clube-de-ofertas.oncartx.io Open in urlscan Pro
2606:4700::6812:1521 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cutt.ly/VOqpEh1
Effective URL:
https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-co...
Submission: On January 27 via manual (January 27th 2022, 3:13:12 am UTC) from US — Scanned from IT

Summary HTTP 261 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 32 domains to perform 261 HTTP transactions. The main IP is 2606:4700::6812:1521, located in United States and belongs to CLOUDFLARENET, US. The main domain is clube-de-ofertas.oncartx.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 12th 2021. Valid for: a year.

This is the only time clube-de-ofertas.oncartx.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:8ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2606:4700::68... 2606:4700::6812:1521	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
18	2606:4700::68... 2606:4700::6812:1421	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3032::6815:120b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:10:... 2606:4700:10::6816:707	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:303... 2606:4700:3034::ac43:897e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
59	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
6 13	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2016	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
16	2606:4700:303... 2606:4700:3037::6815:5112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	151.139.243.28 151.139.243.28	33438 (HIGHWINDS2) (HIGHWINDS2)
2	151.139.241.22 151.139.241.22	33438 (HIGHWINDS2) (HIGHWINDS2)
5	2606:4700:303... 2606:4700:3030::ac43:98ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.139.242.16 151.139.242.16	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
3	2606:4700:310... 2606:4700:3108::ac42:2bc4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
3	3.130.225.230 3.130.225.230	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2606:4700:310... 2606:4700:3108::ac42:2b9c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:310... 2606:4700:3108::ac42:28b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	68.169.106.40 68.169.106.40	30602 (ISPRIME) (ISPRIME)
2	162.247.242.18 162.247.242.18	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:310... 2606:4700:3108::ac42:291b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:310... 2606:4700:3108::ac42:283c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
261	38

1 2606:4700:10::ac43:8ee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700::6812:1521 (United States)

ASN13335 (CLOUDFLARENET, US)

clube-de-ofertas.oncartx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700::6812:1421 (United States)

ASN13335 (CLOUDFLARENET, US)

img.oncartx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3032::6815:120b (United States)

ASN13335 (CLOUDFLARENET, US)

sp.secureserver.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:707 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ev.braip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:897e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.duromax.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
duromax.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3037::6815:5112 (United States)

ASN13335 (CLOUDFLARENET, US)

duromax.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.139.243.28 (United States)

ASN33438 (HIGHWINDS2, US)

575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.241.22 (United States)

ASN33438 (HIGHWINDS2, US)

575129-1859331-1-raikfcquaxqncofqfm.stackpathdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::ac43:98ed (United States)

ASN13335 (CLOUDFLARENET, US)

www.duromax.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
duromax.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.242.16 (United States)

ASN33438 (HIGHWINDS2, US)

575129-1859047-raikfcquaxqncofqfm.stackpathdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

a.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3108::ac42:2bc4 (United States)

ASN13335 (CLOUDFLARENET, US)

app.cartstack.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.130.225.230 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-225-230.us-east-2.compute.amazonaws.com

whatsapp.cartx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b9c (United States)

ASN13335 (CLOUDFLARENET, US)

api.sunset.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3108::ac42:28b8 (United States)

ASN13335 (CLOUDFLARENET, US)

conectiva.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.169.106.40 (United States)

ASN30602 (ISPRIME, US)

syndication.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
syndication.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
syndication.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.18 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-6.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:291b (United States)

ASN13335 (CLOUDFLARENET, US)

api.performa.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:283c (United States)

ASN13335 (CLOUDFLARENET, US)

api2.cartstack.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	youtube.com www.youtube.com — Cisco Umbrella Rank: 92	4 MB
43	oncartx.io clube-de-ofertas.oncartx.io img.oncartx.io	1 MB
27	stackpathdns.com 575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com 575129-1859331-1-raikfcquaxqncofqfm.stackpathdns.com 575129-1859047-raikfcquaxqncofqfm.stackpathdns.com	465 KB
20	gstatic.com fonts.gstatic.com www.gstatic.com	248 KB
19	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 static.doubleclick.net — Cisco Umbrella Rank: 356	3 KB
18	duromax.shop 1 redirects www.duromax.shop duromax.shop	294 KB
9	conectiva.io conectiva.io — Cisco Umbrella Rank: 156886	12 KB
9	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	73 KB
7	google.com www.google.com — Cisco Umbrella Rank: 13	79 KB
7	secureserver.club sp.secureserver.club	471 KB
6	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 109	30 KB
6	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 206	11 KB
5	duromax.com.br www.duromax.com.br duromax.com.br	45 KB
4	cartstack.com.br app.cartstack.com.br — Cisco Umbrella Rank: 141506 api2.cartstack.com.br	12 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	173 KB
3	cartx.io whatsapp.cartx.io — Cisco Umbrella Rank: 841518	2 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1366 cloudflareinsights.com — Cisco Umbrella Rank: 1359	5 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 612	516 B
2	exoclick.com a.exoclick.com — Cisco Umbrella Rank: 74317 syndication.exoclick.com — Cisco Umbrella Rank: 22056	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	braip.com 1 redirects ev.braip.com — Cisco Umbrella Rank: 506560	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	6 KB
1	performa.ai api.performa.ai — Cisco Umbrella Rank: 178642	519 B
1	google.it www.google.it — Cisco Umbrella Rank: 15707	548 B
1	realsrv.com syndication.realsrv.com — Cisco Umbrella Rank: 8901	218 B
1	exdynsrv.com syndication.exdynsrv.com — Cisco Umbrella Rank: 32547	218 B
1	sunset.systems api.sunset.systems — Cisco Umbrella Rank: 175698	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 106	15 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 367	17 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9045	1 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2427	76 KB
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 63623	540 B
261	32

	Domain	Requested by
59	www.youtube.com	clube-de-ofertas.oncartx.io www.youtube.com duromax.shop
25	clube-de-ofertas.oncartx.io	clube-de-ofertas.oncartx.io
20	575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com	duromax.shop
18	img.oncartx.io	clube-de-ofertas.oncartx.io
17	duromax.shop	clube-de-ofertas.oncartx.io duromax.shop
13	googleads.g.doubleclick.net	6 redirects www.youtube.com www.googleadservices.com
12	www.gstatic.com	www.youtube.com www.gstatic.com
9	conectiva.io	app.cartstack.com.br conectiva.io
9	cdnjs.cloudflare.com	clube-de-ofertas.oncartx.io cdnjs.cloudflare.com
8	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
7	www.google.com	www.youtube.com
7	sp.secureserver.club	clube-de-ofertas.oncartx.io
6	i.ytimg.com	www.youtube.com
6	yt3.ggpht.com	www.youtube.com
6	static.doubleclick.net	www.youtube.com
5	575129-1859047-raikfcquaxqncofqfm.stackpathdns.com	duromax.shop
4	www.duromax.com.br	duromax.shop
4	www.googletagmanager.com	clube-de-ofertas.oncartx.io duromax.shop www.googletagmanager.com
3	whatsapp.cartx.io	clube-de-ofertas.oncartx.io
3	app.cartstack.com.br	duromax.shop conectiva.io
2	bam.nr-data.net	clube-de-ofertas.oncartx.io
2	cloudflareinsights.com	static.cloudflareinsights.com
2	575129-1859331-1-raikfcquaxqncofqfm.stackpathdns.com	duromax.shop
2	www.google-analytics.com	www.googletagmanager.com
2	ev.braip.com	1 redirects clube-de-ofertas.oncartx.io
2	fonts.googleapis.com	clube-de-ofertas.oncartx.io duromax.shop
1	api2.cartstack.com.br	app.cartstack.com.br
1	api.performa.ai	app.cartstack.com.br
1	www.google.it
1	syndication.realsrv.com
1	syndication.exoclick.com
1	syndication.exdynsrv.com
1	api.sunset.systems	app.cartstack.com.br
1	www.googleadservices.com	www.googletagmanager.com
1	js-agent.newrelic.com	clube-de-ofertas.oncartx.io
1	static.cloudflareinsights.com	duromax.shop
1	my.rtmark.net	duromax.shop
1	a.exoclick.com	duromax.shop
1	duromax.com.br	duromax.shop
1	stackpath.bootstrapcdn.com	clube-de-ofertas.oncartx.io
1	www.duromax.shop	1 redirects
1	cutt.ly	1 redirects
261	42

This site contains links to these domains. Also see Links.

Domain
img.oncartx.io
ev.braip.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-12` - `2022-06-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.stackpathdns.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-06`	a year	crt.sh
*.exoclick.com Go Daddy Secure Certificate Authority - G2	`2021-08-03` - `2022-09-04`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
cartstack.com.br Cloudflare Inc ECC CA-3	`2021-12-09` - `2022-12-08`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
cartx.io Amazon	`2021-09-07` - `2022-10-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.sunset.systems R3	`2022-01-22` - `2022-04-22`	3 months	crt.sh
exdynsrv.com R3	`2022-01-07` - `2022-04-07`	3 months	crt.sh
exoclick.com R3	`2022-01-07` - `2022-04-07`	3 months	crt.sh
realsrv.com R3	`2022-01-07` - `2022-04-07`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.it GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Frame ID: 5E062B172C7EF52DE4A94C315561598D
Requests: 68 HTTP requests in this frame

Frame: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Frame ID: 665F8BC2CE70CA662B49E3E8E0E91CEE
Requests: 81 HTTP requests in this frame

Frame: https://www.youtube.com/embed/lLe6EWMTsgk
Frame ID: 482BA58E8D35ED28077DC7EAF388415D
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/embed/lLe6EWMTsgk
Frame ID: B81B1789AD8384619099E5BDDA54411C
Requests: 19 HTTP requests in this frame

Frame: https://www.youtube.com/embed/MJlbfZme01Y
Frame ID: 48482F8BB70D3B2B58169BC965476427
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/VLfgebzpsmM
Frame ID: 8FB4A51AA2E9C94038549B9720680711
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/JldNClFzmSc
Frame ID: 1087011A754A6D779CCA1556C2137900
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/BmTGtdob4rc
Frame ID: 5A940D7866C3795406C0B35337683483
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/BF5jWDgcln4
Frame ID: 5278B1E5A696EE1679D1EDB2A8C78228
Requests: 18 HTTP requests in this frame

Frame: https://api.sunset.systems/services/?type=dtnl
Frame ID: B3219197EEAA397A49748224E5A01AC9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MAIS TESAO FUNCIONA? BULA? MERCADO LIVRE? RECLAME AQUI? COMPRAR? FUNCIONA MESMO? COMO TOMAR? ONDE COMPRAR? PREÇO? SITE OFICIAL? DEPOIMENTO? É BOM? ORIGINAL?

Page URL History Show full URLs

https://cutt.ly/VOqpEh1 HTTP 301
https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composic... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

261
Requests

97 %
HTTPS

76 %
IPv6

32
Domains

42
Subdomains

38
IPs

4
Countries

7943 kB
Transfer

24391 kB
Size

23
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://img.oncartx.io/unsafe/768x768/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/62/28/09/1642090882.jpg

Search URL Search Domain Scan URL

URL: https://ev.braip.com/ref?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartx

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cutt.ly/VOqpEh1 HTTP 301
https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://ev.braip.com/ref?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC HTTP 302
https://www.duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC HTTP 301
https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC

Request Chain 58

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 169

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 171

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 173

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 178

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 183

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

261 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial Show response
clube-de-ofertas.oncartx.io/products/
Redirect Chain

https://cutt.ly/VOqpEh1
https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial

232 KB
42 KB

713ms
657ms

Document
text/html

2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8a080ddbde964f16bd7d7f283f11937cfeacbb71af03f9dccd806689c1e09bf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

Date: Thu, 27 Jan 2022 03:13:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 6d3ecd91cbe65a25-MXP
Content-Encoding: br

Redirect headers

date: Thu, 27 Jan 2022 03:13:04 GMT
content-type: text/html; charset=UTF-8
location: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d3ecd905d435a43-MXP

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 60ms
22ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 548945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
timing-allow-origin: *
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVfUij%2BUlpo68IBZ9WsW5ep2N6aZaVn64UMo4XbxY%2F16Lj4fcPeguxbfci%2BxNl1azCtYgCkAi3QKotI06acinFx2ISa3fV%2B0hzdPMEMhNt3jtIE%2Bz8s2i3kASiAPSfEm0ZGd0SjDGqr9HDudUr2rneFP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d3ecd963f12375b-MXP
expires: Tue, 17 Jan 2023 03:13:05 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
1 KB 62ms
24ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10383363
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 948
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFWmwnMmlJmu9KqnUQcKvhs74D9rywxmZN7XYOwbvJRqg30XPMKMojAdh3KFI%2F4%2BPsjE3ERn3sL8seIrx8YiElzDEYSVQ5RgWp0bWSJ9IgaUdgpQGZrmn1gBI2R5q4HLdi2P%2F0ZlrqPcELraBe9eInkI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d3ecd963f11375b-MXP
expires: Tue, 17 Jan 2023 03:13:05 GMT

GET
H/1.1 200
OK store.css
clube-de-ofertas.oncartx.io/css/ 2 KB
1 KB 27ms
24ms Stylesheet
text/css 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/css/store.css
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff66508edf4bb20886cb76a48ab30c125cc6524b85af02ff4e3e1a5fb216d10f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:04 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Age: 25939
Cf-Polished: origSize=1732
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 26 Jan 2022 18:23:42 GMT
Server: cloudflare
ETag: W/"61f191ae-6c4"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css
Expires: Thu, 27 Jan 2022 03:43:04 GMT
Cache-Control: public, max-age=1800
CF-RAY: 6d3ecd960f815a25-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK theme
clube-de-ofertas.oncartx.io/themes/lift/172866/0/97684/compiled/ 139 KB
27 KB 304ms
273ms Stylesheet
text/css 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/themes/lift/172866/0/97684/compiled/theme?v=1636045580
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c171ef8afdd22cf792618cdd4f3c827d7083cb24b0ff4b04672e1302a13036e1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d3ecd963f935a25-MXP

GET
H/1.1 200
OK hover.css
clube-de-ofertas.oncartx.io/themes/lift/172866/97684/ 16 KB
2 KB 62ms
29ms Stylesheet
text/css 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/themes/lift/172866/97684/hover.css?v=1615980297
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eb3cd642dbe9d7686aa9cd99c1156c78215ed7aed17cd30aabdec44a14f2009

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Age: 26184
Cf-Polished: origSize=15979
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 26 Jan 2022 18:40:01 GMT
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Expires: Thu, 27 Jan 2022 03:43:05 GMT
Cache-Control: public, max-age=1800
CF-RAY: 6d3ecd963ba5839a-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK flags.css
clube-de-ofertas.oncartx.io/themes/lift/172866/97684/ 7 KB
1 KB 58ms
25ms Stylesheet
text/css 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/themes/lift/172866/97684/flags.css?v=1615980297
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ada66326cff7d1db7ac1f34d9ee4c38485f95c811e11bbdf74be962a80c22767

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Age: 26184
Cf-Polished: origSize=8056
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 26 Jan 2022 18:40:00 GMT
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Expires: Thu, 27 Jan 2022 03:43:05 GMT
Cache-Control: public, max-age=1800
CF-RAY: 6d3ecd96380c3763-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK typo-color
clube-de-ofertas.oncartx.io/themes/lift/172866/0/97684/compiled/ 2 KB
2 KB 252ms
217ms Stylesheet
text/css 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/themes/lift/172866/0/97684/compiled/typo-color?v=1636045581
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26ae33467341788d7d7bc74647f23c013c1f90ad2c05fa8ad8f0b1a35bd2fbd0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d3ecd963f1f83ac-MXP

GET
H/1.1 200
OK custom_css.css
clube-de-ofertas.oncartx.io/themes/lift/172866/97684/ 11 KB
4 KB 63ms
27ms Stylesheet
text/css 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/themes/lift/172866/97684/custom_css.css?v=1643100372
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8d2cc660c10e71ba60921fe734c0f307c387a8234518f2db094f6b0ffe9af23

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Age: 26183
Cf-Polished: origSize=14965
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 26 Jan 2022 18:40:01 GMT
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Expires: Thu, 27 Jan 2022 03:43:05 GMT
Cache-Control: public, max-age=1800
CF-RAY: 6d3ecd963d3d59d7-MXP
Cf-Bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 115ms
46ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G54H1ZHQN2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c4ad69b10b38106bece52a5dc27bc4796966f8680c8a4e2ef7e357f1a678a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62330
x-xss-protection: 0
expires: Thu, 27 Jan 2022 03:13:05 GMT

GET
H/1.1 200
OK lazysizes.js Show response
clube-de-ofertas.oncartx.io/themes/lift/172866/97684/ 21 KB
8 KB 27ms
25ms Script
text/javascript 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/themes/lift/172866/97684/lazysizes.js?v=1615980275
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7cc44265a9791bbf4744a6969112b7321f32e2f2adceaafa75e95ffb09ae83f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Age: 26182
Cf-Polished: origSize=21842
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 26 Jan 2022 18:40:02 GMT
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Expires: Thu, 27 Jan 2022 03:43:05 GMT
Cache-Control: public, max-age=1800
CF-RAY: 6d3ecd9819773763-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK vendor.js Show response
clube-de-ofertas.oncartx.io/themes/lift/172866/97684/ 150 KB
51 KB 88ms
27ms Script
text/javascript 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/themes/lift/172866/97684/vendor.js?v=1615980297
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65e44f0fe6ecdac261adcc8669067b57d8788f5b18d5624b756986c20270e228

