASN13335 (CLOUDFLARENET, US)

moroccwfvq.applejxsqv.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:841d (United States)

ASN13335 (CLOUDFLARENET, US)

liviaviccari.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:915b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.241.224 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-224.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gtm-nqf4cdv-m2fky.uc.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

h.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	applejxsqv.site moroccwfvq.applejxsqv.site	489 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1399 h.clarity.ms — Cisco Umbrella Rank: 10214 c.clarity.ms — Cisco Umbrella Rank: 2123	22 KB
6	gstatic.com fonts.gstatic.com	103 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	233 B
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 859	99 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38 region1.google-analytics.com — Cisco Umbrella Rank: 2448	20 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5234	675 B
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	635 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	132 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	2 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 8956 prism.app-us1.com — Cisco Umbrella Rank: 9025	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	162 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 296	551 B
1	appspot.com gtm-nqf4cdv-m2fky.uc.r.appspot.com
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 170	2 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1071	46 KB
1	liviaviccari.com.br liviaviccari.com.br servidor.liviaviccari.com.br Failed
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51	4 KB
58	18

	Domain	Requested by
15	moroccwfvq.applejxsqv.site	moroccwfvq.applejxsqv.site
6	fonts.gstatic.com	fonts.googleapis.com
4	www.facebook.com	moroccwfvq.applejxsqv.site
4	analytics.tiktok.com	moroccwfvq.applejxsqv.site analytics.tiktok.com
3	www.google.de	moroccwfvq.applejxsqv.site
3	www.google.com	1 redirects moroccwfvq.applejxsqv.site
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	c.clarity.ms	1 redirects
2	h.clarity.ms	www.clarity.ms
2	www.clarity.ms	moroccwfvq.applejxsqv.site www.clarity.ms
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	moroccwfvq.applejxsqv.site www.googletagmanager.com
1	c.bing.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	gtm-nqf4cdv-m2fky.uc.r.appspot.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	diffuser-cdn.app-us1.com	moroccwfvq.applejxsqv.site
1	www.googleadservices.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	liviaviccari.com.br	moroccwfvq.applejxsqv.site
1	fonts.googleapis.com	moroccwfvq.applejxsqv.site
0	servidor.liviaviccari.com.br Failed	www.googletagmanager.com
58	24

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
www.instagram.com
www.youtube.com
t.me

Subject Issuer	Validity	Valid
*.applejxsqv.site E1	`2022-11-02` - `2023-01-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.liviaviccari.com.br E1	`2022-10-20` - `2023-01-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-16` - `2022-12-15`	3 months	crt.sh
app-us1.com Cloudflare Inc ECC CA-3	`2022-12-07` - `2023-12-06`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://moroccwfvq.applejxsqv.site/
Frame ID: AB1997791B9CB13AC99D6367B0F44AEE
Requests: 62 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 26AE20AB8EAEF768B3383A5536F2EEC7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lívia Viccari - Procedimentos Estéticos e Capacitação Profissional

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*uploads/elementor/css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

58
Requests

95 %
HTTPS

77 %
IPv6

18
Domains

24
Subdomains

22
IPs

5
Countries

1089 kB
Transfer

3590 kB
Size

16
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=5544991598316
Title: AGENDE SUA AVALIAÇÃO

Search URL Search Domain Scan URL

URL: https://www.instagram.com/liviaviccari/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCwGwE_dIq8sfRSPZBQ5HbZw/videos
Title: Youtube

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/Tswzsghc9Af7IK-x
Title: Telegram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/733761503/?random=953167746&cv=11&fst=1670460512972&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=cXa2COPv8aUBEN-f8d0C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&tiba=L%C3%ADvia%20Viccari%20-%20Procedimentos%20Est%C3%A9ticos%20e%20Capacita%C3%A7%C3%A3o%20Profissional&value=0&auid=857694135.1670460513&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YTSRY6Ey5q6YsA-S3L3QBw&sscte=1&crd=&eitems=ChEIgJDBnAYQoqHhwObl6pSVARIdACu92o85vzMESled9ErheFLitoHGB7dVgxFNwKM&pscrd=Ek5DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUklsQUgyRkptWjRMZzZoY3JWMkIxQ0MxX0J0bnd3eUJVVkRMQWdpTV9sY2QyMVRIVXEzMGcaV0NoQUlnSkRCbkFZUWxiYjRfTF9jbG9BN0VpMEFPSG9VT1ZmZDA3SlZydVRRcEw1Z0x1VThNUHFNeG5yX1pwWlE0NzJCQkZteGFRNFU0TWl5ejRfSEZ6Yw HTTP 302
https://www.google.com/pagead/1p-conversion/733761503/?random=953167746&cv=11&fst=1670460512972&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=cXa2COPv8aUBEN-f8d0C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&tiba=L%C3%ADvia%20Viccari%20-%20Procedimentos%20Est%C3%A9ticos%20e%20Capacita%C3%A7%C3%A3o%20Profissional&value=0&auid=857694135.1670460513&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUklsQUgyRkptWjRMZzZoY3JWMkIxQ0MxX0J0bnd3eUJVVkRMQWdpTV9sY2QyMVRIVXEzMGcaV0NoQUlnSkRCbkFZUWxiYjRfTF9jbG9BN0VpMEFPSG9VT1ZmZDA3SlZydVRRcEw1Z0x1VThNUHFNeG5yX1pwWlE0NzJCQkZteGFRNFU0TWl5ejRfSEZ6Yw&is_vtc=1&ocp_id=YTSRY6Ey5q6YsA-S3L3QBw&cid=CAQSKQDq26N98WILx98S7B2mme7sSkKHRXAmcUwoXLn2GR-hnoxuogtiXPKOIBM&eitems=ChEIgJDBnAYQoqHhwObl6pSVARIdACu92o8Hh8qrKC5mneAtF3myRFcWo0Q0SHXVW-8&random=5553449 HTTP 302
https://www.google.de/pagead/1p-conversion/733761503/?random=953167746&cv=11&fst=1670460512972&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=cXa2COPv8aUBEN-f8d0C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&tiba=L%C3%ADvia%20Viccari%20-%20Procedimentos%20Est%C3%A9ticos%20e%20Capacita%C3%A7%C3%A3o%20Profissional&value=0&auid=857694135.1670460513&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUklsQUgyRkptWjRMZzZoY3JWMkIxQ0MxX0J0bnd3eUJVVkRMQWdpTV9sY2QyMVRIVXEzMGcaV0NoQUlnSkRCbkFZUWxiYjRfTF9jbG9BN0VpMEFPSG9VT1ZmZDA3SlZydVRRcEw1Z0x1VThNUHFNeG5yX1pwWlE0NzJCQkZteGFRNFU0TWl5ejRfSEZ6Yw&is_vtc=1&ocp_id=YTSRY6Ey5q6YsA-S3L3QBw&cid=CAQSKQDq26N98WILx98S7B2mme7sSkKHRXAmcUwoXLn2GR-hnoxuogtiXPKOIBM&eitems=ChEIgJDBnAYQoqHhwObl6pSVARIdACu92o8Hh8qrKC5mneAtF3myRFcWo0Q0SHXVW-8&random=5553449&ipr=y&prhg=0

Request Chain 55

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=01645B71477D4F73A6477B1B7494EC2E&RedC=c.clarity.ms&MXFR=0944542FB5756B9D1A41465BB175652F HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=01645B71477D4F73A6477B1B7494EC2E&MUID=292F191D059B60C320490B6904F06170

58 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
moroccwfvq.applejxsqv.site/ 66 KB
12 KB 150ms
104ms Document
text/html 104.21.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moroccwfvq.applejxsqv.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7050ccc31b81e7f0e5704d4b9e4895f2e66ea86481c1e372deccecb2dd75aeb1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77617efb6a4292c5-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 08 Dec 2022 00:48:32 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mljLXJKa%2B%2BaJL%2BO8AFg00dYUAMItObFQAbOQElwM8lDe6wHyARuphaL1K1ObL1MQPW2NtWcoiLOciMCoIuLK5GXAzCThsddT9l8hRPkWPlDrupEkMPdEuHItDbhh6SfSRcQRGOZUr%2BGIqYYUpA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 139 KB
4 KB 48ms
25ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSaira%20Semi%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%20Alternates%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Requested by

Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34f1b24809b5827007e46c2cd9eb10119e84288c95648a11815aa79c751f7d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Dec 2022 00:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 00:48:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Dec 2022 00:48:32 GMT

GET
H2 200 29ea62b8e215a7fff001a0a083e50fde.css
moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/cache/min/1/ 848 KB
98 KB 93ms
92ms Stylesheet
text/css 104.21.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/cache/min/1/29ea62b8e215a7fff001a0a083e50fde.css
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 841406534c2cf3fc451aa203f8f0938fcb0e9b1d2ef89f4688c91095dbb51485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 Aug 2022 16:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62f3e271-d40cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXvUJD%2Fh3H3JO4Tw8244BOn88RH8chC%2Big%2BTNZyzojEwgsQOG0K%2FN0F5cF1VeG0Ai%2FetHiE4DbQaaWP%2B1xYQT6nbhAU%2Bh99ihP4fB2lzPJR6SFkTyBvyiihl0vu8nJ6qHfrGNKAkjv%2FQ%2BItawQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 77617efc1ac292c5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 00:48:32 GMT

GET
H2 200 post-10%EF%B9%96ver=1659961830.css
moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/uploads/elementor/css/ 1 KB
870 B 39ms
37ms Stylesheet
text/css 104.21.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/uploads/elementor/css/post-10%EF%B9%96ver=1659961830.css
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe46256be893f043bbb4a7434fe333c10df8c53454eacbf3636837eaaa4f8ae3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 Aug 2022 16:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62f3e271-5e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GA7eeQN7tcBr8xQpCaxYoUMInr%2F0aVA4cZR6UFrNnHGB0yPVhhyoCXr2H5YgU6YUoA%2FVHHfxNa0aBQbgcjye40j%2BH1kELyOmCvcJRT4SgilPmmKZOtMwKkatnSbQPXQDPVqSLbzYxLV%2BEcR%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 77617efc1ac492c5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 00:48:32 GMT

GET
H2 200 global%EF%B9%96ver=1659961830.css
moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/uploads/elementor/css/ 38 KB
3 KB 44ms
43ms Stylesheet
text/css 104.21.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/uploads/elementor/css/global%EF%B9%96ver=1659961830.css
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7db89daaae7fa4d4665ccddaad6a457225e3b9df1ac55860530f790f63591d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 Aug 2022 16:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62f3e271-9999"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27l5cgjazjjKGOTbFUu3xwUn4JR4ZHlwvwXRWkjuadhXORKDIIvTDlqXgTBk6JV1vLTy%2FnTvUKy6GE8ldwWD8yndNvwmI5f06Pi9KKE48sPIzUwiSEbv%2BjPJO05%2BVyMNY7U3lyPhUZr5iYmHzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 77617efc1ac592c5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 00:48:32 GMT

GET
H2 200 post-1099%EF%B9%96ver=1659970407.css
moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/uploads/elementor/css/ 41 KB
4 KB 45ms
44ms Stylesheet
text/css 104.21.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/uploads/elementor/css/post-1099%EF%B9%96ver=1659970407.css
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d642b1eff48603a6b1c1f7ff2d07371a227669f67fefd5d68a65901e5889422

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 Aug 2022 16:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62f3e271-a5e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6gL4Jcz%2BmaJytmJER56lhvTyskx0TwbSTTZ%2FHk3MLnAsNyl7v4JKVL%2BAc1eTIzFVfUv2558UQgIdBRGGoNa%2BOuoGhEqIICQHcfmwndROGBBEZRTyD%2BNyNZTp%2BLUuiRhzkba%2FmiJ8xqkKvzVzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 77617efc1ac692c5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 00:48:32 GMT