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Age: 26183
Cf-Polished: origSize=154475
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 26 Jan 2022 18:40:01 GMT
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Expires: Thu, 27 Jan 2022 03:43:05 GMT
Cache-Control: public, max-age=1800
CF-RAY: 6d3ecd96682f3763-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK theme.js Show response
clube-de-ofertas.oncartx.io/themes/lift/172866/97684/ 47 KB
14 KB 90ms
28ms Script
text/javascript 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/themes/lift/172866/97684/theme.js?v=1643201155
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffc34d8e9bb51224fc3f8be6d63c00ea3fbe3b1a4e7592644d87dc09323f1743

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Age: 26183
Cf-Polished: origSize=81450
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 26 Jan 2022 18:29:53 GMT
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Expires: Thu, 27 Jan 2022 03:43:05 GMT
Cache-Control: public, max-age=1800
CF-RAY: 6d3ecd966bd5839a-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK bootstrap.min.js Show response
clube-de-ofertas.oncartx.io/themes/lift/172866/97684/ 36 KB
11 KB 91ms
27ms Script
text/javascript 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/themes/lift/172866/97684/bootstrap.min.js?v=1615980276
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 26 Jan 2022 18:29:53 GMT
Server: cloudflare
Age: 25939
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d3ecd966d8859d7-MXP
Expires: Thu, 27 Jan 2022 03:43:05 GMT

GET
H/1.1 200
OK fontawesome.css
clube-de-ofertas.oncartx.io/themes/lift/172866/97684/ 31 KB
7 KB 65ms
31ms Stylesheet
text/css 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/themes/lift/172866/97684/fontawesome.css?v=1643201155
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a43dbdc37a004691afb0776a49d63a095143aee7ee09f60102461783bfcb0b59

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Age: 26183
Cf-Polished: origSize=31305
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 26 Jan 2022 18:40:01 GMT
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Expires: Thu, 27 Jan 2022 03:43:05 GMT
Cache-Control: public, max-age=1800
CF-RAY: 6d3ecd963da63742-MXP
Cf-Bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 64 KB
5 KB 103ms
39ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e18e6f385e041085cb4ce616c1bb02d7e23dadf390e3fd3c5873e073c97db79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 01:59:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Jan 2022 03:13:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jan 2022 03:13:05 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 57ms
23ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1847706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnhoVPeShNkf9w9Ht5z9nBUSP33eUVkuk7O51EKRTogj5KgKZVr4fGYPrVjIh5k2ngpMXSCFrXSO%2Fvz8fwIEFzBGouoPO6jWiG%2F4QbyuM3htNdo49m8Xhkn%2F88iV1l%2BBeph19DPqi6rhY2xP9%2F0jccLk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d3ecd963f13375b-MXP
expires: Tue, 17 Jan 2023 03:13:05 GMT

GET
H/1.1 200
OK 97684_4376393011.png
img.oncartx.io/unsafe/300x0/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/theme_images/bc/dc/15/ 12 KB
13 KB 76ms
28ms Image
image/webp 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/300x0/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/theme_images/bc/dc/15/97684_4376393011.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae4e43b328433ac8835cfb668a71a8246356d4ea486dfd5df6cd886f7e0017d5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
CF-Cache-Status: HIT
Age: 38199
Cf-Polished: origFmt=png, origSize=14085
Content-Disposition: inline; filename="97684_4376393011.webp"
Connection: keep-alive
Content-Length: 12604
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "a1a3c91a50e84599c549625dca14a8eb9f9e764f"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd986b245a1f-MXP
Expires: Thu, 26 Jan 2023 12:26:06 GMT

GET
H/1.1 200
OK 97684_6311389607.png
img.oncartx.io/unsafe/300x0/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/theme_images/bc/dc/15/ 12 KB
13 KB 78ms
30ms Image
image/webp 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/300x0/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/theme_images/bc/dc/15/97684_6311389607.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae4e43b328433ac8835cfb668a71a8246356d4ea486dfd5df6cd886f7e0017d5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
CF-Cache-Status: HIT
Age: 39563
Cf-Polished: origFmt=png, origSize=14085
Content-Disposition: inline; filename="97684_6311389607.webp"
Connection: keep-alive
Content-Length: 12604
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "a1a3c91a50e84599c549625dca14a8eb9f9e764f"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd986ed6f91f-MXP
Expires: Thu, 26 Jan 2023 12:31:52 GMT

GET
H/1.1 200
OK email-decode.min.js Show response
clube-de-ofertas.oncartx.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 18ms
18ms Script
application/javascript 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clube-de-ofertas.oncartx.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Jan 2022 15:52:06 GMT
Server: cloudflare
ETag: W/"61e833a6-4d7"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: DENY
Content-Type: application/javascript
Cache-Control: max-age=172800, public
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d3ecd97986183ac-MXP
Vary: Accept-Encoding
Expires: Sat, 29 Jan 2022 03:13:05 GMT

GET
H/1.1 200
OK 1642090882.jpg
img.oncartx.io/unsafe/2x2/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/62/28/09/ 82 B
672 B 77ms
29ms Image
image/webp 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/2x2/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/62/28/09/1642090882.jpg
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c60fb7c0e988c823ae983572139e2c4ef816b5482a9b36cdbace3afedc27413

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
CF-Cache-Status: HIT
Age: 1271
Cf-Polished: origFmt=jpeg, origSize=546
Content-Disposition: inline; filename="1642090882.webp"
Connection: keep-alive
Content-Length: 82
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "6a1dd24715fd8b08689784722b6a22a3ad1032a8"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd986c4f5a13-MXP
Expires: Fri, 27 Jan 2023 02:51:54 GMT

GET
H/1.1 200
OK 1642090882.jpg
img.oncartx.io/unsafe/2x0/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/62/28/09/ 82 B
672 B 76ms
28ms Image
image/webp 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/2x0/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/62/28/09/1642090882.jpg
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c60fb7c0e988c823ae983572139e2c4ef816b5482a9b36cdbace3afedc27413

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
CF-Cache-Status: HIT
Age: 1271
Cf-Polished: origFmt=jpeg, origSize=546
Content-Disposition: inline; filename="1642090882.webp"
Connection: keep-alive
Content-Length: 82
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "6a1dd24715fd8b08689784722b6a22a3ad1032a8"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd986af783ae-MXP
Expires: Fri, 27 Jan 2023 02:51:54 GMT

GET
H2 200 mais-tesao.jpg
sp.secureserver.club/wp-content/uploads/ 29 KB
29 KB 94ms
43ms Image
image/jpeg 2606:4700:3032::6815:120b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.secureserver.club/wp-content/uploads/mais-tesao.jpg
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:120b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ccbd37f1e2530a06bf0000debb7d60bc656a872015c5ea8742b0d349dd3f48d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4286
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29196
last-modified: Thu, 13 Jan 2022 16:12:43 GMT
server: cloudflare
etag: "61e04f7b-720c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6237maylJHeQGVegMF2dJyAK6ipoG3nXtu6Tnq98MdbUUQ0wDCRVv5Y%2FMKVUaa3OKgX0TFOLwIRWioh0BY%2F9rXAj62NPW%2F9V4VadzjwRTCCAxUtXJ%2BSfopjT3flBioc0IzKUOWQfFsHePGSxxVf8Y1jLGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6d3ecd986b380f66-MXP

GET
H2 200 reclame-aqui.jpg
sp.secureserver.club/wp-content/uploads/ 29 KB
29 KB 46ms
23ms Image
image/jpeg 2606:4700:3032::6815:120b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.secureserver.club/wp-content/uploads/reclame-aqui.jpg
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:120b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa312ed13ce9c890045bb3a9a18de6acd53ffc6948c6cf42aa39a5ed9d07238

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 113283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29424
last-modified: Tue, 19 Jan 2021 21:48:37 GMT
server: cloudflare
etag: "600753b5-72f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66Z8exTbaLn%2BjXQ6E266v35R7t%2Fh7nPDsAnkyZejvEdADVZrQjzD%2BZRThrx7jNU5O6r5WjTEfVTt8byLPHeecXVU8sR8jaO4DaOw2vIuff8CwH72Css%2FigNj6jjbNGQ8GUcPcYUup2GvW1TBia8AzOGGzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6d3ecd986b3a0f66-MXP

GET
H2 200 duromax.png
sp.secureserver.club/wp-content/uploads/ 129 KB
130 KB 51ms
28ms Image
image/png 2606:4700:3032::6815:120b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.secureserver.club/wp-content/uploads/duromax.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:120b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ceaab2fa51d13daa642b0f8e31a987edb036fe237a016e7f6794456df9abce8

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5792
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 132351
last-modified: Tue, 02 Mar 2021 17:52:16 GMT
server: cloudflare
etag: "603e7b50-204ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=215%2FB5e%2FCWcfJA4rfRma09FP7ONmzk5n3t76m7gXhfPnG8SbUvEu59x%2FlkBRcjlYwEv3iTleBmXAZXZGRE4ZOZcSGspMjq6OZ36yW9WZoL%2F%2FCYZeDTXKap62dE7LBNn%2FQlrDlh5c43kVUfqD70f7HpvYyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6d3ecd986b3c0f66-MXP

GET
H2 200 penis.png
sp.secureserver.club/wp-content/uploads/ 18 KB
18 KB 44ms
25ms Image
image/png 2606:4700:3032::6815:120b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.secureserver.club/wp-content/uploads/penis.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:120b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e485b721c5360b601a3aaeaa6769fbc9aaa7b9d46cf730fd0e05e2765de4f94

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 113392
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18415
last-modified: Tue, 19 Jan 2021 21:19:30 GMT
server: cloudflare
etag: "60074ce2-47ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q37DwSB47P%2FHJ5i54D10NIjPPzfLNoM5USoleb8rZWPsy4G2kve9ah4dOLb5t%2FKClFNwPEjdh91VHxAS4yp1xbndjwuWRiIlHcbkmtjj1lz1ey4GOYtr4DX7Eeqx74G3%2FzfOwtOeTPbDI7CivrnUJxhIiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6d3ecd986b3b0f66-MXP

GET
H3 200 duromax-preco.png
sp.secureserver.club/wp-content/uploads/ 199 KB
199 KB 66ms
39ms Image
image/png 2606:4700:3032::6815:120b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.secureserver.club/wp-content/uploads/duromax-preco.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:120b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16c05f67482b399a7da9e1a8d91b4c26135875a75e532c582fc5380aad265b42

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 113392
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 203309
last-modified: Tue, 02 Mar 2021 18:00:55 GMT
server: cloudflare
etag: "603e7d57-31a2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xbZOzsp25pSV%2BvQ12P8y5jytkxDLeLotgUJA%2Fs%2By1i5QOwUxKyJjhaGWI0Iy3a2eEznBEWOBS8dyTLEMgLHfTfLbbrQXoyvoO0U59e176tzZJy1bZTIWYS0OEQCSJ44l9kCJ%2FG50QqfiXefJHzgtefi%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6d3ecd98ce2d0dfe-MXP

GET
H3 200 maca-peruana.jpg
sp.secureserver.club/wp-content/uploads/ 35 KB
36 KB 51ms
24ms Image
image/jpeg 2606:4700:3032::6815:120b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.secureserver.club/wp-content/uploads/maca-peruana.jpg
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:120b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51368d0cdc85d5ac6d495ab181bd8f5784ca897ae4ca363461bd080452d3b1bd

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 113392
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35833
last-modified: Tue, 19 Jan 2021 21:49:17 GMT
server: cloudflare
etag: "600753dd-8bf9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96Hl8Zk5WXlwBMLJzAaN%2B7T3bEsk%2BNgoy6ptdmxSPEE8E3kBc0h7C24RY373%2BmJnMMiRBrH%2FhNDPs7vZiYfeOeeH6eJgWOiQDH6wkF%2B%2BAQqkAsMI2cx8ya7WwNLm3sjjEbAak62t49UfapjpzeOx31XMLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6d3ecd98ce310dfe-MXP

GET
H3 200 compre-agora.jpg
sp.secureserver.club/wp-content/uploads/ 30 KB
30 KB 127ms
99ms Image
image/jpeg 2606:4700:3032::6815:120b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.secureserver.club/wp-content/uploads/compre-agora.jpg
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:120b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7701bdc06c656fc4f7d0983ed9373fda947df16280cadea34bbdf6afab3e460e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 507648
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30484
last-modified: Tue, 19 Jan 2021 21:18:47 GMT
server: cloudflare
etag: "60074cb7-7714"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChVfc4FG%2BHkVgEnKjWYLlMHcn8SYbBDPAfo%2B%2BY7Wp51V6sHs6Z3auK9PfdwuHeR3t1XaHFOt4w1ptKoJVTJhr7hb8%2F1jkmhXz%2Fxcj%2BR6a62ubXRVAXCeeTDafnaeOASc1w7F4zeaUJikeJTGiycp9wCItQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6d3ecd98ce320dfe-MXP

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 2 KB
996 B 21ms
20ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 545719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 657
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2imnmtCO8FsWqiZHFX8U6CbFYoE4zQGEerHoy2gOO51qdD%2FdhQLsy86mhYdO0FU2V5k4WdYHjLPw3etR4DBiEIjXZ0cmZAnNzxGN8RB42qIqHGZFs4lTWF7VPgIfRUMSLrGvbzirjdpLIF5hBvA3xA4"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d3ecd97b81b375b-MXP
expires: Tue, 17 Jan 2023 03:13:05 GMT

GET
H3 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 1 KB
1 KB 30ms
29ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1847282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 394
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jtspxXT1H7AHAWL%2FZl7fL9iES%2BtEwo1i4fFZ8TEoxXkw0GU29p5rY3cO%2Bpx%2BLOxHIBBqtEyRCvTCc69%2BEvm0pnrNJZ6V6kyPqTbC1nfmd3DF6evxjwQ%2FVoW2y6JRtydHBh5FdlXncEYefto3B8%2Fzeg%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d3ecd97d9c883be-MXP
expires: Tue, 17 Jan 2023 03:13:05 GMT

GET
H3 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 42 KB
10 KB 22ms
21ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 542081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9283
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-a76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ir%2Bs2w1VBIMInB6ptENr%2F5VJdxLeHvELzJqiPSNVgUHSjcrY4W10fdoIEPmi3X%2FzU2StOABvZzUR2l0Ai9faZlpD81MXCpdrWx1n6IjO%2BF7%2Fxf3%2BBknBzZriyyjXNGabtCo0MnA1dVx641dSG%2Bh0BFAx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d3ecd97f9dc83be-MXP
expires: Tue, 17 Jan 2023 03:13:05 GMT

GET
H3 200 handlebars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.7.6/ 78 KB
20 KB 21ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.7.6/handlebars.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bac4ea004d72c2f74cb64b16cdd796cc3ef932c7c937487453bcb636d64bdcdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4182173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19915
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-13981"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPxi40oyjjGFXW9scJ6ccxnOx1DgbiD3W%2BfKJiYsspWcKuH2Xl2o9Rbn%2F8TLRDuZxAU25swn48oHRczNqwxSf5NtalPrn6ZUFrGYS%2B4UxIG6va5iXW4qwvT8LdvPx7UR6ZAhIFyhtuKLDJ5NTvRff2qe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d3ecd9819f083be-MXP
expires: Tue, 17 Jan 2023 03:13:05 GMT

GET
H/1.1 200
OK product-reviews.js Show response
clube-de-ofertas.oncartx.io//js/ 222 KB
69 KB 35ms
32ms Script
application/javascript 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io//js/product-reviews.js?id=fc834a6a47f33e36b2ba
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 691296a0dee4b1ff7c2f37cdd3dd12771c94fbad3536e58326a023b96730103c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Age: 26182
Cf-Polished: origSize=227871
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 26 Jan 2022 18:23:42 GMT
Server: cloudflare
ETag: W/"61f191ae-37a1f"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: application/javascript
Expires: Thu, 27 Jan 2022 03:43:05 GMT
Cache-Control: public, max-age=1800
CF-RAY: 6d3ecd98af6959d7-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK bundles.js Show response
clube-de-ofertas.oncartx.io/js/ 161 KB
52 KB 33ms
31ms Script
application/javascript 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/js/bundles.js?id=0299eae7baeef675c9b8
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c56d1f4454743af32d92cc2d4386b3e451ab3b60795b7c52e65267487b3cae6f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Age: 26182
Cf-Polished: origSize=164721
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 26 Jan 2022 13:17:28 GMT
Server: cloudflare
ETag: W/"61f149e8-28371"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: application/javascript
Expires: Thu, 27 Jan 2022 03:43:05 GMT
Cache-Control: public, max-age=1800
CF-RAY: 6d3ecd98a9e33763-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK timer_all
clube-de-ofertas.oncartx.io/themes/lift/172866/0/97684/compiled/ 3 KB
2 KB 209ms
207ms Stylesheet
text/css 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/themes/lift/172866/0/97684/compiled/timer_all?v=1636045581
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 407fdca9fbe6817935f63f94522f321ad7880f0b4a45b667ea479fea7fad2ed8