GET
H2 200 hooks.min%EF%B9%96ver=c6d64f2cb8f5c6bb49caca37f8828ce3.js Show response
moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-includes/js/dist/ 5 KB
2 KB 43ms
42ms Script
application/javascript 104.21.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-includes/js/dist/hooks.min%EF%B9%96ver=c6d64f2cb8f5c6bb49caca37f8828ce3.js
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 Aug 2022 16:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62f3e271-132e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvyP%2BYl6%2Bc0qU21PIEO%2Ba8nU1GHwA3IzWKbRkfg5QWzA4oQ1%2FA5%2Fs1eeWkXkGqE4US1hCVddGtowlPi4Z1%2F2zS7tqrPGQsaLJRBuHgfRuWGDCZG4VNN3epxHq%2F5k3OWvDsYfdTNzKlgfOf6aqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 77617efc1ac792c5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 00:48:32 GMT

GET
H2 200 i18n.min%EF%B9%96ver=ebee46757c6a411e38fd079a7ac71d94.js Show response
moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-includes/js/dist/ 10 KB
4 KB 42ms
42ms Script
application/javascript 104.21.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-includes/js/dist/i18n.min%EF%B9%96ver=ebee46757c6a411e38fd079a7ac71d94.js
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 Aug 2022 16:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62f3e271-27ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bla5RKrz%2Bdt4ftpbojGuNSMYSeYRESa%2BY4Do1LjwwfQ21CV9HYvse4%2FbwdxsgkIRe8ETeljH%2B1k%2FMC1OGuWVrikAh5CYHLV8dqap%2FxKLUteNxwK5KOpPOTYh5k7C9D9M%2BjtWKBhOCTCMG0nskw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 77617efc1ac892c5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 00:48:32 GMT

GET
H3 200 lazyload.min.js Show response
moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 45ms
44ms Script
application/javascript 104.21.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 Aug 2022 16:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62f3e271-2063"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3hd64jCsA0dDJ%2BUC15Lr%2FRppTL7ehMWepr6oXCW%2F6%2FZWqyqf5Xtzy4%2FysaP%2BwGxZjyyIajT0k96Fr4w9RgrE%2FekIap9TSiqvYKfY876WhN36gLLGoeARrcoF2k4SKui6wcdruPltnCCd7VTRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 77617efccf009b4c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 00:48:32 GMT

GET
H2 200 436dab2e5678b1e92cffacb1164830e2.js Show response
moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/cache/min/1/ 610 KB
171 KB 95ms
94ms Script
application/javascript 104.21.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/cache/min/1/436dab2e5678b1e92cffacb1164830e2.js
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a30b0f8589c1862324e856c5d1c7645d7349fbef16d5d692cfc08e9f2db9015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 Aug 2022 16:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62f3e271-98691"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhz7Qazw6db0kPI2euJeLAPdNiFxghTLWza8Ct7MKKWg7rPez%2BYydXSNp5hulVKiKir4skbgQgUdMW6Q%2BcwemGj%2FHjev7670dwgB0XAoY6YbLsx5VAhzWovUkB3XKMvaU%2B1ocFJfWqgKd5Yq3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 77617efc1ac992c5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 18 Dec 2022 00:48:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 255 KB
87 KB 49ms
28ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MBL3GRB

Requested by

Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23988fd1cd15c329c1a6fdb23edb399ddd77fc19d0e4ea33169a5ffa8d134b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88986
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Dec 2022 00:48:32 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ac0e7e7f71d143292b51ee698a5795bdf2531f3739570467cfad74ad81be01a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%20Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CSaira%20Semi%20Condensed%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%20Alternates%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://moroccwfvq.applejxsqv.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 22:04:56 GMT
x-content-type-options: nosniff
age: 528216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 22:04:56 GMT

GET
H2 200 U9MD6c-2-nnJkHxyCjRcnMHcWVWV1cWRRX8MaOY.woff2
fonts.gstatic.com/s/sairasemicondensed/v11/ 17 KB
17 KB 26ms
8ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sairasemicondensed/v11/U9MD6c-2-nnJkHxyCjRcnMHcWVWV1cWRRX8MaOY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bbaf3e768787a7cdc46d2d1463997ab92aefa03aab387e73db0b3cb83732b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://moroccwfvq.applejxsqv.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 09:29:16 GMT
x-content-type-options: nosniff
age: 400756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17232
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:20:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:29:16 GMT

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac5172046ff614b58594834a100a9c81946f3df840c92128f43a15dbdd218636

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6939ef606d5554a4a8708b4bbe7592ab33ddd1a8106de88742d06b66452b5a2d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 404 Bg-Services-Hero-New.png
liviaviccari.com.br/wp-content/uploads/2020/04/ 0
0 853ms
622ms Image
text/html 2606:4700:3030::ac43:841d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://liviaviccari.com.br/wp-content/uploads/2020/04/Bg-Services-Hero-New.png
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/uploads/elementor/css/post-1099%EF%B9%96ver=1659970407.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:841d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2 200 mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xNIPFB7xG.woff2
fonts.gstatic.com/s/montserratalternates/v17/ 20 KB
20 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserratalternates/v17/mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xNIPFB7xG.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

746f490a26ddca974cdec034a695557214a976fe227f334a1f86befb7fe43801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://moroccwfvq.applejxsqv.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 19:25:39 GMT
x-content-type-options: nosniff
age: 451373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20384
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 19:25:39 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://moroccwfvq.applejxsqv.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 22:39:05 GMT
x-content-type-options: nosniff
age: 7767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 22:39:05 GMT

GET
H3 200 fa-solid-900.woff2
moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 52ms
51ms Font
font/woff2 104.21.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/cache/min/1/29ea62b8e215a7fff001a0a083e50fde.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/cache/min/1/29ea62b8e215a7fff001a0a083e50fde.css
Origin: https://moroccwfvq.applejxsqv.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78196
last-modified: Wed, 10 Aug 2022 16:53:05 GMT
server: cloudflare
etag: "62f3e271-13174"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUrtPJt1E1%2BMai5AzpQR6uHxWvxBmFF%2FKrkFQqwK9vOGDt4SONYZJByWrAtOjH7ZCtRE39DYgmIx%2BCV0z5uwgYPnQAqvnVnDsah7ortTUDQ1K0oX3WonSvVDDJCqWorJzuZTN51ClavU7T7Jrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 77617efd3f869b4c-FRA
expires: Sun, 18 Dec 2022 00:48:32 GMT