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d3ecd9819325a25-MXP

GET
H/1.1 200
OK timer_new
clube-de-ofertas.oncartx.io/themes/lift/172866/0/97684/compiled/ 2 KB
2 KB 382ms
380ms Stylesheet
text/css 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/themes/lift/172866/0/97684/compiled/timer_new?v=1636045581
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29d429b11e0a88cb106e347660de63e48e53da83ee50b094e2df0f71d1b8c06c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d3ecd9818c783ac-MXP

GET
H/1.1 200
OK vue.js Show response
clube-de-ofertas.oncartx.io/js/ 92 KB
35 KB 29ms
27ms Script
application/javascript 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/js/vue.js
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9c0fea47de9505a59e851f52fa8750c2004421c48fe93327a7647c55a0e3a94

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Age: 26183
Cf-Polished: origSize=94714
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 26 Jan 2022 18:23:43 GMT
Server: cloudflare
ETag: W/"61f191af-171fa"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: application/javascript
Expires: Thu, 27 Jan 2022 03:43:05 GMT
Cache-Control: public, max-age=1800
CF-RAY: 6d3ecd981f1659d7-MXP
Cf-Bgj: minify

GET
H2

200

/ Show response
duromax.shop/ Frame 665F
Redirect Chain

https://ev.braip.com/ref?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
https://www.duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC

34 KB
10 KB

33ms
23ms

Document
text/html

2606:4700:3034::ac43:897e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:897e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74db6029d3cbf5832b4bc3aba0b4137d58680798da00380dc1ff47dee64ccca8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-type: text/html
last-modified: Tue, 11 Jan 2022 12:40:00 GMT
vary: Accept-Encoding
age: 1025
x-cache: HIT
access-control-allow-origin: *
cache-control: max-age=31536000
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhsdM%2BliXl7qlYjB0z8llZ%2ByIbNnbNfghJBWSrLV8AV9z9gpwH7B%2FDiipBvTr0%2Fh2t1v8YKL%2BZI%2BSLK2tFY7R2WgB5uHC4hKqXeDP6bOohPIXSkG9hva6Ojoo3eqLjDn1QU117HwdL2ye3w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d3ecd9ecfd03758-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-type: text/html; charset=iso-8859-1
location: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
age: 1270
x-cache: HIT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSfdJbqF9ozCWXZO5utMUCw02o6tRGDnBCwwvg4fzpEQFyRqG4YXz50ehI%2FuVMu1HMDN8zapdDS%2Bqv3BtptGddlouIg8xP51Z61Ob2eIqxp%2Fuf4If4SEBefFGvpryq2w8aZxqbKaKIaHgeFRRbSh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d3ecd9c3e613758-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 lLe6EWMTsgk Show response
www.youtube.com/embed/ Frame 482B 59 KB
25 KB 132ms
68ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/lLe6EWMTsgk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7866ca96ad8999db21d21bb52ead372d81a1582fd58a2c11db73e953673ea535

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Jan 2022 03:13:05 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=it for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 77ms
32ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/themes/lift/172866/97684/fontawesome.css?v=1643201155

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://clube-de-ofertas.oncartx.io/
Origin: https://clube-de-ofertas.oncartx.io
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
age: 184928
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0ca5781977c90a25bd8fe30c8e6ef7d2
accept-ranges: bytes
cf-ray: 6d3ecd98b99f0f6a-MXP
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/8ad9c87a/ Frame 482B 340 KB
47 KB 67ms
31ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lLe6EWMTsgk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e623fb78cdfb931ce91f7d2b52fd78f3051ddfcc12ff164dc42e766cd51d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/lLe6EWMTsgk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47680
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:57:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 482B 15 KB
16 KB 93ms
26ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lLe6EWMTsgk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 143700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 11:18:05 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
355 B 93ms
33ms Ping
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-G54H1ZHQN2&gtm=2oe1o0&_p=1282553500&sr=1600x1200&ul=en-us&cid=793220352.1643253185&_s=1&dl=https%3A%2F%2Fclube-de-ofertas.oncartx.io%2Fproducts%2Fmais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial&dt=MAIS%20TESAO%20FUNCIONA%3F%20BULA%3F%20MERCADO%20LIVRE%3F%20RECLAME%20AQUI%3F%20COMPRAR%3F%20FUNCIONA%20MESMO%3F%20COMO%20TOMAR%3F%20ONDE%20COMPRAR%3F%20PRE%C3%87O%3F%20SITE%20OFICIAL%3F%20DEPOIMENTO%3F%20%C3%89%20BOM%3F%20ORIGINAL%3F&sid=1643253185&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G54H1ZHQN2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://clube-de-ofertas.oncartx.io/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 03:13:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://clube-de-ofertas.oncartx.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/ Frame 482B 273 KB
84 KB 47ms
28ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lLe6EWMTsgk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a176d2ab86d91e432adc0595471aca20c1a859478d8309c3a89800f404745a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/lLe6EWMTsgk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85792
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:56:23 GMT

GET
H3 200 base.js
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 482B 2 MB
0 80ms
61ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lLe6EWMTsgk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/lLe6EWMTsgk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 548596
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:15:29 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8ad9c87a/fetch-polyfill.vflset/ Frame 482B 8 KB
3 KB 78ms
59ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lLe6EWMTsgk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/lLe6EWMTsgk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:56:23 GMT

GET
H/1.1 200
OK 97684_4376393011.png
img.oncartx.io/unsafe/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/theme_images/bc/dc/15/ 3 KB
4 KB 27ms
27ms Image
image/webp 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/theme_images/bc/dc/15/97684_4376393011.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b43f1d34199c8e27a507bb0b09437bacd625b615ec07d35d34d5072385b2322e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
CF-Cache-Status: HIT
Age: 39560
Cf-Polished: origFmt=png, origSize=4067
Content-Disposition: inline; filename="97684_4376393011.webp"
Connection: keep-alive
Content-Length: 3310
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "17f650e8ba77741daa196e34b552dbfd0b812af3"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd998f2cf91f-MXP
Expires: Thu, 26 Jan 2023 12:26:11 GMT

GET
H/1.1 200
OK new_theme.js Show response
clube-de-ofertas.oncartx.io/themes/lift/172866/97684/ 17 KB
7 KB 27ms
25ms Script
text/javascript 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/themes/lift/172866/97684/new_theme.js?v=1643201155
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214ac07c17db30fb54ba7e8d453445e6834d5322f56ee7c8baf9fba8cb6673e0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Age: 25937
Cf-Polished: origSize=27914
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 26 Jan 2022 18:30:27 GMT
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Expires: Thu, 27 Jan 2022 03:43:05 GMT
Cache-Control: public, max-age=1800
CF-RAY: 6d3ecd9a8a9b83ac-MXP
Cf-Bgj: minify

GET
H/1.1 200
OK bundles Show response
clube-de-ofertas.oncartx.io/ 128 B
1 KB 203ms
203ms XHR
application/json 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/bundles
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94f788c035274448e16e2e5648c2f0f28711362d5f43679bd3473b10abd14cc7

Request headers

X-NewRelic-ID: VwUAVF9WARABUFBWAQkBX10A
X-XSRF-TOKEN: eyJpdiI6IjN1SSswSGZcL29cL2s5NGNBYnpHNVJlQT09IiwidmFsdWUiOiJiUE9FbnlxZWYzcGNoZ3pPR3pHdVgramNjXC9ESFg0SVVaZnI3bTluamI1S1pcL1dtclB3anZ5TGlWVGRCZHFmUEVHQkFOcHFQWU9WdmR4SWR6Um5rdXp0XC9nM2tkdVBMQ2xqZkhRNE85cmlqRjN3dEFGelJVRlRcL2IzYTZNQXJ2WWEiLCJtYWMiOiJlNzk4YWFmMWQ0ZDJjMDlkZDU1NDkxMGE4ZDllNDE2MWM4ZTUyYWE3MWMyNmI3NzJjMzQ3Y2JiOWE3ZDU5ZDM4In0=
tracestate: 3375959@nr=0-1-3375959-1588620747-8bf6c73daee3a868----1643253185743
traceparent: 00-cb236c87384afdaf7a7b867dcbf5a080-8bf6c73daee3a868-01
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNzU5NTkiLCJhcCI6IjE1ODg2MjA3NDciLCJpZCI6IjhiZjZjNzNkYWVlM2E4NjgiLCJ0ciI6ImNiMjM2Yzg3Mzg0YWZkYWY3YTdiODY3ZGNiZjVhMDgwIiwidGkiOjE2NDMyNTMxODU3NDN9fQ==
Accept: application/json, text/plain, */*
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
X-Requested-With: XMLHttpRequest

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQEUlFWAQYJR1BWBgUBXlIIDwJASkE1VQBsEFlWR1NQEVAOXz0cIwdCXg4IPxdRRQoFDlJCFUpUHwYDUlZTTgBMCFENAAIeHlQVQ1UCAwMABAcAAlNbBVRWBVMVHVEHCEJTbg==
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d3ecd9afb0983ac-MXP

GET lLe6EWMTsgk
www.youtube.com/embed/ Frame B81B 0
0

GET
H3 200 lLe6EWMTsgk Show response
www.youtube.com/embed/ Frame B81B 59 KB
24 KB 71ms
70ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/lLe6EWMTsgk

Requested by

Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/themes/lift/172866/97684/theme.js?v=1643201155

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0856a4c53f704e22f9a4b5ceefa48e298cc5c767ae2128ad894d1c6c03f45dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Jan 2022 03:13:05 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK product-widget Show response
clube-de-ofertas.oncartx.io/ 404 KB
36 KB 443ms
443ms XHR
application/json 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/product-widget
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cba653fd5029baf05d1e9dee70d7dba6805b473ac923414f891eff4075f9e65b

Request headers

X-NewRelic-ID: VwUAVF9WARABUFBWAQkBX10A
tracestate: 3375959@nr=0-1-3375959-1588620747-3e86f6cba97f483b----1643253185758
traceparent: 00-c2d2eac8856dae4448c3cf83454ee5b0-3e86f6cba97f483b-01
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNzU5NTkiLCJhcCI6IjE1ODg2MjA3NDciLCJpZCI6IjNlODZmNmNiYTk3ZjQ4M2IiLCJ0ciI6ImMyZDJlYWM4ODU2ZGFlNDQ0OGMzY2Y4MzQ1NGVlNWIwIiwidGkiOjE2NDMyNTMxODU3NTh9fQ==
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
X-CSRF-TOKEN: UpiKp88hgwP66aY4FBmorqx4UhaNdORu4E8BIGM4
X-Requested-With: XMLHttpRequest

Response headers

Date: Thu, 27 Jan 2022 03:13:06 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQEUlFWAQYJR1BWBgUBXlIIDwJASkE1VQBsEFlWR1NQEVAOXz0cIwdCXg4IPxdyQBQ9Pn9FQxY4bXVcDBIRDVwOXRBLZGhmWwBUBHIOXRYWWVsNAxF4Q0ILBRdURWAPAFZTRxFET1IeUghSCAgYAh1XAVACWB9PVRoVAwdWCQNUUwJTVAUEVlYAUhFOAAIOQwdl
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d3ecd9b0b0f5a25-MXP

GET
H/1.1 200
OK 1642090882.jpg
img.oncartx.io/unsafe/795x0/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/62/28/09/ 52 KB
53 KB 28ms
28ms Image
image/jpeg 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/795x0/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/62/28/09/1642090882.jpg
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd8c36d3d4ee1a67fd4e49b90daadb08ab50379d2d67db887f57acef18dc21ea

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:05 GMT
CF-Cache-Status: HIT
Age: 1026
Cf-Polished: origSize=54945, status=webp_bigger
Connection: keep-alive
Content-Length: 53415
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "41d07ec47ad483b24330374b0a68d232a6645172"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd9b5fa1f91f-MXP
Expires: Fri, 27 Jan 2023 02:51:55 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/8ad9c87a/ Frame B81B 340 KB
47 KB 28ms
28ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lLe6EWMTsgk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e623fb78cdfb931ce91f7d2b52fd78f3051ddfcc12ff164dc42e766cd51d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/lLe6EWMTsgk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47680
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:57:04 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/ Frame B81B 273 KB
84 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lLe6EWMTsgk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a176d2ab86d91e432adc0595471aca20c1a859478d8309c3a89800f404745a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/lLe6EWMTsgk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85792
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:56:23 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame B81B 2 MB
536 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lLe6EWMTsgk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39ae5a8c8feed7a9dbfdbcc274426a0bb42f8e8da8a0be001e40b3ab08482b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/lLe6EWMTsgk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 548596
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:15:29 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8ad9c87a/fetch-polyfill.vflset/ Frame B81B 8 KB
3 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lLe6EWMTsgk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/lLe6EWMTsgk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:56:23 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B81B 15 KB
15 KB 65ms
31ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lLe6EWMTsgk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 143700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 11:18:05 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame B81B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

68ms
34ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lLe6EWMTsgk

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b6763e08ad49264662a46ee9ed3e092680bfc6637ed00ced7c57d5afe597f93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 27 Jan 2022 03:13:06 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame B81B 29 B
588 B 106ms
36ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 02:59:18 GMT
x-content-type-options: nosniff
age: 828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 03:14:18 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame B81B 97 KB
30 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81987799f1e92422e0fe8a3660ec3a969ed909b94534f179fdbf25c6d8ecacb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/lLe6EWMTsgk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30773
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:15:31 GMT

GET
H2 200 -Ya2YEo9PblBmMeNLDkBYCqlLQoOYv1OX5Ts4H9sg2E.js Show response
www.google.com/js/th/ Frame B81B 35 KB
14 KB 94ms
26ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/-Ya2YEo9PblBmMeNLDkBYCqlLQoOYv1OX5Ts4H9sg2E.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f986b6604a3d3db94198c78d2c3901602aa52d0a0e62fd4e5f94ece07f6c8361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:24:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13317
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Jan 2023 17:24:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame B81B 26 KB
7 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb84b54891f98d44a666bcbd9371dbe83974f258b72014121d953504145eb56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/lLe6EWMTsgk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7609
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:26:37 GMT

GET
DATA 200
OK truncated
/ Frame B81B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 whLiPpSBxK_H-p1TjBuP5DUMXSdrC7p1xIuqN_MMMUxp6F10VA_ZE-742pkMtfCwDZnoAYtlCkg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame B81B 2 KB
2 KB 102ms
32ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/whLiPpSBxK_H-p1TjBuP5DUMXSdrC7p1xIuqN_MMMUxp6F10VA_ZE-742pkMtfCwDZnoAYtlCkg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lLe6EWMTsgk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5399190819c5fe50c886ff8beabd007571bde43316a9dc5b74427a93d96786c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:33:54 GMT
x-content-type-options: nosniff
age: 5952
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1740
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jan 2022 19:36:25 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/lLe6EWMTsgk/ Frame B81B 20 KB
21 KB 87ms
27ms Image
image/webp 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/lLe6EWMTsgk/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lLe6EWMTsgk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0778a1fa944a4ea29538cd2496a00f91a5aece92ef4e0d5c6df77e1ce9a1a5c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:43:42 GMT
x-content-type-options: nosniff
age: 5364
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20732
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Jan 2022 03:43:42 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame B81B 4 KB
3 KB 102ms
40ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 03:13:06 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame B81B 0
9 B 29ms
28ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?qv22kw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/lLe6EWMTsgk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/lLe6EWMTsgk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame B81B 48 KB
14 KB 59ms
25ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Thu, 27 Jan 2022 18:11:50 GMT

GET
H3 200 slick.woff
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/fonts/ 1 KB
2 KB 41ms
22ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/fonts/slick.woff

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f89651cc1b698bbc1e3227d085feec82dcabaaecb320930941499cc93c119c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css
Origin: https://clube-de-ofertas.oncartx.io
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1849211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1285
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-564"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gO99uyXeQ2g61ySU6D2tQhYn022FmlFEqZR5jPGJIp3SokgpbcWgL%2B8YiknJPAIKPQaAv7IH00zpacYnuBOMNJMnxHnx8sF6hKpppu%2FYhAClAYVTMeevZwNEEVRvDJGuIFmAlVBaZ2x3WlSxy0ePD7i3"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d3ecd9e3c58e8fb-MXP
expires: Tue, 17 Jan 2023 03:13:06 GMT

GET
H3 200 ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 4 KB
4 KB 21ms
20ms Image
image/gif 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ajax-loader.gif

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4755239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3208
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-1052"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fN%2FHU8R0SkYBIUg0rqaGv1DihDQJgD1rqQKPLF7iAA4OfCg%2BXCgMfzjIRP0SvtpdxLW6HeVgNMCeGB4%2B9VGRAss1JkkqOVZrvK98A8h2TlXLZCpxuQmk7WgNX8ZiuGhtM1fnC9NiJWnLsxzsLV9qoJ3Y"}],"group":"cf-nel","max_age":604800}
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d3ecd9e1e9683be-MXP
expires: Tue, 17 Jan 2023 03:13:06 GMT

GET
H/1.1 200
OK 1631896327.png
img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/c6/d2/88/ 65 KB
65 KB 32ms
30ms Image
image/webp 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/c6/d2/88/1631896327.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab5b37ee027f7efe79b559dec441d03dba9d90d51a0576d8ff0718d005f87686

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:06 GMT
CF-Cache-Status: HIT
Age: 39562
Cf-Polished: origFmt=png, origSize=75477
Content-Disposition: inline; filename="1631896327.webp"
Connection: keep-alive
Content-Length: 66422
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "e6fbc8b0f5460745f7e4f8b7665877aa7780a7f3"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd9e385af91f-MXP
Expires: Thu, 26 Jan 2023 12:25:19 GMT