GET
H2 200 mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xGITFB7xG.woff2
fonts.gstatic.com/s/montserratalternates/v17/ 20 KB
20 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserratalternates/v17/mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xGITFB7xG.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da4fd6c8ccb6ff2b84c95606bb983392c766558ef6232e9bf23027d5979618aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://moroccwfvq.applejxsqv.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:14:03 GMT
x-content-type-options: nosniff
age: 441269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20184
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 22:14:03 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da64ac0eb5c2ee111cdecddfb3fadac48915ed64492aa0b0aa37a615c1e93b59

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b3efad2370aa3d63008f1b4e534ec5573cc21ae58225880aa35e2a1b9d2f990

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://moroccwfvq.applejxsqv.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 17:14:46 GMT
x-content-type-options: nosniff
age: 459226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 17:14:46 GMT

GET
H3 200 fa-brands-400.woff2
moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
76 KB 53ms
52ms Font
font/woff2 104.21.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/cache/min/1/29ea62b8e215a7fff001a0a083e50fde.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/cache/min/1/29ea62b8e215a7fff001a0a083e50fde.css
Origin: https://moroccwfvq.applejxsqv.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:32 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76764
last-modified: Wed, 10 Aug 2022 16:53:05 GMT
server: cloudflare
etag: "62f3e271-12bdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVIXjkXrV0%2Fhp65n5%2BVed7Pz%2FQAoA8iVTIOCIs451xya%2BmxFmcTXQLtErj%2BPvqKQsGSzY2ERdXoU2lb9GYH3aOSSzVcCNfEEFmrBy%2Fg%2FUAWUJealoGaKvjHULtnEJTJ3VknEvgbrsqZ6DNdd8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 77617efd9fef9b4c-FRA
expires: Sun, 18 Dec 2022 00:48:32 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 120 KB
46 KB 41ms
21ms Script
application/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-KJ8RGNT

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBL3GRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d87a3f559d2d431f4f6b8dac02d667c9650364b5f991bc2ae87bb2e93b66543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46876
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Dec 2022 00:48:33 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/733761503/ 2 KB
2 KB 47ms
20ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/733761503/?random=1670460512972&cv=11&fst=1670460512972&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=cXa2COPv8aUBEN-f8d0C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&tiba=L%C3%ADvia%20Viccari%20-%20Procedimentos%20Est%C3%A9ticos%20e%20Capacita%C3%A7%C3%A3o%20Profissional&value=0&bttype=purchase&auid=857694135.1670460513&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBL3GRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ae6ac4eff6d8d73e9a14c1b8c8de16d53c35758d6b5efe36fa51ca2151d5df36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 00:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
6ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBL3GRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 23:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5567
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 08 Dec 2022 01:15:46 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/733761503/ 2 KB
2 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/733761503/?random=1670460512979&cv=11&fst=1670460512979&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&tiba=L%C3%ADvia%20Viccari%20-%20Procedimentos%20Est%C3%A9ticos%20e%20Capacita%C3%A7%C3%A3o%20Profissional&auid=857694135.1670460513&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBL3GRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f964f84c8d815f71b957904e0d6d604786105a303836d821be7df2de7c238560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 00:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 917
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 31ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBL3GRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 08 Dec 2022 00:48:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: t8/uBms1pfiM/lJJOJxeG4scPRpfjsPH4ueTJEbpF0qyLSR2dyaXcoflYAOwQjkk2HFq7qWs/b675i1cOJYlvA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 24 KB
6 KB 39ms
14ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:33 GMT
content-encoding: gzip
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P2
age: 67
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
server: cloudflare
etag: W/"4d482a43613d3966f353ec9d97452e0c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 77617efe4804bb5b-FRA
x-amz-cf-id: L-cCCvK3NI-04ye1GusGC5vrX2qYGZyd6VgPz33TFC9y0EvPTddb6w==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 416ms
194ms Script
application/javascript 2.16.241.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8JUFJLMP02EUPVMHG0G&lib=ttq
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0b5ce6316aa7a25fe550aed77afbcecbeaf00246a3ae5a13d82ddcce26a26bab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-akamai-request-id: 7d41dd05.971d44
date: Thu, 08 Dec 2022 00:48:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-240-160.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 185,2.16.240.160
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=97, inner; dur=5
content-length: 1315
pragma: no-cache
server: nginx
x-tt-logid: 20221208004833CB600F16CA52E4621CEC
x-cache-remote: TCP_MISS from a23-220-104-198.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 97,23.220.104.198
x-tt-trace-host: 01560c7709e24fd19d65c59ef8100461f58546123c0beaa7333a916ff8da850f6aa36bcb9fc9324465156284ae59abd48269db93dd09f37f9bd951ca43a4b5eef59fab6c179e0674f1f7a49b68c9d1a69320f7a0910b5b57818b53738e28abe1e4
expires: Thu, 08 Dec 2022 00:48:33 GMT

GET
H2 200 ea5mhxdpzo Show response
www.clarity.ms/tag/ 2 KB
2 KB 152ms
99ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ea5mhxdpzo?ref=gtm2
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e08da2d7cb8f4e189c180884004f1b2c7b653e01cd9100dd6c19a7ce98903212

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type: application/x-javascript
date: Thu, 08 Dec 2022 00:48:32 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0YTSRYwAAAADYXIDlQQLdS53J8FyYCBaqRlJBMzFFREdFMDkxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 39ms
24ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CT0ZXPYHDM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBL3GRB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a30c8a974e9db7c8a45eef4f400165aa4342d3d19e79a5a4c619d9859fd5126

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Dec 2022 00:48:33 GMT

GET
H3 200 cropped-Design-sem-nome-4.png
moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/uploads/2021/10/ 2 KB
2 KB 41ms
41ms Image
image/png 104.21.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/uploads/2021/10/cropped-Design-sem-nome-4.png
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6928321434474aca471e1018ff4ce8f7d8e4da002361cc048388a49f88d7f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:33 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1711
last-modified: Wed, 10 Aug 2022 16:53:05 GMT
server: cloudflare
etag: "62f3e271-6af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quj4Un92TmLn1omArxNsrNStJu7DSLiiJZBor3SiKI40dcfq5BzK9dtBtnMHqxXbfTbimMA1HrXX9Pcz%2F7UMFoTrhl%2FU0Rv5cioykB7fe1ps%2Ft0y5qZQq0x1bN5QkJHOETm4zqQWSlBHhuv%2F6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 77617efe294d9b4c-FRA
expires: Sun, 18 Dec 2022 00:48:33 GMT

GET
H3 200 logo-1-1.png
moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/uploads/2021/06/ 25 KB
25 KB 44ms
44ms Image
image/png 104.21.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/uploads/2021/06/logo-1-1.png
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78dd23476d78404a1543e9fe5cb4c65e3fff30ac1e76d1f9bbdb9a85cad7439a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:33 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25251
last-modified: Wed, 10 Aug 2022 16:53:05 GMT
server: cloudflare
etag: "62f3e271-62a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhLZ8k%2BrTWR%2F909izLgbUBoJs30BpV8b%2B4VNxDfofsNUVE4voV3f0BnN5nCpwFj%2FneX1BEtJRNm4weDlFtivqS%2BFgT%2Ff3YvsmqsjkQ7ufYPWzpccZkEwEYCYWpQ1Js2O4dc90SiqIZnK1KxI%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 77617efe294f9b4c-FRA
expires: Sun, 18 Dec 2022 00:48:33 GMT

GET
H3 200 TT-1.png
moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/uploads/2021/03/ 6 KB
6 KB 41ms
41ms Image
image/png 104.21.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/uploads/2021/03/TT-1.png
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4b459c2a2574effe7bac9402e6b555a9539a242f141333d527e981679b5e633

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:33 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5743
last-modified: Wed, 10 Aug 2022 16:53:05 GMT
server: cloudflare
etag: "62f3e271-166f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0sNqu3oCNdiEToK%2FQnZGG%2BGtSdX2m39o2zEhhQJjhelSeHP8gECKCxFq7%2F5lnuFG%2BcZjAlNzm0sLZdzBRlqviQqvqewhgVy5Do57TViQO5WTw5EjuuuxaCrMbQXwpz8LPM4wkrFhK3KrkVwRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 77617efe29519b4c-FRA
expires: Sun, 18 Dec 2022 00:48:33 GMT

GET
H3 200 SC-1.png
moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/uploads/2021/03/ 6 KB
6 KB 42ms
42ms Image
image/png 104.21.3.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moroccwfvq.applejxsqv.site/sites/liviaviccari/wp-content/uploads/2021/03/SC-1.png
Requested by: Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.3.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ef5d5aa59dc40bf57b7ff7a9e4b99ac4192d7a9f925716c0ab52c3510d9849

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:33 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5647
last-modified: Wed, 10 Aug 2022 16:53:05 GMT
server: cloudflare
etag: "62f3e271-160f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GS%2BzC0f2NeOdUclpKhaEmdar2AtFxaTim00ACCLxD29tMKe8r92FYUOeVrSKe6T0RQ9bLt1ckL7JAu9aptIB6WoxQ2%2B1%2BoS7LGJreUHQY%2FtzkOtbby19AnIcscZCqvB8%2BsaB015l18QXKL8zrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 77617efe29529b4c-FRA
expires: Sun, 18 Dec 2022 00:48:33 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 00:48:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
x-ua-compatible: IE=edge
pragma: private
x-fb-debug: m3D/pfmYpw0PE+TMHWd6a582jB7EK6Rkn6GtPMlyEfbTr/tcEvQOgkdT1bPul4dqWRSHNINAT3byDmxSgOr38A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: private
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1194542894039812 Show response
connect.facebook.net/signals/config/ 294 KB
85 KB 111ms
102ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1194542894039812?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6276b3e0200eb309f2ea91c2d4854977d8128b63f9c819e3d6fb6902b727696a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 08 Dec 2022 00:48:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: awqcRMgNF6qvwvAnwVsQZNtZtFMpuaT3leQJUgZIVp74i7m4Fs7aPAJ76UW8hgk3+VGRJxhMcDDujqrtG8LuNQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 31ms
14ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=87892050&t=pageview&_s=1&dl=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&ul=en-us&de=UTF-8&dt=L%C3%ADvia%20Viccari%20-%20Procedimentos%20Est%C3%A9ticos%20e%20Capacita%C3%A7%C3%A3o%20Profissional&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEABRAAAACAAI~&jid=126723297&gjid=1433637039&cid=1551789963.1670460513&tid=UA-142135652-1&_gid=1884284423.1670460513&_r=1&gtm=2wgbu0MBL3GRB&z=2039591246

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://moroccwfvq.applejxsqv.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 00:48:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://moroccwfvq.applejxsqv.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/733761503/ 42 B
548 B 40ms
19ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/733761503/?random=1670460512979&cv=11&fst=1670457600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&tiba=L%C3%ADvia%20Viccari%20-%20Procedimentos%20Est%C3%A9ticos%20e%20Capacita%C3%A7%C3%A3o%20Profissional&fmt=3&is_vtc=1&random=731146579&rmt_tld=0&ipr=y

Requested by

Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 00:48:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/733761503/ 42 B
548 B 39ms
18ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/733761503/?random=1670460512979&cv=11&fst=1670457600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&tiba=L%C3%ADvia%20Viccari%20-%20Procedimentos%20Est%C3%A9ticos%20e%20Capacita%C3%A7%C3%A3o%20Profissional&fmt=3&is_vtc=1&random=731146579&rmt_tld=1&ipr=y

Requested by

Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 00:48:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/733761503/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/733761503/?random=953167746&cv=11&fst=1670460512972&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=cXa2COPv8aUBEN-f8d0...
https://www.google.com/pagead/1p-conversion/733761503/?random=953167746&cv=11&fst=1670460512972&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=cXa2COPv8aUBEN-f8d0C&hn=www.googleadserv...
https://www.google.de/pagead/1p-conversion/733761503/?random=953167746&cv=11&fst=1670460512972&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=cXa2COPv8aUBEN-f8d0C&hn=www.googleadservi...