GET
H/1.1 200
OK 1632145244.png
img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/ce/9e/3f/ 44 KB
45 KB 28ms
25ms Image
image/webp 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/ce/9e/3f/1632145244.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0087494def2aac8e6fc1febe2ccb47e8f7a336a0926ef64e1db9394934ae735e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:06 GMT
CF-Cache-Status: HIT
Age: 40569
Cf-Polished: origFmt=png, origSize=54294
Content-Security-Policy-Report-Only: script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=x6z2PoQh2PgIfCi3I_aIiw7eIj69GMJiFA_XGOPFThk-1643253186-0-AbMxSJP31t0TWBJvjdV92uRBmZ0R5C8GUatshddWX2KRu-YzbzElFdKpT1eBZrE40Lgk-ZRHM7oVzQ37_-U8zD4
Content-Disposition: inline; filename="1632145244.webp"
Connection: keep-alive
Content-Length: 44840
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "e2ac32589840bacc53a9bf64abc77c80aa422e44"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd9e385f5a1f-MXP
Expires: Thu, 26 Jan 2023 12:25:19 GMT

GET
H/1.1 200
OK 1632153139.jpg
img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/0e/a7/8d/ 72 KB
72 KB 36ms
33ms Image
image/jpeg 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/0e/a7/8d/1632153139.jpg
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e870bf90d6a11b459366c0c7e57d29bf47c643ea9688f60bc4153e3876492029

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:06 GMT
CF-Cache-Status: HIT
Age: 40569
Cf-Polished: origSize=73796, status=webp_bigger
Connection: keep-alive
Content-Length: 73404
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "3e3392c1afdcf6176edc67bf1f3c22fd000f32e4"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd9e3af35a13-MXP
Expires: Thu, 26 Jan 2023 12:26:10 GMT

GET
H/1.1 200
OK 1632153867.png
img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/c6/ea/02/ 82 KB
83 KB 33ms
31ms Image
image/webp 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/c6/ea/02/1632153867.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7004e528998e3f1efa262a080c13c094e3bf63a554f0632d6bfce16ece12814b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:06 GMT
CF-Cache-Status: HIT
Age: 39562
Cf-Polished: origFmt=png, origSize=98333
Content-Disposition: inline; filename="1632153867.webp"
Connection: keep-alive
Content-Length: 84462
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "333d72c6eac0b145189143fc8c15da799e597f90"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd9e3a5583ae-MXP
Expires: Thu, 26 Jan 2023 12:26:06 GMT

GET
H/1.1 200
OK 1632156683.png
img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/fe/9f/4d/ 103 KB
104 KB 54ms
25ms Image
image/webp 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/fe/9f/4d/1632156683.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c06dc5b8c56ba5c2083b0c4d1c4f8ccb31c171fb8781f00b94be7caa537b24df

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:06 GMT
CF-Cache-Status: HIT
Age: 39562
Cf-Polished: origFmt=png, origSize=122112
Content-Disposition: inline; filename="1632156683.webp"
Connection: keep-alive
Content-Length: 105430
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "044acb463cb989f723dec4322e342d1a8434c9e5"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd9e68895a1f-MXP
Expires: Thu, 26 Jan 2023 12:26:10 GMT

GET
H/1.1 200
OK 1632156997.png
img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/b7/ec/27/ 54 KB
55 KB 61ms
28ms Image
image/webp 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/b7/ec/27/1632156997.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37f6c70d2b54c1d8dcd2fb525899733619619a803542962923a6f44d7a4bdb8f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:06 GMT
CF-Cache-Status: HIT
Age: 38198
Cf-Polished: origFmt=png, origSize=64743
Content-Disposition: inline; filename="1632156997.webp"
Connection: keep-alive
Content-Length: 55642
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "29e9d216c278c7f78c3ad71bd6c72efee905be68"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd9e6863f91f-MXP
Expires: Thu, 26 Jan 2023 12:26:06 GMT

GET
H/1.1 200
OK 1632157425.png
img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/31/be/5a/ 32 KB
32 KB 38ms
28ms Image
image/webp 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/31/be/5a/1632157425.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13b0e3cbe4df410881889c98f66b1e9f942ad225dd30a25587be833c2fd9ad55

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:06 GMT
CF-Cache-Status: HIT
Age: 40569
Cf-Polished: origFmt=png, origSize=39814
Content-Disposition: inline; filename="1632157425.webp"
Connection: keep-alive
Content-Length: 32344
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "c9b23e73f52057cc4ed1db8f87adcc69e2820e9b"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd9e7d2f59fb-MXP
Expires: Thu, 26 Jan 2023 12:26:10 GMT

GET
H/1.1 200
OK 1632158282.png
img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/e1/19/1d/ 73 KB
73 KB 30ms
25ms Image
image/webp 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/e1/19/1d/1632158282.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aa84bfe47809a0b878b781615da482521b87433f4eb87f1ef79d618454543d5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:06 GMT
CF-Cache-Status: HIT
Age: 40569
Cf-Polished: origFmt=png, origSize=85311
Content-Disposition: inline; filename="1632158282.webp"
Connection: keep-alive
Content-Length: 74534
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "cb9f13436ab2b9e6d3ae9afb1a4670b0e0c9f51b"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd9e7a5783a6-MXP
Expires: Thu, 26 Jan 2023 12:26:10 GMT

GET
H/1.1 200
OK 1632159105.png
img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/43/07/3f/ 72 KB
72 KB 26ms
26ms Image
image/webp 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/43/07/3f/1632159105.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bf595037606a2e03ad7daa4d377ef21da5fb47c24ed563fa69febf563f435f3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:06 GMT
CF-Cache-Status: HIT
Age: 40569
Cf-Polished: origFmt=png, origSize=83684
Content-Disposition: inline; filename="1632159105.webp"
Connection: keep-alive
Content-Length: 73292
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "2af10396dcfc1562dd71c2800a1e0a0f0974b5ce"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd9e8aaf83ae-MXP
Expires: Thu, 26 Jan 2023 12:26:10 GMT

GET
H/1.1 200
OK 1632159537.png
img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/d3/ed/a5/ 66 KB
67 KB 27ms
27ms Image
image/webp 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/d3/ed/a5/1632159537.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b465965cad0b185ac8c96b81be511c9a5ee2ee408e1047821b03cde1980aee83

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:06 GMT
CF-Cache-Status: HIT
Age: 40569
Cf-Polished: origFmt=png, origSize=79558
Content-Security-Policy-Report-Only: script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=s8q71v.Y3Ji6BhB8.xEtpLVcKZfDte85k04Iz5ocoHs-1643253186-0-AfwdSmiYDZaxnuOk16AVqXAVBAtOC4IW3d9Lpf56aBqzOW32hWINjKTQ8nbgEU7z-h1ADImjp3_PhzvECaDJGqg
Content-Disposition: inline; filename="1632159537.webp"
Connection: keep-alive
Content-Length: 68002
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "5634431d2182810c8b26aab1dc3a345b15bf848f"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd9e8b465a13-MXP
Expires: Thu, 26 Jan 2023 12:26:11 GMT

GET
H/1.1 200
OK 1632161025.png
img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/79/93/96/ 102 KB
103 KB 31ms
30ms Image
image/webp 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/79/93/96/1632161025.png
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b72fddbda81ed2e4a2ff9d32a5ac93cbe3be2de943e83c52fea3567c5aff16bf

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:06 GMT
CF-Cache-Status: HIT
Age: 39562
Cf-Polished: origFmt=png, origSize=121977
Content-Disposition: inline; filename="1632161025.webp"
Connection: keep-alive
Content-Length: 104446
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "116ea1720105dc3d7266c6313d8a0185b7f0402e"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd9e986ef91f-MXP
Expires: Thu, 26 Jan 2023 12:26:11 GMT

GET
H/1.1 200
OK 1632161266.jpg
img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/61/ce/33/ 74 KB
75 KB 25ms
25ms Image
image/jpeg 2606:4700::6812:1421
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oncartx.io/unsafe/600x600/https://s3-cartx-ecom-images-prd.s3.us-east-2.amazonaws.com/static/products_images/61/ce/33/1632161266.jpg
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1421 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c35f524e84838fcce861ae0876ba564cd7cf0f5c292c844d414a1a8275e8cbc2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:06 GMT
CF-Cache-Status: HIT
Age: 40569
Cf-Polished: origSize=76585, status=webp_bigger
Connection: keep-alive
Content-Length: 76097
Cf-Bgj: imgq:100,h2pri
Server: cloudflare
Etag: "df715657f679e9d58e4aba85e2fd7b8b14378bd8"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 6d3ecd9ead5b59fb-MXP
Expires: Thu, 26 Jan 2023 12:26:11 GMT

GET
H3 200 font-awesome.min.css
duromax.shop/css/ Frame 665F 30 KB
7 KB 59ms
36ms Stylesheet
text/css 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://duromax.shop/css/font-awesome.min.css
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d020700e9188cbf2b3392d8eb7f430b8e32ff00afdb7a538928eebfedcdea32e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125702
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 02 Apr 2021 23:48:02 GMT
server: cloudflare
etag: W/"6067ad32-7905"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReqGBlS8BcgcpZ%2BYY9RVYKc8EL%2F55Fb5m9EupQgn8NQV0bE2GhF4ynTuHL9c1kauZc0jiHyPLbw5kMfVZYAz4PFV9iS6zabCoDtIRUF0fgp8gT0SV0nUlIjPumhCzfeWBmTrw%2BEfN6cUUuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6d3ecd9f2cc6d610-MXP

GET
H3 200 bootstrap.min.css
duromax.shop/css/ Frame 665F 118 KB
21 KB 61ms
38ms Stylesheet
text/css 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://duromax.shop/css/bootstrap.min.css
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21c49a55ef810425d925b65275cd5fe91c3e2a90bb26e9184480f2ab9783bf5d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125702
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 02 Apr 2021 23:47:17 GMT
server: cloudflare
etag: W/"6067ad05-1d982"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqWMzUhWP5CKFERoCVWtlHJR%2F4RFInk7DcMUVC8HpwQFCNMcuFHsb2BHdfYCqwhCw%2F4H9dd3crHbdk1otTQ6aR80rZzOsYDhOZ8zgNcJ%2BsU7APBmsmVf7Aw6Hq0OB%2Bw0XzucPEKG8zzjYpU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6d3ecd9f2cc5d610-MXP

GET
H3 200 css
fonts.googleapis.com/ Frame 665F 14 KB
719 B 78ms
42ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:100,200,300,400,500,600,700,800,900

Requested by

Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

415a956d0d84f7f02e10233bcf0ba9ab058d547f20dc8825f8b649c96e1b699e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 02:14:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 27 Jan 2022 03:13:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jan 2022 03:13:06 GMT

GET
H3 200 style.css
duromax.shop/css/ Frame 665F 28 KB
6 KB 73ms
51ms Stylesheet
text/css 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://duromax.shop/css/style.css
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57b8db2a351da01bccb77b307d28375c7b0b11cc991a267f9e191b9130857593

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125702
cf-polished: origSize=29089
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 02 Apr 2021 23:50:21 GMT
server: cloudflare
etag: W/"6067adbd-71a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qi0aHPOjbdMToYy%2BwEOwHqfI6teT25A6u8YPth%2FK5z2VZJ6rRPWEgUf5pngAQhsAiHZFhT4pZ2fdXswEUHkdeAaWI%2BlAnnX2jNTvWbiccmojtG6fyB583aco2sSJDteVMCvi42M%2Big1cUQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6d3ecd9f2cc2d610-MXP
cf-bgj: minify

GET
H3 200 logo.webp
duromax.shop/img/ Frame 665F 3 KB
4 KB 42ms
22ms Image
image/webp 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duromax.shop/img/logo.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90352e5c4fe7c644050f2f288a34134419c5c4ac286624da4f771e9c0a833748

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125702
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3554
last-modified: Thu, 29 Apr 2021 15:00:16 GMT
server: cloudflare
etag: "608aca00-de2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rdp4sD7P4bCqFRsBLExG9a4SVUHenOUfono4s6W3vuCKdyVi7XMupe%2F02xhFRDMyKfXdunQwl%2FP3cqc3IFDmDK%2FAGFeR4Jj4rAj9THBMAm%2FqX6V57B47rj73lwrgXrFLc%2FNpx1hrjyPLwxw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d3ecd9f2cc9d610-MXP

GET
H3 200 size.webp
duromax.shop/img/ Frame 665F 15 KB
16 KB 42ms
23ms Image
image/webp 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duromax.shop/img/size.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b222a38eae0ce46c22c70e58f0cf50eb3edff677853be79504d3635fdd1cfd1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125702
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15690
last-modified: Thu, 29 Apr 2021 15:00:20 GMT
server: cloudflare
etag: "608aca04-3d4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBRkMtx1RA7jnXzZCxKdh38VB%2Fqj2QPj1C1ZgUBqmIHTbrbfII2j7IJ%2FlPGK6ZgVNIfAx1ahchzfPJz2%2BQAMqd1qUyHvWBJxj0je1gANeBv0grqC4yskJRcwGrv%2FcDSLC87%2FeTomCPrUsak%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d3ecd9f2cc7d610-MXP

GET
H2 200 bottle.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 25 KB
26 KB 158ms
83ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/bottle.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: ff2918d7d004ff49d568dff0fff6a1e31211aeecfc503f5b41345a035fefc25f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 25968
cf-request-id: 0adf61e7b00000412bba857000000001
last-modified: Tue, 27 Apr 2021 15:00:12 GMT
server: nginx
etag: "6570-5c0f584e3c821"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DmAqF2nzHBrCyHs6%2FaFPwfDuHAb2SJzzyreLTGF7Xey2BkkL3xtDjs0zcoj2uonOr%2BHbwXq8QGEPgtqFaxEYhYgFQGFleVGJwhUyCQ0DIyEhdojeMKuSMZWT"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f52b93c412b-PRG
link: <https://duromax.shop/img/bottle.webp>; rel="canonical"

GET
H2 200 step-3-icon-1.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 2 KB
3 KB 102ms
27ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/step-3-icon-1.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d267002f484189bc52d2707edfba4e1c4ff843f43ca302d6ddab54003ee2d6e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2058
cf-request-id: 0adf61e7bb0000f9dae109d000000001
last-modified: Thu, 29 Apr 2021 15:00:26 GMT
server: nginx
etag: "80a-5c11dc165d804"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8LuB0Whet1M%2B%2BF9a9DqdV0SwvLy68NuXmjH2o%2BS5SNgGbNT4lKoV%2BJosMqprROYVTjQXhFk6vJJ7lbY9pQLdHw3exqdo03eTP160Jn4IHLUjQmCq7dLmu3z5"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f52cb82f9da-PRG
link: <https://duromax.shop/img/step-3-icon-1.webp>; rel="canonical"

GET
H2 200 step-3-icon-2.webp
575129-1859331-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 1 KB
2 KB 95ms
29ms Image
image/webp 151.139.241.22
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859331-1-raikfcquaxqncofqfm.stackpathdns.com/img/step-3-icon-2.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.22 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: ecb30a21371575dbd068f15b29d1d24aa0531a77b9d47ffaeef4f3e82a3e70f4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1138
last-modified: Thu, 29 Apr 2021 15:04:16 GMT
server: nginx
etag: "608acaf0-472"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTSxxzmSaMIYg6BNd5iu1A%2BRty44Zr8Z9%2F8jlaWM3VgqYSeMsmuQQm6zncfmyD5k79SS8JPc3euqkIO%2FWUN55TpmMg48VYOrBWJwXS05eiy9A0gfYJpawatghKAPvfMqEd5h2Uw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6ca7381da81f4eb0-FRA
link: <https://www.duromax.com.br/img/step-3-icon-2.webp>; rel="canonical"

GET
H2 200 step-3-icon-3.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 1 KB
2 KB 157ms
82ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/step-3-icon-3.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: a93eb94bc7012724e54880414a886f567e2701d620106621034719b33e5e49cf

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1474
cf-request-id: 0adf61ee4e00004119cd11a000000001
last-modified: Thu, 29 Apr 2021 15:00:30 GMT
server: nginx
etag: "5c2-5c11dc1a84fb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CMPo63ziU8ZigARRFllXuRm0%2BM0H7bmruF9vZhaVSVjgYQNT%2FPoxKHbULGeV01iTSg19532maThNPeBCD66vBDrs557JN6tjHOjcUDz%2BKy4vgZknT%2FTU2224"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f5d480a4119-PRG
link: <https://duromax.shop/img/step-3-icon-3.webp>; rel="canonical"

GET
H2 200 step-4-penis.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 10 KB
10 KB 129ms
55ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/step-4-penis.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: bebb4b6672a276d57c250eabb00755bfe06a2c5aa085e4879b161fcffce2d162

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10010
cf-request-id: 0adf61e7af000041318484e000000001
last-modified: Thu, 29 Apr 2021 15:00:33 GMT
server: nginx
etag: "271a-5c11dc1cbc5d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MWt6CdHhFNz6fGi7t19mMCPISC3DJIC%2BcmlCm0mmp%2BRaTFV1YQNLRZkYZO%2BoCEvVQV0BV3DGie0opr6bRJT1SgwQP3bzFkPPqZMWWPU6iWEbKtRv855lbx2Z"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f52be3d4131-PRG
link: <https://duromax.shop/img/step-4-penis.webp>; rel="canonical"

GET
H2 200 step-4-venosos.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 24 KB
24 KB 130ms
56ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/step-4-venosos.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 725e514003d78aba38b7eaae1bd3ec926543fdcc768cc601eea7b0ceff34531b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24246
cf-request-id: 0adf61e7bc0000410722908000000001
last-modified: Thu, 29 Apr 2021 15:00:35 GMT
server: nginx
etag: "5eb6-5c11dc1f016c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2i1KhIB1jGWtbnZwLTeU0enwFwmQ5dACyiaar3CysGnIsSlsEFlgGglqUb8Ts5cEqVlGHmULv7FJ%2FsYBio46NI8aDIRMx9SqfC1DXAFe2akqWiYkZaHODdm6"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f52ca9f4107-PRG
link: <https://duromax.shop/img/step-4-venosos.webp>; rel="canonical"

GET
H2 200 h-m-fita-metrica.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 19 KB
20 KB 183ms
109ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/h-m-fita-metrica.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 34941df67a7e7cc79a7b4fd9bfd7c7d44d57a15c63bd58d83c897adf31d18bb1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 19740
cf-request-id: 0adf61e7b70000411310bd6000000001
last-modified: Thu, 29 Apr 2021 15:00:08 GMT
server: nginx
etag: "4d1c-5c11dc05a824e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fx4cG%2FIIcNgtsh6EFzV0BA31B6fsHfGhfWX7LaVwrBPleo3sJRjaK79ibBW6Vkz8gk1s68wu91ckZRPDGDgx46FLO0RkN%2Fo0WfQFFFLEDivoEQffhELHiRae"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f52bd144113-PRG
link: <https://duromax.shop/img/h-m-fita-metrica.webp>; rel="canonical"

GET
H2 200 16.webp
www.duromax.com.br/img/ Frame 665F 3 KB
3 KB 380ms
93ms Image
image/webp 2606:4700:3030::ac43:98ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.duromax.com.br/img/16.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:98ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ca866d05478f419c0b93ef674147f1334d470942763c7f989afcc307fade01a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1347469
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2820
last-modified: Thu, 23 Sep 2021 12:13:34 GMT
server: cloudflare
etag: "614c6f6e-b04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAvQOgwHbw2VhMB1KMKz5jnXqelqKAwbH8qQJgl2ST0Lf1SzQNGlG3KwBTXQ46AXfvC2Pwp6UKJvei4lGZ3tChX3ck82yvQiU1nRtNEPJedI8iidqR5RHeU5CvAgKbTs8RoUA%2Btom2mqVFXvOUKH8p4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6d3ecda0d92e83b2-MXP

GET
H2 200 17.webp
575129-1859331-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 23 KB
24 KB 122ms
56ms Image
image/webp 151.139.241.22
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859331-1-raikfcquaxqncofqfm.stackpathdns.com/img/17.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.22 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 1370a42a09426735100bb273739e3b416ffc202b09019782bf4525389ac06ae8

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23972
last-modified: Thu, 23 Sep 2021 11:33:17 GMT
server: nginx
etag: "614c65fd-5da4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DR5uXlr0GVfvdU4FwZFTcKmoH9bVD2RE7GOTxdkwYhXI9upbNqAKsi0U570JElmAN%2BXTW6x3C4cAwN3wrvnxMLwJqE3kzkLFO7tXUySq6Cw3rby4ILt5AIeTViTaPUyU00AUNA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6ca7381c48777180-DUS
link: <https://www.duromax.com.br/img/17.webp>; rel="canonical"

GET
H2 200 18.webp
www.duromax.com.br/img/ Frame 665F 15 KB
15 KB 411ms
124ms Image
image/webp 2606:4700:3030::ac43:98ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.duromax.com.br/img/18.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:98ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0891527121f4048941a1095408b5a4c2dc254a0cc118c8a458c30e7d605564b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1347469
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15496
last-modified: Thu, 23 Sep 2021 12:13:34 GMT
server: cloudflare
etag: "614c6f6e-3c88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHzdP%2FuHSPghMNL0SucmtbpVY45ycR0M8O%2BrvTIrXoay6E%2FWPT9nNTB14g3uLq9O1PvFSmmh%2BMDgzCOBMbiXJ3z5UBeYEIi%2BgU1i2eseG0r3Wl8EWWDHt5PMqAHY7qfB1PgyPrA7PY33QIVR4OL8%2F9k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6d3ecda0d92f83b2-MXP

GET
H2 200 19.webp
www.duromax.com.br/img/ Frame 665F 5 KB
6 KB 314ms
124ms Image
image/webp 2606:4700:3030::ac43:98ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.duromax.com.br/img/19.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:98ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0a011de52f9603030bf042db850bea11a7133ac0755e060ab67f97792fe2f64

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1347469
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5436
last-modified: Thu, 23 Sep 2021 12:13:35 GMT
server: cloudflare
etag: "614c6f6f-153c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wlCeXHakgLDvcXyiguZvoBMNzZWR9GXDdRsvRkz422UkXc7ICro87gYqcEOWLHH%2FSRDTrj0gPYEYiXKGepFJuDdCrEC%2F5hvfENNWhNYBPdEoMip0cxPO1K%2FJIyehJqj53%2FSrulmDS72Tkpnugm8Sh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6d3ecda0d93183b2-MXP

GET
H2 200 15.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 6 KB
7 KB 90ms
89ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/15.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 98c39e0d66a01a5dd9b4b8af0d68d8711cce80fb180e15ea5b349fb6882b7ac2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6382
cf-request-id: 0adf61e80700002788b497a000000001
last-modified: Tue, 01 Jun 2021 15:45:05 GMT
server: nginx
etag: "18ee-5c3b639d9bd50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZxjLGjOHntmr%2Barg3CwjKB%2B1MBbyvq2MO%2B4qDTB99TfmmLNSiAH4tIPpHvcfDgi7T6i4%2BfByOkU1nQyx37coaEvFBGb%2B9cA%2BlxhXsocu4elaZiJ1R0RcYfox"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f533cf42788-PRG
link: <https://duromax.shop/img/15.webp>; rel="canonical"

GET
H2 200 step-6-doctor-quote.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 5 KB
5 KB 88ms
87ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/step-6-doctor-quote.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 31fa44ed783fb77c86abd942961654e1a4b9571dd05e57b04a34a552d1fc25da

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4886
last-modified: Thu, 29 Apr 2021 15:00:49 GMT
server: nginx
etag: "1316-5c11dc2c99e6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3syXeOVMsqQiQcmLr1lW3vbmu7oW9kZs%2FfbDSB6AIlSd61jHaAyOFTPq3Sn%2FAfbb3DMYRHroitsKhBA%2B0YxUFmTRpc0h6AXFIR%2Bqf1QFz2spMW1YLvelMa2EirCrDw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 672cf42cfe7a27c0-PRG
link: <https://duromax.shop/img/step-6-doctor-quote.webp>; rel="canonical"

GET
H2 200 iso1.webp
www.duromax.com.br/img/ Frame 665F 15 KB
16 KB 293ms
108ms Image
image/webp 2606:4700:3030::ac43:98ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.duromax.com.br/img/iso1.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:98ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3c52db7fe88606b4ffd2318b3d71fba9764781ac7676bbf9bacf36b47ee0e9b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1347469
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15860
last-modified: Fri, 24 Sep 2021 19:16:32 GMT
server: cloudflare
etag: "614e2410-3df4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhKynhkcxjNMKmwdeSSu5AmnYyxbtwcdGjwQbPsa9euYIZt12mQCPtGbPEl4VX12EWf8pa1D0IHlBVPY721wea%2FjbzKwrXKnfgFGx2eRpEMQjs18tLbz1sguCfWArIZWr8Yo%2FCcTpQGG%2BsRNVjlXy4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 6d3ecda0d93283b2-MXP

GET
H2 200 5.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 3 KB
4 KB 333ms
31ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/5.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: b416c901b12b36844bed1564c326e3e6100624319448530ff8c5a48fa9097717

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3116
cf-request-id: 0adf61e8120000410d0e0c4000000001
last-modified: Thu, 29 Apr 2021 14:59:39 GMT
server: nginx
etag: "c2c-5c11dbe920691"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7h%2FtfltSW7rOIO0e8h7lVhLOK0OWlk10OZkHse2e6Q8RXHYdPfwaYPfssXfEwPrCZ2qxlxVRR6WetLhoY3aZuWllR8zrK7uDEvOYuKWob18VhOJxFRjWaqHz"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f534e7f410d-PRG
link: <https://duromax.shop/img/5.webp>; rel="canonical"

GET
H2 200 6.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 3 KB
3 KB 331ms
30ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/6.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 8fde7b1744fc3164ddf04d92536c1c227a5ac000e9107e6e1e09d75b64467f06

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2664
cf-request-id: 0adf61e7fc0000f9de359ad000000001
last-modified: Thu, 29 Apr 2021 14:59:40 GMT
server: nginx
etag: "a68-5c11dbead2017"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2Ba%2Beg2TW45t%2Bvsapl8uRfzch%2BVsALg3QxSTs1ka3ivObMUI9X35Z6ViD9iUDMVllwPSCNSVxCDB2hJY0bHRenq9XvBsBNPBGIcbjSQtFA8E8eGyB0XomH4%2Bf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f532972f9de-PRG
link: <https://duromax.shop/img/6.webp>; rel="canonical"

GET
H2 200 7.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 3 KB
3 KB 332ms
31ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/7.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: c9858da65ea1caad28bdc2eb8ee75a08e7478394781e6765c52d6703774548bf

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2656
cf-request-id: 0adf61e81300004120f4915000000001
last-modified: Thu, 29 Apr 2021 14:59:42 GMT
server: nginx
etag: "a60-5c11dbec5a95c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bucXOCtpnu5xF7llgDabBrb%2BxhWHtPikNLdOsZU0RiF9BuDYAUoiSbbuoKMPgqqRGBDD5y2Pav1nwu0VucZ22kyCxG05Pk5WQdp6wbl3980zYxs15eten1Dr"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f535f1d4120-PRG
link: <https://duromax.shop/img/7.webp>; rel="canonical"

GET
H2 200 8.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 2 KB
3 KB 332ms
31ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/8.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: e8d964b9133f9b0d1786bffb29f8abd24ce4b6c189308a104bc31cd98e2306e6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2146
cf-request-id: 0adf61e81e0000f9d6ef884000000001
last-modified: Thu, 29 Apr 2021 14:59:44 GMT
server: nginx
etag: "862-5c11dbedf5b81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vhdQJ8VLnBRopsItPM3nPxhmj5lKOVtmwDCCO5utSG83hYYm1Xh9xH%2BgcRTKHh0we6fr5ge5pESbxNcdPrv%2B7%2F3t58oIpd9vNWramvEaI9Zr05DAlBRr2lDM"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f536f78f9d6-PRG
link: <https://duromax.shop/img/8.webp>; rel="canonical"

GET
H2 200 francoisplus-ca5013b3e4.jpg
575129-1859047-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2021/04/ Frame 665F 30 KB
30 KB 469ms
397ms Image
image/jpeg 151.139.242.16
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859047-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2021/04/francoisplus-ca5013b3e4.jpg
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.16 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: b6913d57a380fcba124323fe421a0a4b4e443daf572e82447d4c1745326ffed1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30303
last-modified: Mon, 19 Apr 2021 22:47:46 GMT
server: nginx
etag: "607e0892-765f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hZoKoikz3hoiZN2hNNqB3l3yeRnyS6vB4xkpOP8ACvzj0Qjta3PBxM6iSx8OcAs0hdNj0fgfStSdRPEe0dCb30%2FaWOQWuq0nNfoyHke2FAQwyEfPyIDuYHeDBA8WmAWWDKBmp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c5b8fb6a80e05d8-FRA
link: <https://revistabemestar.co/wp-content/uploads/2021/04/francoisplus-ca5013b3e4.jpg>; rel="canonical"

GET
H2 200 regisplus-2ac596d0b3.jpg
575129-1859047-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2021/04/ Frame 665F 71 KB
72 KB 574ms
504ms Image
image/jpeg 151.139.242.16
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859047-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2021/04/regisplus-2ac596d0b3.jpg
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.16 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: ff19d60fda177e7afe73ce562583a5debbd5709f4cffc14ac89af277aeb4149a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 72632
last-modified: Tue, 27 Apr 2021 14:15:03 GMT
server: nginx
etag: "60881c67-11bb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgDqYI0ptYyhTWVroNDywfsiH1zT0ejbDE6YE2GH291tm7AYAweXGzgK%2BBYazYpqKJHo%2BpYuDWxgorUbeR7QycdExlNOE5v6w%2FEi%2FduLjloD1vcdM3J2bA6iIgkmOMibGRtueH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c5ba437be240732-LHR
link: <https://revistabemestar.co/wp-content/uploads/2021/04/regisplus-2ac596d0b3.jpg>; rel="canonical"

GET
H2 200 olivierplus-ca29a77264.jpg
575129-1859047-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2021/04/ Frame 665F 65 KB
66 KB 790ms
747ms Image
image/jpeg 151.139.242.16
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859047-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2021/04/olivierplus-ca29a77264.jpg
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.16 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: aa96b012e2db0f97345289b5d7f14525c57b632a74ab3772a9098d28193face5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 66690
last-modified: Mon, 19 Apr 2021 22:55:01 GMT
server: nginx
etag: "607e0a45-10482"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nrj4gvDO%2BdtiZ2ZzLt57mPYTqSovzI6fk5kjLsInaLhhN6keBk2gi9tYusKV6MWdktR%2BI2VtoslyntI%2BJlXeJQVZqAVuHQU27LGn%2FXgYN9o2vhMY3KkWDonWmYN79b9Eet9wL04%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c5ba437783f4ac2-FRA
link: <https://revistabemestar.co/wp-content/uploads/2021/04/olivierplus-ca29a77264.jpg>; rel="canonical"

GET
H2 200 mathieuplus-1669647536.jpg
575129-1859047-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2021/04/ Frame 665F 25 KB
26 KB 736ms
693ms Image
image/jpeg 151.139.242.16
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859047-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2021/04/mathieuplus-1669647536.jpg
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.16 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 9a07a50c1bf7a958287ef565d815a67ab60dc94e9622e605d65f738e60a0f677

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26050
last-modified: Mon, 19 Apr 2021 22:57:55 GMT
server: nginx
etag: "607e0af3-65c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVn928byylX4KGQJgqH8mddmuG6fsUSRkESBk2SCCWwouAlc6ZZZvHtkRg7Ga4dLkHVWIjeEPzQn%2FQIq0zTXPAGxSX7dWODH44a8q2kDwoRyJo4nVbM5He3pYoH4CoF5JSn7P24%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c5ba4379e64887a-LHR
link: <https://revistabemestar.co/wp-content/uploads/2021/04/mathieuplus-1669647536.jpg>; rel="canonical"

GET
H2 200 maxime-ffe569f6ab.jpg
575129-1859047-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2021/04/ Frame 665F 4 KB
5 KB 519ms
476ms Image
image/jpeg 151.139.242.16
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859047-raikfcquaxqncofqfm.stackpathdns.com/wp-content/uploads/2021/04/maxime-ffe569f6ab.jpg
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.16 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 295b8154008f7dc83a967e2a458e3661909fccfd7e18b2f09bea06a1fb885645

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4585
last-modified: Mon, 19 Apr 2021 23:43:28 GMT
server: nginx
etag: "607e15a0-11e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfMy50G6hPjgNggRRE3OilE9FPhmMZygDvLNNht02gdc8XdB77%2BC66B87LtfA8ONuwI6IpdqxrtPUBeAvm8pk8l42jnuT04f%2FkLy1BwvYOdxu%2Be5LvZIQ4dIy3M%2FiDVllHRF%2Fhw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c5ba439ca586d85-MUC
link: <https://revistabemestar.co/wp-content/uploads/2021/04/maxime-ffe569f6ab.jpg>; rel="canonical"

GET
H2 200 graph_2.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 28 KB
29 KB 336ms
33ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/graph_2.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 5f6cc190d1d9f4f8294250bd8c928bbb7a9b3461be3cf3d356afc739930a1200

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 29026
cf-request-id: 0adf61e80f0000413e8e0ee000000001
last-modified: Thu, 29 Apr 2021 15:00:05 GMT
server: nginx
etag: "7162-5c11dc027ba44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=o6FAmgxx665tQq4rtK0cMF2GVjAzQr1w39O4JC7oLogXiloEfE3MBRtpNkiearPKT%2FRAbySGvPI%2FDOh1zLc%2Fvu8A8cQxohQAlSW%2Bh%2BU6njtM9mn2mxzFwCnb"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f53488a413e-PRG
link: <https://duromax.shop/img/graph_2.webp>; rel="canonical"

GET
H2 200 step-8-computer.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 7 KB
8 KB 333ms
30ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/step-8-computer.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 93324232a683bbbd32c126f9d1787b42e5af0c1ecbabba6bca99f89d736e0848