42 B
64 B

22ms
22ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/733761503/?random=953167746&cv=11&fst=1670460512972&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=cXa2COPv8aUBEN-f8d0C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&tiba=L%C3%ADvia%20Viccari%20-%20Procedimentos%20Est%C3%A9ticos%20e%20Capacita%C3%A7%C3%A3o%20Profissional&value=0&auid=857694135.1670460513&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUklsQUgyRkptWjRMZzZoY3JWMkIxQ0MxX0J0bnd3eUJVVkRMQWdpTV9sY2QyMVRIVXEzMGcaV0NoQUlnSkRCbkFZUWxiYjRfTF9jbG9BN0VpMEFPSG9VT1ZmZDA3SlZydVRRcEw1Z0x1VThNUHFNeG5yX1pwWlE0NzJCQkZteGFRNFU0TWl5ejRfSEZ6Yw&is_vtc=1&ocp_id=YTSRY6Ey5q6YsA-S3L3QBw&cid=CAQSKQDq26N98WILx98S7B2mme7sSkKHRXAmcUwoXLn2GR-hnoxuogtiXPKOIBM&eitems=ChEIgJDBnAYQoqHhwObl6pSVARIdACu92o8Hh8qrKC5mneAtF3myRFcWo0Q0SHXVW-8&random=5553449&ipr=y&prhg=0

Requested by

Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 00:48:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Dec 2022 00:48:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/733761503/?random=953167746&cv=11&fst=1670460512972&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&label=cXa2COPv8aUBEN-f8d0C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&tiba=L%C3%ADvia%20Viccari%20-%20Procedimentos%20Est%C3%A9ticos%20e%20Capacita%C3%A7%C3%A3o%20Profissional&value=0&auid=857694135.1670460513&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0pEQm5BWVFuT3kxNjllNDNhdWNBUklsQUgyRkptWjRMZzZoY3JWMkIxQ0MxX0J0bnd3eUJVVkRMQWdpTV9sY2QyMVRIVXEzMGcaV0NoQUlnSkRCbkFZUWxiYjRfTF9jbG9BN0VpMEFPSG9VT1ZmZDA3SlZydVRRcEw1Z0x1VThNUHFNeG5yX1pwWlE0NzJCQkZteGFRNFU0TWl5ejRfSEZ6Yw&is_vtc=1&ocp_id=YTSRY6Ey5q6YsA-S3L3QBw&cid=CAQSKQDq26N98WILx98S7B2mme7sSkKHRXAmcUwoXLn2GR-hnoxuogtiXPKOIBM&eitems=ChEIgJDBnAYQoqHhwObl6pSVARIdACu92o8Hh8qrKC5mneAtF3myRFcWo0Q0SHXVW-8&random=5553449&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
355 B 34ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CT0ZXPYHDM&gtm=2oebu0&_p=87892050&cid=1551789963.1670460513&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670460513&sct=1&seg=0&dl=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&dt=L%C3%ADvia%20Viccari%20-%20Procedimentos%20Est%C3%A9ticos%20e%20Capacita%C3%A7%C3%A3o%20Profissional&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CT0ZXPYHDM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 00:48:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://moroccwfvq.applejxsqv.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 500 collect
gtm-nqf4cdv-m2fky.uc.r.appspot.com/g/ 0
0 759ms
725ms Ping
text/html 2a00:1450:4001:831::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gtm-nqf4cdv-m2fky.uc.r.appspot.com/g/collect?v=2&tid=G-CT0ZXPYHDM&gtm=2oebu0&_p=87892050&cid=1551789963.1670460513&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1670460513&sct=1&seg=0&dl=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&dt=L%C3%ADvia%20Viccari%20-%20Procedimentos%20Est%C3%A9ticos%20e%20Capacita%C3%A7%C3%A3o%20Profissional&en=ViewContent&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CT0ZXPYHDM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

GET
H2 200 / Show response
prism.app-us1.com/ 0
214 B 210ms
201ms Script
application/javascript 2606:4700::6811:915b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=650160935&u=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.32
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.32
content-type: application/javascript
cache-control: no-cache, private
x-envoy-upstream-service-time: 58
cf-ray: 77617efec8c2bb5b-FRA
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-142135652-1&cid=1551789963.1670460513&jid=126723297&gjid=1433637039&_gid=1884284423.1670460513&_u=aGBACEAARAAAACAAI~&z=621279216

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://moroccwfvq.applejxsqv.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 08 Dec 2022 00:48:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://moroccwfvq.applejxsqv.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-c/s/0.6.43/ 54 KB
18 KB 11ms
10ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-c/s/0.6.43/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ea5mhxdpzo?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:48:32 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 0g/OQYwAAAAA7ug6gJLNMTJir+VkU8WWJRlJBMjMxMDUwNDE4MDMxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d9082948124e4c"
x-azure-ref: 0YTSRYwAAAABgL4fkO8tbSpyHIZ02gP3cRlJBMzFFREdFMDkxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 24ms
19ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-142135652-1&cid=1551789963.1670460513&jid=126723297&_u=aGBACEAARAAAACAAI~&z=326984390

Requested by

Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 00:48:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 38ms
18ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-142135652-1&cid=1551789963.1670460513&jid=126723297&_u=aGBACEAARAAAACAAI~&z=326984390

Requested by

Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 00:48:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 30ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1194542894039812&ev=PageView&dl=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&rl=&if=false&ts=1670460513227&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1670460513226.1525591614&it=1670460513027&coo=false&eid=1670460512980.195037.1&tm=1&rqm=GET