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7420
cf-request-id: 0adf61ea99000041251ea07000000001
last-modified: Tue, 27 Apr 2021 15:00:22 GMT
server: nginx
etag: "1cfc-5c0f585735642"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ONZkU4hmkMLM5CFkKXF5v2fzXKo9VG9t%2FBJV8Kp27tYVRXD%2FIMzTrF43%2BzfSnwFmqRbTD4bFPEHB%2Fub6fvXYWvZsYw2HMLe3UMkfJJjcqZ8f6QHzox3YYbzx"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f575aa64125-PRG
link: <https://duromax.shop/img/step-8-computer.webp>; rel="canonical"

GET
H2 200 reembolso4.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 19 KB
19 KB 337ms
34ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/reembolso4.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 2515a350be41495c77d6fd97bc42d305563c940a742eb2f51d1e5941b85a74fb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18982
cf-request-id: 0adf61e804000027947d04b000000001
last-modified: Thu, 29 Apr 2021 15:00:18 GMT
server: nginx
etag: "4a26-5c11dc0eccf8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G182pjqDDKTyQ2%2FLWBwEb%2BwBUqkDJMCwkpekUyS9ImIZH0RqR6e83%2BIEG02ja5RXgbbn8c9UtIQXcwwf%2FCloO5wShbtXQlf8Z%2B9EKg%2FhDGciS%2BbRXERmG2WW"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f533bfa2794-PRG
link: <https://duromax.shop/img/reembolso4.webp>; rel="canonical"

GET
H2 200 11.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 18 KB
18 KB 332ms
28ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/11.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 39666e2d07282ea6db82bab1f0de6a29433cd08784ea847649500296bab47420

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18032
cf-request-id: 0adf61e80e0000413e8e91a000000001
last-modified: Thu, 17 Jun 2021 12:46:42 GMT
server: nginx
etag: "4670-5c4f5995d36f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qgOfMR8oxHFu24gu2VmZ%2F5w0JDnWdZFo3Ul2iAI0n1TfODzbkdgBXci9llyWiUk9iSwpSpKyVuW7u9ugKWapK%2BY%2FSQEuu2MB9rh1wvJWwt7WkdpB3Tic1jhs"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f534889413e-PRG
link: <https://duromax.shop/img/11.webp>; rel="canonical"

GET
H2 200 duromax-6potes.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 24 KB
24 KB 359ms
55ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/duromax-6potes.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 42d616efec1f62f495e6b1fd6a3fd22d20fc756dc5c12bb898d4e387d36428ce

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24318
cf-request-id: 0adf61ee4b0000277c591a8000000001
last-modified: Thu, 29 Apr 2021 15:00:01 GMT
server: nginx
etag: "5efe-5c11dbfe5cf36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JLhaCXE6nDaLlyHHUYLrC4PLwYyRWsQwxnGa%2B9KQ5y99wo5uxTi2eEOFgLx8Gw32UMO3Jb4zPFonBgcg71fmQtB7zwIiTpImPqC4DCGT%2BLs1ZqrSFBMnsSOo"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f5d49be277c-PRG
link: <https://duromax.shop/img/duromax-6potes.webp>; rel="canonical"

GET
H2 200 duromax-3potes.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 17 KB
17 KB 335ms
32ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/duromax-3potes.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: e6e92b472d543358b67c87feeefdcc952efba36d4f82f4d770a64e0c9a260cb0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 16968
cf-request-id: 0adf61ea9a00004119b398f000000001
last-modified: Thu, 29 Apr 2021 14:59:59 GMT
server: nginx
etag: "4248-5c11dbfc83510"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PZVtblulGU6O8pzbWtlaVgtJiZ2p9ZtDR3fheN1BEb3jdxPTGREFr0uua6gkeqNEPl0amTkYmMmoXUPCqyzwBbYYj8nwLLpZK4Yj3GEZeWyq%2Fh4uGABrbQc9"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f575e8f4119-PRG
link: <https://duromax.shop/img/duromax-3potes.webp>; rel="canonical"

GET
H2 200 duromax-1pote.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 7 KB
7 KB 336ms
33ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/duromax-1pote.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a28a836fd075404d8fc23c14155d8a0c401af1d87aacb16bfb7fe705ffa7081

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6868
cf-request-id: 0adf61e7ff0000f9ce34811000000001
last-modified: Tue, 27 Apr 2021 15:00:12 GMT
server: nginx
etag: "1ad4-5c0f584e8b9c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6Fuai0TPnXJFK2hsmaSEoGugJ3kAtMoAi9Q37el7Ka5225QICZmuO%2BGlz6c5h4wOVXbQTdl%2FKpfwDXoIK4S57XQKaEgdKj5g8Et%2BlFZnZDgBY0pp79hKrhQ%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f533a68f9ce-PRG
link: <https://duromax.shop/img/duromax-1pote.webp>; rel="canonical"

GET
H2 200 logo.webp
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/ Frame 665F 3 KB
4 KB 337ms
34ms Image
image/webp 151.139.243.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com/img/logo.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.243.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 90352e5c4fe7c644050f2f288a34134419c5c4ac286624da4f771e9c0a833748

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3554
cf-request-id: 0adf61e81600002790b30f6000000001
last-modified: Thu, 29 Apr 2021 15:00:16 GMT
server: nginx
etag: "de2-5c11dc0cc37c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NsY%2BReezGzA5gIrDWf0Cdwyqk0aoQXYrijgaupPeBm8An0Dq30Cuxh%2FPv6AzHfGn0vcwLSbtv2eIWXlEV%2BjwYmY3aMITTpf%2FLzoVb1QI7nfe7jooxnF5yCzi"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 66459f5358152790-PRG
link: <https://duromax.shop/img/logo.webp>; rel="canonical"

GET
H2 200 14.webp
duromax.com.br/img/ Frame 665F 5 KB
5 KB 274ms
22ms Image
image/webp 2606:4700:3030::ac43:98ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duromax.com.br/img/14.webp
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:98ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9dc728523dd315e779ee7f35e2d747bcf595288093a09da56677e15e437495f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1347469
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4632
last-modified: Sun, 19 Sep 2021 12:41:38 GMT
server: cloudflare
etag: "61473002-1218"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpNNC2%2FIsC5f4YSLNBrh7l2LHeEywrTDXydI0RSPJQymBq3%2Ffoc2cAp3vqoGV9%2FtrdlqIzcyQIph917KEIHutA4Kwf2A9ZCpdk7u%2Fk0GewFopuhVCp8Q5n64VB3CUGdNPimtvqvKVSMLba9PQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d3ecda1c9c683b2-MXP

GET
H3 200 email-decode.min.js Show response
duromax.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 665F 1 KB
1 KB 40ms
21ms Script
application/javascript 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duromax.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Jan 2022 15:52:06 GMT
server: cloudflare
etag: W/"61e833a6-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6w26k1DxzP%2FAeScfGcSxozSQ6pTlRt45jBW2M8zMdFLA7vGxuAXuxF0I6w0NTGAl5Rz007DGgAiKOh1Y9%2BxVXUyAFCqj7NK2iYw8ON5GiyoBIxmVyXr011GGNXnbpc5%2FFp8JLYsVQTI8VWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3ecd9f2cc4d610-MXP
vary: Accept-Encoding
expires: Sat, 29 Jan 2022 03:13:06 GMT

GET
H3 200 rocket-loader.min.js Show response
duromax.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 665F 12 KB
4 KB 34ms
19ms Script
application/javascript 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://duromax.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Jan 2022 15:52:06 GMT
server: cloudflare
etag: W/"61e833a6-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8%2FBsDUoOh%2BkjwXEw5uJ5GFtYZ5ysbDNGzUFT5e3AmSxDTFQxJyaIKoo8GnLbOFniEZ9T0BdcYG2XnKHzaRt74aDGPDx%2BiGqJrWx0umk9g0xygaZBmPwzhyxkiV0b5h52OKWcMi93Hex0tg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3ecd9f2cc1d610-MXP
vary: Accept-Encoding
expires: Sat, 29 Jan 2022 03:13:06 GMT

GET
H3 200 MJlbfZme01Y Show response
www.youtube.com/embed/ Frame 4848 59 KB
24 KB 84ms
83ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/MJlbfZme01Y

Requested by

Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6b4c4780ac878e6d06c6f11293cb029cb33d41cf811173014e36184378ecafc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Jan 2022 03:13:06 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 VLfgebzpsmM Show response
www.youtube.com/embed/ Frame 8FB4 59 KB
24 KB 71ms
71ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/VLfgebzpsmM

Requested by

Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

439c700652f1c432ce59f41fade2301295138fba303b1d38b44a13250f9c942c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Jan 2022 03:13:06 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 JldNClFzmSc Show response
www.youtube.com/embed/ Frame 1087 59 KB
24 KB 69ms
69ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/JldNClFzmSc

Requested by

Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5845d1b5646df4ece8b63901f45971e21cb006b75865a2e8c960d2a43314a2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Jan 2022 03:13:06 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 BmTGtdob4rc Show response
www.youtube.com/embed/ Frame 5A94 59 KB
24 KB 75ms
74ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/BmTGtdob4rc

Requested by

Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c3b216f7c0b688e117777b38a1de410cc9a89fdb7228ced8bdf17ba123bf8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Jan 2022 03:13:06 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 BF5jWDgcln4 Show response
www.youtube.com/embed/ Frame 5278 59 KB
24 KB 75ms
74ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/BF5jWDgcln4

Requested by

Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c45d8d50ee99d5a584e0dd0509be2f1e3898520dfdcb04ca0674cf59e6adf77c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 27 Jan 2022 03:13:06 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK tag_gen.js Show response
a.exoclick.com/ Frame 665F 895 B
915 B 80ms
18ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exoclick.com/tag_gen.js
Requested by: Host: duromax.shop
URL: https://duromax.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0038a46147de8ad7ae4477a228fa1b23922fbeadeac512f61d020e5ffcbe6a9b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:06 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"b71554cb29aa7affadbb3b5be9d"
X-HW: 1643253186.dop005.ml1.t,1643253186.cds022.ml1.shn,1643253186.dop005.ml1.t,1643253186.cds013.ml1.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 477

GET
H2 200 p.js Show response
my.rtmark.net/ Frame 665F 697 B
1 KB 387ms
287ms Script
text/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=2e8dd2e9b55327674b3342b9dd4cfb9a8130688daed6a8406e2a7fa6a606f926

Requested by

Host: duromax.shop
URL: https://duromax.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d6ced2d066935a4550fefe90e4a07e40ad503004724ba900c080bc127de24675

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 697

GET
H2 200 load.js Show response
app.cartstack.com.br/activeAPI/ Frame 665F 12 KB
4 KB 71ms
23ms Script
application/javascript 2606:4700:3108::ac42:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cartstack.com.br/activeAPI/load.js

Requested by

Host: duromax.shop
URL: https://duromax.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / sunset.solutions, sunset.solutions

Resource Hash

ac1e7257a75f95079823aeee2f9602cb401000105d8664172d159eaacba4800c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-cs: EXPIRED
age: 5792
x-powered-by: sunset.solutions, sunset.solutions
cf-bgj: minify
x-ua-compatible: IE=Edge
last-modified: Thu, 27 Jan 2022 00:28:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sun, 27 Feb 2022 03:13:06 GMT
cache-control: public, max-age=2678400
cf-polished: origSize=19821
cf-ray: 6d3ecd9fe8bf59dd-MXP
x-lb: 1

GET
H3 200 config.js Show response
duromax.shop/js/ Frame 665F 1 KB
1 KB 23ms
22ms Script
application/javascript 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://duromax.shop/js/config.js
Requested by: Host: duromax.shop
URL: https://duromax.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cadfc11307c8688ca8d08f02904a27209633482aac11f4c6a6e9a7c5614fc46e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125702
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 02 Apr 2021 23:54:19 GMT
server: cloudflare
etag: W/"6067aeab-5a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEodzrR8JsPIyYEg1ou1xVTozPYWQsos%2F5OYWgxKnTYvNEo%2FLy83zzNQOv2Wa%2FVrNeJtm8crwfS%2BJZLp%2FsCjexJKPvxtYk6F8%2BV0A7DyuKevbmGfal1asgJEFDSB7RvsVPwXuvBcy%2FUVyXc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6d3ecd9fad0dd610-MXP
cf-bgj: minify

GET
H3 200 jquery.easing.1.3.js Show response
duromax.shop/js/ Frame 665F 4 KB
1 KB 28ms
25ms Script
application/javascript 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://duromax.shop/js/jquery.easing.1.3.js
Requested by: Host: duromax.shop
URL: https://duromax.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76f140df1a17b03a8536f953f70bdf78f9ce261f7dac04ea4450f9f3da73fbb3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125702
cf-polished: origSize=3601
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 02 Apr 2021 23:55:11 GMT
server: cloudflare
etag: W/"6067aedf-e11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tD9ne%2FAMb1dXL5BPd5Gacyh0NLmjbZzvUbnzni2UDv3HeR0UhBZ5kk0jTrsuHvDRHciXft3iLZngOvzuOjVPkZeiq%2BDy9WVRPix7glx%2F%2BElLxZjT7iqEiIe3qdxLzJukvj4K3Oody6yqSLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6d3ecd9fad0fd610-MXP
cf-bgj: minify

GET
H3 200 bootstrap.min.js Show response
duromax.shop/js/ Frame 665F 36 KB
11 KB 28ms
26ms Script
application/javascript 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://duromax.shop/js/bootstrap.min.js
Requested by: Host: duromax.shop
URL: https://duromax.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 752a8a12c53f948e54c28b27e87684d80ea4226257f2469db4078503e09d59cf

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125702
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 02 Apr 2021 23:53:42 GMT
server: cloudflare
etag: W/"6067ae86-9166"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbpFmBeVHiVa2BXsfmM%2BATbOAC9LQIhcMePw9eQO7jQFCg5Zl6M6lpbtqFP8E0%2BXLQ4atQK1pgRktJYMlzou25wwXvqMKp1%2FYdESzNxcM8i0%2F1lqmJIC%2FaqppHk1Qhzri8qMomEuzvPY2Sw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6d3ecd9fad10d610-MXP

GET
H3 200 jquery.min.js Show response
duromax.shop/js/ Frame 665F 94 KB
34 KB 43ms
41ms Script
application/javascript 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://duromax.shop/js/jquery.min.js
Requested by: Host: duromax.shop
URL: https://duromax.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125702
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Feb 2021 14:44:39 GMT
server: cloudflare
etag: W/"6023f157-1762a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qiczjo53dkrWJaE4wVv1vVR%2F4dzCWHWHRQo9CMilts1IjvGkunxmZ%2BWAvHdPja7QN5xCa%2FhuAciQP3%2FM0shX4Yh8mRLuYiNehUxwMwqrIxeRcDWfENk0IypdiZyLGqNBAVxw9UoRGTrjd5c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6d3ecd9fad11d610-MXP

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ Frame 665F 14 KB
5 KB 87ms
49ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: duromax.shop
URL: https://duromax.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6d3ecd9feba583a2-MXP

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 665F 97 KB
38 KB 85ms
45ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-777904180

Requested by

Host: duromax.shop
URL: https://duromax.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f5354fddb09531c8343146fdfb72a68cef8e8a91c06504302f63097fada4a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39345
x-xss-protection: 0
expires: Thu, 27 Jan 2022 03:13:06 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 665F 90 KB
35 KB 78ms
37ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122815905-1

Requested by

Host: duromax.shop
URL: https://duromax.shop/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

89d7049c40580090a687cca2bb032d76e87856fec2a5a4644880d251e158669d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35988
x-xss-protection: 0
expires: Thu, 27 Jan 2022 03:13:06 GMT

GET
H3 200 bg.jpg.html
duromax.shop/img/ Frame 665F 353 B
353 B 42ms
41ms Image
text/html 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duromax.shop/img/bg.jpg.html
Requested by: Host: duromax.shop
URL: https://duromax.shop/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 14:44:39 GMT
server: cloudflare
age: 125702
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezHVqBNn4TSUwKs7yxA7ctK5FbatfinFbtl8vDE7eJXbMKW4uJHh5c%2Bw7m4q9dMDnLrBjAhmwkDjdpYFmeg0Ew9nbT703xOXutKNOzb118OIy0iIWHGgFbsk1eX%2FeeeCIPqwPl%2BHZfLAKSI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d3ecd9fad12d610-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ Frame 665F 46 KB
46 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:100,200,300,400,500,600,700,800,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://duromax.shop
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 20:12:54 GMT
x-content-type-options: nosniff
age: 111612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 20:12:54 GMT

GET
H3 200 step-1-bg.jpg
duromax.shop/img/ Frame 665F 91 KB
92 KB 26ms
26ms Image
image/jpeg 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duromax.shop/img/step-1-bg.jpg
Requested by: Host: duromax.shop
URL: https://duromax.shop/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85dfc125a898827135af486298539a9858d06a9edfb047438b4faf6fb18dd374

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125702
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 93216
last-modified: Thu, 15 Apr 2021 15:19:44 GMT
server: cloudflare
etag: "60785990-16c20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Buq0irhDgu%2BNoz1Tm3Sy9XZEjnO6gRfU%2BXAR%2B2yAe0oxVvvg3SiNNQuR6WHBPdRgWtuUDk4FvIDEb6F0T9JloTcP0H%2F%2Bh%2B7ASdwYdzbXHMLm6HlvpBWteVHP2wnjqakQ%2FHaU6i04pRYt8mQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d3ecd9fad13d610-MXP