Requested by

Host: moroccwfvq.applejxsqv.site
URL: https://moroccwfvq.applejxsqv.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 08 Dec 2022 00:48:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect Show response
h.clarity.ms/ 0
173 B 717ms
303ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.43/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://moroccwfvq.applejxsqv.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: https://moroccwfvq.applejxsqv.site
date: Thu, 08 Dec 2022 00:48:33 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 main.MTk2NTc4NGU0MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 233 KB
65 KB 9ms
9ms Script
application/javascript 2.16.241.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTk2NTc4NGU0MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8JUFJLMP02EUPVMHG0G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9741697c7d4f759574f6c2ed68aecddcb938de6fad40f8ba19dd971886175e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-akamai-request-id: 971e07
date: Thu, 08 Dec 2022 00:48:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20221206132759C8CD994472799CF731CA
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-240-160.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 013b51f4b70685c127885fb2187e0fc32711235b72ec11339bd01cd574876be37281d2d3d7ecaae95c78ec45222f8e4cf5c5a7d52e323d88cc3f2c80779b79f158326d06ab832cb090a2281faaaabc8cd7
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 66413

GET
H2 200 identify_7373d.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 11ms
11ms Script
application/javascript 2.16.241.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7373d.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTk2NTc4NGU0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-akamai-request-id: 971e2e
date: Thu, 08 Dec 2022 00:48:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20221206132759415F4BEF38619DFAE441
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-240-160.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 013b51f4b70685c127885fb2187e0fc32711235b72ec11339bd01cd574876be37200efd92d3b39240e51d1780cf909d599643d7b0efb61b483b86cdaaff22439436c326226206c895b873607162beff597
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 30724

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
688 B 199ms
198ms Ping
application/octet-stream 2.16.241.224
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTk2NTc4NGU0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.241.224 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-241-224.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://moroccwfvq.applejxsqv.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 20ebb00d.971e63
date: Thu, 08 Dec 2022 00:48:33 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-240-160.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-parent-response-time: 185,2.16.240.160
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=97, inner; dur=91
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202212080048337A4EF6FF2605A659E167
x-cache-remote: TCP_MISS from a23-220-104-206.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 97,23.220.104.206
x-tt-trace-host: 01560c7709e24fd19d65c59ef8100461f58546123c0beaa7333a916ff8da850f6a9f7a1993e2cf30d8677cba1b7c3e9612c50552942e962e73fd5a31b4ded26bbfefab1ebe79c274e8daf58fa60144a5e5bf43cfa3eae39bf56bea8318adde9081
expires: Thu, 08 Dec 2022 00:48:33 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=01645B71477D4F73A6477B1B7494EC2E&RedC=c.clarity.ms&MXFR=0944542FB5756B9D1A41465BB175652F
https://c.clarity.ms/c.gif?CtsSyncId=01645B71477D4F73A6477B1B7494EC2E&MUID=292F191D059B60C320490B6904F06170

42 B
368 B

30ms
30ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=01645B71477D4F73A6477B1B7494EC2E&MUID=292F191D059B60C320490B6904F06170
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 00:48:33 GMT
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
server: Microsoft-IIS/10.0
etag: "40db785d3fdfd81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 08 Dec 2022 00:48:33 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F3FE0675A63B453C976F7C2F04EC8AB5 Ref B: FRAEDGE1114 Ref C: 2022-12-08T00:48:33Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=01645B71477D4F73A6477B1B7494EC2E&MUID=292F191D059B60C320490B6904F06170
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 17ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1194542894039812&ev=Scroll&dl=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&rl=&if=false&ts=1670460513699&cd[depth]=10&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1670460513226.1525591614&it=1670460513027&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 08 Dec 2022 00:48:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 16ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1194542894039812&ev=Scroll&dl=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&rl=&if=false&ts=1670460513702&cd[depth]=25&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1670460513226.1525591614&it=1670460513027&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 08 Dec 2022 00:48:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 26AE 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://moroccwfvq.applejxsqv.site
Referer: https://moroccwfvq.applejxsqv.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://moroccwfvq.applejxsqv.site
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 00:48:33 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=87892050&t=event&ni=1&_s=2&dl=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&ul=en-us&de=UTF-8&dt=L%C3%ADvia%20Viccari%20-%20Procedimentos%20Est%C3%A9ticos%20e%20Capacita%C3%A7%C3%A3o%20Profissional&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=90f42x&_u=aHBACEABRAAAACAAI~&jid=&gjid=&cid=1551789963.1670460513&tid=UA-142135652-1&_gid=1884284423.1670460513&gtm=2wgbu0MBL3GRB&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fea5mhxdpzo%2Fqsaakw%2F90f42x&z=1408497904

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://moroccwfvq.applejxsqv.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79562
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
h.clarity.ms/ 0
48 B 293ms
293ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.43/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://moroccwfvq.applejxsqv.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin: https://moroccwfvq.applejxsqv.site
date: Thu, 08 Dec 2022 00:48:34 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

POST collect
servidor.liviaviccari.com.br/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: servidor.liviaviccari.com.br
URL: https://servidor.liviaviccari.com.br/g/collect?v=2&tid=G-CT0ZXPYHDM&gtm=2oebu0&_p=87892050&cid=1551789963.1670460513&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1670460513&sct=1&seg=0&dl=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&dt=L%C3%ADvia%20Viccari%20-%20Procedimentos%20Est%C3%A9ticos%20e%20Capacita%C3%A7%C3%A3o%20Profissional&en=PageView&ep.event_id=1670460512980.195037.1&_et=1

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.applejxsqv.site/	1970-01-20 10:10:36	Name: _gcl_au Value: 1.1.857694135.1670460513
.applejxsqv.site/	1970-01-20 08:02:26	Name: _gid Value: GA1.2.1884284423.1670460513
.applejxsqv.site/	1970-01-20 08:01:00	Name: _gat_UA-142135652-1 Value: 1
.applejxsqv.site/	1970-01-20 17:37:00	Name: _ga_CT0ZXPYHDM Value: GS1.1.1670460513.1.0.1670460513.0.0.0
.applejxsqv.site/	1970-01-20 17:37:00	Name: _ga Value: GA1.1.1551789963.1670460513
.doubleclick.net/	1970-01-20 17:22:36	Name: IDE Value: AHWqTUlCv-ms1jMtVThq_BSWyoTZsQs6kckSh26wQbqgEKvQzf5NF1zx56qgacuU
www.clarity.ms/	1970-01-20 16:46:36	Name: CLID Value: 4b252c06dbdf43baa7febf169bc5207b.20221208.20231208
.applejxsqv.site/	1970-01-20 16:46:36	Name: _clck Value: qsaakw\|1\|f78\|0
.applejxsqv.site/	1970-01-20 10:10:36	Name: _fbp Value: fb.1.1670460513226.1525591614
prism.app-us1.com/	1970-01-20 08:44:12	Name: prism_650160935 Value: 9c828d98-b153-4b5b-9481-4e5a7203e3e7
.tiktok.com/	1970-01-20 17:22:36	Name: _ttp Value: 2IbqDqDZyRxuebszNgABnauIgZb
.c.bing.com/	1970-01-20 17:22:36	Name: SRM_B Value: 292F191D059B60C320490B6904F06170
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 17:22:36	Name: MUID Value: 292F191D059B60C320490B6904F06170
.c.clarity.ms/	1970-01-20 08:01:01	Name: ANONCHK Value: 0
.applejxsqv.site/	1970-01-20 08:02:26	Name: _clsk Value: 90f42x\|1670460513987\|1\|1\|h.clarity.ms/collect

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://liviaviccari.com.br/wp-content/uploads/2020/04/Bg-Services-Hero-New.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gtm-nqf4cdv-m2fky.uc.r.appspot.com/g/collect?v=2&tid=G-CT0ZXPYHDM&gtm=2oebu0&_p=87892050&cid=1551789963.1670460513&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1670460513&sct=1&seg=0&dl=https%3A%2F%2Fmoroccwfvq.applejxsqv.site%2F&dt=L%C3%ADvia%20Viccari%20-%20Procedimentos%20Est%C3%A9ticos%20e%20Capacita%C3%A7%C3%A3o%20Profissional&en=ViewContent&_et=2 Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
c.bing.com
c.clarity.ms
connect.facebook.net
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtm-nqf4cdv-m2fky.uc.r.appspot.com
h.clarity.ms
liviaviccari.com.br
moroccwfvq.applejxsqv.site
prism.app-us1.com
region1.google-analytics.com
servidor.liviaviccari.com.br
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
servidor.liviaviccari.com.br
104.21.3.103
142.250.181.226
2.16.241.224
20.234.93.27
2001:4860:4802:32::178
2001:4860:4802:34::36
2606:4700:3030::ac43:841d
2606:4700::6811:915b
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:802::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2014
2a00:1450:400c:c08::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
52.224.31.34
0b3efad2370aa3d63008f1b4e534ec5573cc21ae58225880aa35e2a1b9d2f990
0b5ce6316aa7a25fe550aed77afbcecbeaf00246a3ae5a13d82ddcce26a26bab
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
23988fd1cd15c329c1a6fdb23edb399ddd77fc19d0e4ea33169a5ffa8d134b81
2bbaf3e768787a7cdc46d2d1463997ab92aefa03aab387e73db0b3cb83732b73
34f1b24809b5827007e46c2cd9eb10119e84288c95648a11815aa79c751f7d87
3a30c8a974e9db7c8a45eef4f400165aa4342d3d19e79a5a4c619d9859fd5126
3ac0e7e7f71d143292b51ee698a5795bdf2531f3739570467cfad74ad81be01a
40ef5d5aa59dc40bf57b7ff7a9e4b99ac4192d7a9f925716c0ab52c3510d9849
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
4d642b1eff48603a6b1c1f7ff2d07371a227669f67fefd5d68a65901e5889422
4d87a3f559d2d431f4f6b8dac02d667c9650364b5f991bc2ae87bb2e93b66543
6276b3e0200eb309f2ea91c2d4854977d8128b63f9c819e3d6fb6902b727696a
6939ef606d5554a4a8708b4bbe7592ab33ddd1a8106de88742d06b66452b5a2d
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
7050ccc31b81e7f0e5704d4b9e4895f2e66ea86481c1e372deccecb2dd75aeb1
746f490a26ddca974cdec034a695557214a976fe227f334a1f86befb7fe43801
78dd23476d78404a1543e9fe5cb4c65e3fff30ac1e76d1f9bbdb9a85cad7439a
7a30b0f8589c1862324e856c5d1c7645d7349fbef16d5d692cfc08e9f2db9015
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841406534c2cf3fc451aa203f8f0938fcb0e9b1d2ef89f4688c91095dbb51485
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
9741697c7d4f759574f6c2ed68aecddcb938de6fad40f8ba19dd971886175e52
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
ac5172046ff614b58594834a100a9c81946f3df840c92128f43a15dbdd218636
ae6ac4eff6d8d73e9a14c1b8c8de16d53c35758d6b5efe36fa51ca2151d5df36
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6928321434474aca471e1018ff4ce8f7d8e4da002361cc048388a49f88d7f0b
c7db89daaae7fa4d4665ccddaad6a457225e3b9df1ac55860530f790f63591d4
cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
da4fd6c8ccb6ff2b84c95606bb983392c766558ef6232e9bf23027d5979618aa
da64ac0eb5c2ee111cdecddfb3fadac48915ed64492aa0b0aa37a615c1e93b59
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e08da2d7cb8f4e189c180884004f1b2c7b653e01cd9100dd6c19a7ce98903212
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4b459c2a2574effe7bac9402e6b555a9539a242f141333d527e981679b5e633
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f964f84c8d815f71b957904e0d6d604786105a303836d821be7df2de7c238560
fe46256be893f043bbb4a7434fe333c10df8c53454eacbf3636837eaaa4f8ae3

moroccwfvq.applejxsqv.site Open in urlscan Pro 104.21.3.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

58 Requests

95 %HTTPS

77 %IPv6

18 Domains

24 Subdomains

22 IPs

5 Countries

1089 kBTransfer

3590 kBSize

16 Cookies

4 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

moroccwfvq.applejxsqv.site Open in urlscan Pro
104.21.3.103 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

95 %
HTTPS

77 %
IPv6

18
Domains

24
Subdomains

22
IPs

5
Countries

1089 kB
Transfer

3590 kB
Size

16
Cookies

58 HTTP transactions
5 data transactions