GET
H3 200 step-5-bg.jpg
duromax.shop/img/ Frame 665F 4 KB
5 KB 63ms
63ms Image
image/jpeg 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duromax.shop/img/step-5-bg.jpg
Requested by: Host: duromax.shop
URL: https://duromax.shop/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27e58df70ed3481d6d00351abdaf314546274790e93327d6ea6a98257df2ab48

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125702
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4164
last-modified: Thu, 15 Apr 2021 15:19:53 GMT
server: cloudflare
etag: "60785999-1044"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rC8LcPXhqmJ5P2FJmmNwXpv1Hru3ytreVqaepT9NSh0bbejFenR%2B3xlGCDA469IMx1dsFwLYzO1BRO0U6Xt8iZQZmgVzFqqnGL74y5m%2BSzyXt898BtxAKR0dgMUc73UW6nV2IAVCjy88TFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d3ecd9fad14d610-MXP

GET
H3 200 step-8-icons.png
duromax.shop/img/ Frame 665F 4 KB
4 KB 24ms
24ms Image
image/png 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://duromax.shop/img/step-8-icons.png
Requested by: Host: duromax.shop
URL: https://duromax.shop/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5220d53ac04e0b45b56e166a65aff19cd5697544fc6e6e24a3948358066ff2c0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125702
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4040
last-modified: Thu, 15 Apr 2021 15:20:09 GMT
server: cloudflare
etag: "607859a9-fc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bshzSxY0F1EiHhDWseQrW7wku1oB994gEsJUGCwaqloXiqAEHPZYcZfRf1ZP%2B61tAqgVQQTbFUx8O%2FbNoF7xuWgvHTM1t4pI9UJ58Pq63lATn5TRV6MNhRw1bWGjiudIfUxTtOz44GQGZKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d3ecd9fad15d610-MXP

GET
H3 200 fontawesome-webfont-v=4.7.0.woff2
duromax.shop/fonts/ Frame 665F 75 KB
76 KB 61ms
61ms Font
application/font-woff2 2606:4700:3037::6815:5112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://duromax.shop/fonts/fontawesome-webfont-v=4.7.0.woff2
Requested by: Host: duromax.shop
URL: https://duromax.shop/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://duromax.shop/css/font-awesome.min.css
Origin: https://duromax.shop
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 125702
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Wed, 10 Feb 2021 14:44:39 GMT
server: cloudflare
etag: "6023f157-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fub5F3hrz5goeqSYqeVFTL5EX6QOsUM63iPEoVbw1MhRuqDG%2Bmwndtg5hfJ32X8IFs%2B0F1icWADo%2Bzt74kmEiNFwAMI7XIRVMML8MT8CK2Xfeb3wSpjg%2FWSBgT7Jtesi602qVJA264csG8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d3ecd9fad18d610-MXP

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/8ad9c87a/ Frame 1087 340 KB
47 KB 29ms
28ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JldNClFzmSc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e623fb78cdfb931ce91f7d2b52fd78f3051ddfcc12ff164dc42e766cd51d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/JldNClFzmSc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47680
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:57:04 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/ Frame 1087 273 KB
84 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JldNClFzmSc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a176d2ab86d91e432adc0595471aca20c1a859478d8309c3a89800f404745a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/JldNClFzmSc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85792
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:56:23 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 1087 2 MB
536 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JldNClFzmSc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39ae5a8c8feed7a9dbfdbcc274426a0bb42f8e8da8a0be001e40b3ab08482b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/JldNClFzmSc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 548596
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:15:29 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8ad9c87a/fetch-polyfill.vflset/ Frame 1087 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JldNClFzmSc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/JldNClFzmSc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:56:23 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/8ad9c87a/ Frame 8FB4 340 KB
47 KB 33ms
32ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VLfgebzpsmM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e623fb78cdfb931ce91f7d2b52fd78f3051ddfcc12ff164dc42e766cd51d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/VLfgebzpsmM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47680
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:57:04 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/ Frame 8FB4 273 KB
84 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VLfgebzpsmM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a176d2ab86d91e432adc0595471aca20c1a859478d8309c3a89800f404745a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/VLfgebzpsmM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85792
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:56:23 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 8FB4 2 MB
536 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VLfgebzpsmM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39ae5a8c8feed7a9dbfdbcc274426a0bb42f8e8da8a0be001e40b3ab08482b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/VLfgebzpsmM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 548596
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:15:29 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8ad9c87a/fetch-polyfill.vflset/ Frame 8FB4 8 KB
3 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VLfgebzpsmM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/VLfgebzpsmM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:56:23 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/8ad9c87a/ Frame 5A94 340 KB
47 KB 48ms
48ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BmTGtdob4rc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e623fb78cdfb931ce91f7d2b52fd78f3051ddfcc12ff164dc42e766cd51d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BmTGtdob4rc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47680
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:57:04 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/ Frame 5A94 273 KB
84 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BmTGtdob4rc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a176d2ab86d91e432adc0595471aca20c1a859478d8309c3a89800f404745a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BmTGtdob4rc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85792
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:56:23 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 5A94 2 MB
536 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BmTGtdob4rc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39ae5a8c8feed7a9dbfdbcc274426a0bb42f8e8da8a0be001e40b3ab08482b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BmTGtdob4rc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 548596
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:15:29 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8ad9c87a/fetch-polyfill.vflset/ Frame 5A94 8 KB
3 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BmTGtdob4rc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BmTGtdob4rc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:56:23 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/8ad9c87a/ Frame 5278 340 KB
47 KB 50ms
50ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BF5jWDgcln4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e623fb78cdfb931ce91f7d2b52fd78f3051ddfcc12ff164dc42e766cd51d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BF5jWDgcln4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47680
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:57:04 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/ Frame 5278 273 KB
84 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BF5jWDgcln4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a176d2ab86d91e432adc0595471aca20c1a859478d8309c3a89800f404745a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BF5jWDgcln4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85792
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:56:23 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 5278 2 MB
536 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BF5jWDgcln4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39ae5a8c8feed7a9dbfdbcc274426a0bb42f8e8da8a0be001e40b3ab08482b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BF5jWDgcln4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 548596
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:15:29 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8ad9c87a/fetch-polyfill.vflset/ Frame 5278 8 KB
3 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BF5jWDgcln4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BF5jWDgcln4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:56:23 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1087 15 KB
15 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JldNClFzmSc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 143701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 11:18:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8FB4 15 KB
15 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VLfgebzpsmM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 143701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 11:18:05 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/8ad9c87a/ Frame 4848 340 KB
47 KB 83ms
83ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MJlbfZme01Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e623fb78cdfb931ce91f7d2b52fd78f3051ddfcc12ff164dc42e766cd51d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/MJlbfZme01Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:57:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36962
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47680
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:57:04 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/ Frame 4848 273 KB
84 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MJlbfZme01Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a176d2ab86d91e432adc0595471aca20c1a859478d8309c3a89800f404745a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/MJlbfZme01Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85792
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:56:23 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 4848 2 MB
536 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MJlbfZme01Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39ae5a8c8feed7a9dbfdbcc274426a0bb42f8e8da8a0be001e40b3ab08482b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/MJlbfZme01Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:15:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 548596
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:15:29 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/8ad9c87a/fetch-polyfill.vflset/ Frame 4848 8 KB
3 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MJlbfZme01Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/MJlbfZme01Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 16:56:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 16:56:23 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5A94 15 KB
15 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BmTGtdob4rc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 143701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 11:18:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5278 15 KB
15 KB 32ms
30ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BF5jWDgcln4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 143701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 11:18:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4848 15 KB
15 KB 35ms
29ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MJlbfZme01Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 143701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 25 Jan 2023 11:18:05 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 8FB4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

33ms
33ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VLfgebzpsmM

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dce67c19c517cf577028a3ce66aa7080d4a334a9dcea2fe293cb928b2e432c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 27 Jan 2022 03:13:06 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 8FB4 29 B
54 B 61ms
27ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 02:59:18 GMT
x-content-type-options: nosniff
age: 828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 03:14:18 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 1087
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

33ms
33ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JldNClFzmSc

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f1700c851d546954280f71239daf3c0f62348d513f037d10775e479dde94c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 27 Jan 2022 03:13:06 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1087 29 B
54 B 28ms
26ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 02:59:18 GMT
x-content-type-options: nosniff
age: 828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 03:14:18 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 5A94
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

33ms
33ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BmTGtdob4rc

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5943ef56f97581622674efa51b864ccec9ed67b90d6dede00585d43e84d817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 27 Jan 2022 03:13:06 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 5A94 29 B
54 B 28ms
27ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 02:59:18 GMT
x-content-type-options: nosniff
age: 828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 03:14:18 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 8FB4 97 KB
30 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81987799f1e92422e0fe8a3660ec3a969ed909b94534f179fdbf25c6d8ecacb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/VLfgebzpsmM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30773
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:15:31 GMT

GET
H3 200 -Ya2YEo9PblBmMeNLDkBYCqlLQoOYv1OX5Ts4H9sg2E.js Show response
www.google.com/js/th/ Frame 8FB4 35 KB
13 KB 68ms
26ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/-Ya2YEo9PblBmMeNLDkBYCqlLQoOYv1OX5Ts4H9sg2E.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f986b6604a3d3db94198c78d2c3901602aa52d0a0e62fd4e5f94ece07f6c8361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:24:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13317
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Jan 2023 17:24:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 8FB4 26 KB
7 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb84b54891f98d44a666bcbd9371dbe83974f258b72014121d953504145eb56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/VLfgebzpsmM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7609
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:26:37 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4848
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

34ms
33ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MJlbfZme01Y

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7aaeaee193cc1d608cad09d15de879f6ebf7240e3cd0e6e8f84d2cd96de6bc54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 27 Jan 2022 03:13:06 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4848 29 B
54 B 26ms
25ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 02:59:18 GMT
x-content-type-options: nosniff
age: 828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 03:14:18 GMT

GET
DATA 200
OK truncated
/ Frame 8FB4 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 whLiPpSBxK_H-p1TjBuP5DUMXSdrC7p1xIuqN_MMMUxp6F10VA_ZE-742pkMtfCwDZnoAYtlCkg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 8FB4 2 KB
2 KB 64ms
30ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/whLiPpSBxK_H-p1TjBuP5DUMXSdrC7p1xIuqN_MMMUxp6F10VA_ZE-742pkMtfCwDZnoAYtlCkg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VLfgebzpsmM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5399190819c5fe50c886ff8beabd007571bde43316a9dc5b74427a93d96786c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:33:54 GMT
x-content-type-options: nosniff
age: 5953
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1740
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jan 2022 19:36:25 GMT

GET
H3 200 default.webp
i.ytimg.com/vi_webp/VLfgebzpsmM/ Frame 8FB4 3 KB
3 KB 63ms
29ms Image
image/webp 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/VLfgebzpsmM/default.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/VLfgebzpsmM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fcc32fac186a6a01ba828e7da1e599ebcd9f2caa21b71a9572266af795466f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 02:05:13 GMT
x-content-type-options: nosniff
age: 4074
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2624
x-xss-protection: 0
server: sffe
etag: "1619546114"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Jan 2022 04:05:13 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 5278
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

33ms
33ms

XHR
application/json

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BF5jWDgcln4

Protocol

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cdd59a5429bc9189e32a52b6b129c80a64e8110b8a9b67154533b00379d1212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 27 Jan 2022 03:13:07 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 5278 29 B
54 B 25ms
25ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 02:59:18 GMT
x-content-type-options: nosniff
age: 829
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 03:14:18 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 1087 97 KB
30 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81987799f1e92422e0fe8a3660ec3a969ed909b94534f179fdbf25c6d8ecacb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/JldNClFzmSc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30773
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:15:31 GMT

GET
H3 200 -Ya2YEo9PblBmMeNLDkBYCqlLQoOYv1OX5Ts4H9sg2E.js Show response
www.google.com/js/th/ Frame 1087 35 KB
13 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/-Ya2YEo9PblBmMeNLDkBYCqlLQoOYv1OX5Ts4H9sg2E.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f986b6604a3d3db94198c78d2c3901602aa52d0a0e62fd4e5f94ece07f6c8361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:24:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13317
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Jan 2023 17:24:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 1087 26 KB
7 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb84b54891f98d44a666bcbd9371dbe83974f258b72014121d953504145eb56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/JldNClFzmSc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7609
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:26:37 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 5A94 97 KB
30 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81987799f1e92422e0fe8a3660ec3a969ed909b94534f179fdbf25c6d8ecacb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BmTGtdob4rc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30773
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:15:31 GMT

GET
H3 200 -Ya2YEo9PblBmMeNLDkBYCqlLQoOYv1OX5Ts4H9sg2E.js Show response
www.google.com/js/th/ Frame 5A94 35 KB
13 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/-Ya2YEo9PblBmMeNLDkBYCqlLQoOYv1OX5Ts4H9sg2E.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f986b6604a3d3db94198c78d2c3901602aa52d0a0e62fd4e5f94ece07f6c8361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:24:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13317
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Jan 2023 17:24:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 5A94 26 KB
7 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb84b54891f98d44a666bcbd9371dbe83974f258b72014121d953504145eb56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BmTGtdob4rc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7609
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:26:37 GMT

GET
DATA 200
OK truncated
/ Frame 1087 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 whLiPpSBxK_H-p1TjBuP5DUMXSdrC7p1xIuqN_MMMUxp6F10VA_ZE-742pkMtfCwDZnoAYtlCkg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 1087 2 KB
2 KB 30ms
30ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/whLiPpSBxK_H-p1TjBuP5DUMXSdrC7p1xIuqN_MMMUxp6F10VA_ZE-742pkMtfCwDZnoAYtlCkg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JldNClFzmSc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5399190819c5fe50c886ff8beabd007571bde43316a9dc5b74427a93d96786c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:33:54 GMT
x-content-type-options: nosniff
age: 5953
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1740
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jan 2022 19:36:25 GMT

GET
H3 200 default.webp
i.ytimg.com/vi_webp/JldNClFzmSc/ Frame 1087 2 KB
2 KB 28ms
28ms Image
image/webp 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/JldNClFzmSc/default.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/JldNClFzmSc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

898a6c90f3a5e40a34ea85d2cc8c12694dd8d211dc418c23be330f27b95f1c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:46:10 GMT
x-content-type-options: nosniff
age: 5217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1674
x-xss-protection: 0
server: sffe
etag: "1619644966"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Jan 2022 03:46:10 GMT

GET
DATA 200
OK truncated
/ Frame 5A94 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 whLiPpSBxK_H-p1TjBuP5DUMXSdrC7p1xIuqN_MMMUxp6F10VA_ZE-742pkMtfCwDZnoAYtlCkg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 5A94 2 KB
2 KB 29ms
29ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/whLiPpSBxK_H-p1TjBuP5DUMXSdrC7p1xIuqN_MMMUxp6F10VA_ZE-742pkMtfCwDZnoAYtlCkg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BmTGtdob4rc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5399190819c5fe50c886ff8beabd007571bde43316a9dc5b74427a93d96786c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:33:54 GMT
x-content-type-options: nosniff
age: 5953
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1740
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jan 2022 19:36:25 GMT

GET
H3 200 default.webp
i.ytimg.com/vi_webp/BmTGtdob4rc/ Frame 5A94 2 KB
2 KB 29ms
28ms Image
image/webp 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/BmTGtdob4rc/default.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BmTGtdob4rc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7ab5b781f1f9ad64b32f9b15ff61358a1e1091055e9a1a6032d8fb110394aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:26:02 GMT
x-content-type-options: nosniff
age: 6425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1770
x-xss-protection: 0
server: sffe
etag: "1620756584"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Jan 2022 03:26:02 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 4848 97 KB
30 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81987799f1e92422e0fe8a3660ec3a969ed909b94534f179fdbf25c6d8ecacb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/MJlbfZme01Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30773
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:15:31 GMT

GET
H3 200 -Ya2YEo9PblBmMeNLDkBYCqlLQoOYv1OX5Ts4H9sg2E.js Show response
www.google.com/js/th/ Frame 4848 35 KB
13 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/-Ya2YEo9PblBmMeNLDkBYCqlLQoOYv1OX5Ts4H9sg2E.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f986b6604a3d3db94198c78d2c3901602aa52d0a0e62fd4e5f94ece07f6c8361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:24:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13317
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Jan 2023 17:24:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 4848 26 KB
7 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb84b54891f98d44a666bcbd9371dbe83974f258b72014121d953504145eb56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/MJlbfZme01Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7609
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:26:37 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 5278 97 KB
30 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81987799f1e92422e0fe8a3660ec3a969ed909b94534f179fdbf25c6d8ecacb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BF5jWDgcln4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:15:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30773
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:15:31 GMT

GET
H3 200 -Ya2YEo9PblBmMeNLDkBYCqlLQoOYv1OX5Ts4H9sg2E.js Show response
www.google.com/js/th/ Frame 5278 35 KB
13 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/-Ya2YEo9PblBmMeNLDkBYCqlLQoOYv1OX5Ts4H9sg2E.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f986b6604a3d3db94198c78d2c3901602aa52d0a0e62fd4e5f94ece07f6c8361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:24:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13317
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 16:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Jan 2023 17:24:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/ Frame 5278 26 KB
7 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb84b54891f98d44a666bcbd9371dbe83974f258b72014121d953504145eb56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BF5jWDgcln4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7609
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 01:27:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 26 Jan 2023 17:26:37 GMT

GET
DATA 200
OK truncated
/ Frame 4848 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 whLiPpSBxK_H-p1TjBuP5DUMXSdrC7p1xIuqN_MMMUxp6F10VA_ZE-742pkMtfCwDZnoAYtlCkg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 4848 2 KB
2 KB 26ms
26ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/whLiPpSBxK_H-p1TjBuP5DUMXSdrC7p1xIuqN_MMMUxp6F10VA_ZE-742pkMtfCwDZnoAYtlCkg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MJlbfZme01Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5399190819c5fe50c886ff8beabd007571bde43316a9dc5b74427a93d96786c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:33:54 GMT
x-content-type-options: nosniff
age: 5953
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1740
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jan 2022 19:36:25 GMT

GET
H3 200 default.webp
i.ytimg.com/vi_webp/MJlbfZme01Y/ Frame 4848 2 KB
2 KB 25ms
25ms Image
image/webp 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/MJlbfZme01Y/default.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MJlbfZme01Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a9dfbbef6b86955c1b8f6ba478cc882d8256e9b0d59d7b8e09601d868cba53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:33:56 GMT
x-content-type-options: nosniff
age: 5951
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1776
x-xss-protection: 0
server: sffe
etag: "1620079678"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Jan 2022 03:33:56 GMT

GET
DATA 200
OK truncated
/ Frame 5278 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 whLiPpSBxK_H-p1TjBuP5DUMXSdrC7p1xIuqN_MMMUxp6F10VA_ZE-742pkMtfCwDZnoAYtlCkg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 5278 2 KB
2 KB 29ms
28ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/whLiPpSBxK_H-p1TjBuP5DUMXSdrC7p1xIuqN_MMMUxp6F10VA_ZE-742pkMtfCwDZnoAYtlCkg=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BF5jWDgcln4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5399190819c5fe50c886ff8beabd007571bde43316a9dc5b74427a93d96786c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 01:33:54 GMT
x-content-type-options: nosniff
age: 5953
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1740
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 26 Jan 2022 19:36:25 GMT

GET
H3 200 default.webp
i.ytimg.com/vi_webp/BF5jWDgcln4/ Frame 5278 2 KB
2 KB 27ms
27ms Image
image/webp 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/BF5jWDgcln4/default.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BF5jWDgcln4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ce10a921c6f03ebfe211f9cc7932e6c49dbe8543f13f6b2f5f9d6edfbf41481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 02:02:53 GMT
x-content-type-options: nosniff
age: 4214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1774
x-xss-protection: 0
server: sffe
etag: "1619704348"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Jan 2022 04:02:53 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 8FB4 4 KB
2 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 03:13:07 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 8FB4 0
9 B 28ms
28ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?X1C3RA
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/VLfgebzpsmM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 1087 4 KB
2 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 03:13:07 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 5A94 4 KB
2 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 03:13:07 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 1087 0
9 B 28ms
28ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Gm60cg
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/JldNClFzmSc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 5A94 0
9 B 31ms
30ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Jg4RjQ
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BmTGtdob4rc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 4848 0
9 B 31ms
30ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?VclzOw
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/MJlbfZme01Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4848 4 KB
2 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 03:13:07 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 5278 0
9 B 28ms
28ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?NbnP3w
Requested by: Host: duromax.shop
URL: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/embed/BF5jWDgcln4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 5278 4 KB
2 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jan 2022 03:13:07 GMT

GET
H2 200 nr-spa-1214.min.js Show response
js-agent.newrelic.com/ 45 KB
17 KB 57ms
15ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1214.min.js
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 38e8fbc0dd2dced6baf868693d2de7da475e8d3de08434cc6ac6c0b4950ab1d7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: dU7oF32BLhGI7U7W.plhnY0tWsxdaArN
content-encoding: gzip
etag: "709ab085dc6fdf2fd4cb719608244963"
x-amz-request-id: JPN9K4AZ4DZ6JQ57
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16954
x-amz-id-2: 4W4lTs72c8xV9FKPMfjO1j2EHidcwpV5lDsrP5eH8vpQJ89h7aABK3UsHNBBYo4v6rDQZ7B0XLA=
x-served-by: cache-mxp6952-MXP
last-modified: Tue, 04 Jan 2022 23:13:19 GMT
server: AmazonS3
x-timer: S1643253188.716223,VS0,VE0
date: Thu, 27 Jan 2022 03:13:07 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 583

POST
H/1.1 200
OK get Show response
clube-de-ofertas.oncartx.io/cart/ 637 B
2 KB 223ms
223ms XHR
application/json 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/cart/get
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d230efdee8999f46f78eacf6056139449adf35ed3a7e2298209d78b88c8cfa17

Request headers

X-NewRelic-ID: VwUAVF9WARABUFBWAQkBX10A
tracestate: 3375959@nr=0-1-3375959-1588620747-b7810108e10d4053----1643253187668
traceparent: 00-08581d682205b697097aab1406d74b00-b7810108e10d4053-01
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNzU5NTkiLCJhcCI6IjE1ODg2MjA3NDciLCJpZCI6ImI3ODEwMTA4ZTEwZDQwNTMiLCJ0ciI6IjA4NTgxZDY4MjIwNWI2OTcwOTdhYWIxNDA2ZDc0YjAwIiwidGkiOjE2NDMyNTMxODc2Njh9fQ==
Content-Type: application/json; charset=utf-8
Accept: */*
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
X-CSRF-TOKEN: UpiKp88hgwP66aY4FBmorqx4UhaNdORu4E8BIGM4
X-Requested-With: XMLHttpRequest

Response headers

Date: Thu, 27 Jan 2022 03:13:07 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQEUlFWAQYJR1BWBgUBXlIIDwJASkE1VQBsEFlWR1NQEVAOXz0cIwdCXg4IPxdyQBQ9Pn9FQxY4bXVcDBIRDVwOXRBLZGhxUhdNIl4PRxALWlsEFCNfVkQqBBUVHQdIVAEGA1JKU0wAVA9XDRQZAx9HAFgJBFJSVFIOBV4ACAAFB0NOUVBbFQFs
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d3ecda6fc685a25-MXP

GET
H2 200 oncartx.js Show response
whatsapp.cartx.io/ 3 KB
2 KB 414ms
121ms Script
application/javascript 3.130.225.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whatsapp.cartx.io/oncartx.js?v=61f20dc07449e
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.225.230 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-225-230.us-east-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 844e57195d5c4951a02753da0da257c7a0684ea9335958373a665a2504c8378a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:08 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 06:33:16 GMT
server: nginx/1.16.1
etag: W/"5fb4c02c-b51"
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK analytics.min.js Show response
clube-de-ofertas.oncartx.io/js/ 2 KB
2 KB 32ms
31ms Script
application/javascript 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/js/analytics.min.js
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d751e21d3a14f06cdbd836a4fda46ef22a33547069719f192b01bda0e980817

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:07 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Age: 26181
Content-Security-Policy-Report-Only: script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=7TG.YwVlLSDbnlo0JNJJpddQKSeHRu8SDGNvgwW5GZ0-1643253187-0-AfTXcfV4EjtoSmS4a80GcMKCoteQx6tlkUXWJw75-1507JgHBtLwr3tHE821hWiZggbRaLAum6RZP8aFBbYi3fiJAxjKJPl-nNHMagiTwcmF
Connection: keep-alive
Last-Modified: Wed, 26 Jan 2022 18:23:42 GMT
Server: cloudflare
ETag: W/"61f191ae-87f"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1800
Transfer-Encoding: chunked
CF-RAY: 6d3ecda6fdbb83ac-MXP
Expires: Thu, 27 Jan 2022 03:43:07 GMT

GET
H/1.1 200
OK socket-client.js Show response
clube-de-ofertas.oncartx.io/js/services/ 83 KB
27 KB 220ms
219ms Script
application/javascript 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/js/services/socket-client.js?v=61f20dc0744a1
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2705087be6cc0ac13171993dcebd8e4b1fe9c08403c01a52a0b9bd8c2a955fbb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:07 GMT
Content-Encoding: br
CF-Cache-Status: MISS
Last-Modified: Wed, 26 Jan 2022 18:23:42 GMT
Server: cloudflare
ETag: W/"61f191ae-14b30"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d3ecda6fba059d7-MXP
Expires: Thu, 27 Jan 2022 03:43:07 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame 8FB4 48 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Thu, 27 Jan 2022 18:11:50 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame 1087 48 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Thu, 27 Jan 2022 18:11:50 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame 5A94 48 KB
14 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Thu, 27 Jan 2022 18:11:50 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame 4848 48 KB
14 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Thu, 27 Jan 2022 18:11:50 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 665F 49 KB
20 KB 59ms
25ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122815905-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5893
date: Thu, 27 Jan 2022 01:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 27 Jan 2022 03:34:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 665F 97 KB
38 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-777904180&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122815905-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6873a10d9391ab3ba24249a10b125422502a59c0652002006fa9b20c1377dca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39353
x-xss-protection: 0
expires: Thu, 27 Jan 2022 03:13:07 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 665F 39 KB
15 KB 118ms
47ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-777904180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14855
x-xss-protection: 0
server: cafe
etag: 17539559064140624452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jan 2022 03:13:07 GMT

GET
H2 200 braip-booster.js Show response
ev.braip.com/js/ Frame 665F 2 KB
1 KB 408ms
408ms Script
application/javascript 2606:4700:10::6816:707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ev.braip.com/js/braip-booster.js?v=1643253187699

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:707 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a27565af22c166499574e29ea6cf9165fe450aa3438a74a93111bd1008cae3ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 26 Jan 2022 19:12:38 GMT
server: cloudflare
etag: W/"61f19d26-880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 6d3ecda72c8e0e2a-MXP
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
api.sunset.systems/services/ Frame B321 2 KB
1 KB 221ms
23ms Document
text/html 2606:4700:3108::ac42:2b9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sunset.systems/services/?type=dtnl
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 771960e3e360d91710834071e30f1fe5c0dc53001b6c008d02d4c948b6b6091a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-ua-compatible: IE=Edge
cf-cache-status: HIT
age: 4486
last-modified: Thu, 27 Jan 2022 01:58:21 GMT
expires: Sun, 30 Jan 2022 03:13:07 GMT
cache-control: public, max-age=259200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d3ecda86b4c5a2b-MXP
content-encoding: gzip

GET
H2 200 / Show response
conectiva.io/XEngine/services/ Frame 665F 91 B
502 B 68ms
22ms XHR
text/html 2606:4700:3108::ac42:28b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/services/?type=domain_inf&inf=DKEY+DGUID+DOMAIN&ref=ZHVyb21heC5zaG9w&v=1
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions, sunset.solutions
Resource Hash: 5b2bd40a45d294b11759ebc65aad3c5d18fbaf3b3c521d64cbe9091e99c1aeaf

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: br
cf-cache-status: HIT
x-cs: MISS
age: 125649
x-powered-by: sunset.solutions, sunset.solutions
last-modified: Sat, 22 Jan 2022 17:05:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 6d3ecda77cd359cb-MXP
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
expires: Sun, 27 Feb 2022 03:13:07 GMT

GET
H/1.1 200
OK tag.php
syndication.exdynsrv.com/ Frame 665F 0
218 B 323ms
108ms Image
text/html 68.169.106.40
ISPRIME

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://syndication.exdynsrv.com/tag.php?goal=0ba936dc8818d7343b7ef1ae30c6903b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.169.106.40 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:07 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
syndication.exoclick.com/ Frame 665F 0
218 B 323ms
106ms Image
text/html 68.169.106.40
ISPRIME

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://syndication.exoclick.com/tag.php?goal=0ba936dc8818d7343b7ef1ae30c6903b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.169.106.40 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:07 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
syndication.realsrv.com/ Frame 665F 0
218 B 322ms
107ms Image
text/html 68.169.106.40
ISPRIME

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://syndication.realsrv.com/tag.php?goal=0ba936dc8818d7343b7ef1ae30c6903b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.169.106.40 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 03:13:07 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame 5278 48 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 18:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Thu, 27 Jan 2022 18:11:50 GMT

POST
H/1.1 200
OK save-analytics Show response
clube-de-ofertas.oncartx.io/ 15 B
2 KB 205ms
204ms XHR
application/json 2606:4700::6812:1521
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clube-de-ofertas.oncartx.io/save-analytics
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1521 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

X-NewRelic-ID: VwUAVF9WARABUFBWAQkBX10A
tracestate: 3375959@nr=0-1-3375959-1588620747-763e01416636028f----1643253187711
traceparent: 00-55165d275b6224f124deea858aea5800-763e01416636028f-01
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNzU5NTkiLCJhcCI6IjE1ODg2MjA3NDciLCJpZCI6Ijc2M2UwMTQxNjYzNjAyOGYiLCJ0ciI6IjU1MTY1ZDI3NWI2MjI0ZjEyNGRlZWE4NThhZWE1ODAwIiwidGkiOjE2NDMyNTMxODc3MTF9fQ==
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
Referer: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
X-CSRF-TOKEN: UpiKp88hgwP66aY4FBmorqx4UhaNdORu4E8BIGM4
X-Requested-With: XMLHttpRequest

Response headers

Date: Thu, 27 Jan 2022 03:13:07 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQEUlFWAQYJR1BWBgUBXlIIDwJASkE1VQBsEFlWR1NQEVAOXz0cIwdCXg4IPxdAURIET1ZfVgodRV9QEURPUh5SCFIICBgCHVUMVARSH09VGhVWAlQBCwBUAgYHBQ5QUQUGEU4AAg5DB2U=
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: application/json
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6d3ecda73e0083ac-MXP

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 61ms
18ms Preflight
text/plain 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://duromax.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-type: text/plain
access-control-allow-origin: https://duromax.shop
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 6d3ecda78b470f7e-MXP
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip

POST
H2 200 rum Show response
cloudflareinsights.com/cdn-cgi/ Frame 665F 0
77 B 33ms
33ms XHR
text/plain 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://duromax.shop/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://duromax.shop
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6d3ecda7ab550f7e-MXP
vary: Origin

GET
H/1.1 200
OK NRJS-26911f9027ef45ffffd Show response
bam.nr-data.net/1/ 57 B
322 B 492ms
121ms Script
text/javascript 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-26911f9027ef45ffffd?a=1414686991&v=1214.62a3223&to=ZwRSNksDWUMDB0MPXF5OcQFNC1heTSVHFm94FUQSZSFYXhYWWApfVRNDPmsNQkQHJ1gIR0IOXA5cEHdAEAtTE1BEEngDVwZbVQ%3D%3D&rst=3742&ck=1&ref=https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial&ap=465&be=1036&fe=3670&dc=1748&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1643253183996,%22n%22:0,%22f%22:224,%22dn%22:225,%22dne%22:243,%22c%22:243,%22s%22:259,%22ce%22:280,%22rq%22:280,%22rp%22:937,%22rpe%22:958,%22dl%22:940,%22di%22:1680,%22ds%22:1748,%22de%22:1763,%22dc%22:3670,%22l%22:3670,%22le%22:3674%7D,%22navigation%22:%7B%7D%7D&fp=1308&fcp=1308&at=S0NRQAMZSk0%3D&jsonp=NREUM.setToken
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://clube-de-ofertas.oncartx.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 core.js Show response
conectiva.io/XEngine/ Frame 665F 16 KB
6 KB 59ms
23ms Script
application/javascript 2606:4700:3108::ac42:28b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/core.js?ts=1643259600
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: bc75c17033ddcecf717ed63a71a43ce40dacd3502f1b65734df657aec3314619

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 406
x-powered-by: sunset.solutions
last-modified: Wed, 16 Dec 2020 16:55:27 GMT
cf-bgj: minify
server: cloudflare
etag: W/"5fda3bff-6111"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400
cf-polished: origSize=24849
cf-ray: 6d3ecda7de043751-MXP
expires: Sun, 27 Feb 2022 03:13:07 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/777904180/ Frame 665F 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777904180/?random=1643253187821&cv=9&fst=1643253187821&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=8&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fduromax.shop%2F%3Fpv%3Dpropvndo%26af%3Dafi89zm3x%26src%3Dmais-tesao-oncartxC&ref=https%3A%2F%2Fclube-de-ofertas.oncartx.io%2F&tiba=DuroMax%20-%20Site%20Oficial%20%5BJogue%20duro%2C%20jogue%20com%20DuroMax%5D&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

510b77ae9cbf39af118a3c544a98afdb84447042018aed369bbacbabbfd9e567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1122
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 load.js Show response
conectiva.io/XEngine/DGUID/0369C737-4D2A-6C70-6C64-AC240D5841A8/ Frame 665F 66 B
169 B 21ms
21ms Script
application/javascript 2606:4700:3108::ac42:28b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/DGUID/0369C737-4D2A-6C70-6C64-AC240D5841A8/load.js?ts=1643259600
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: 6bb1c1f188753172b2c18c7d2e6cf1c1ec8220fbc9e75e34be6d115d09d4c6b5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 406
x-powered-by: sunset.solutions
last-modified: Thu, 29 Oct 2020 12:24:29 GMT
cf-bgj: minify
server: cloudflare
etag: W/"5f9ab47d-43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400
cf-polished: origSize=67
cf-ray: 6d3ecda80e193751-MXP
expires: Sun, 27 Feb 2022 03:13:07 GMT

GET
H2 200 proc.js Show response
conectiva.io/XEngine/DGUID/0369C737-4D2A-6C70-6C64-AC240D5841A8/ Frame 665F 0
84 B 25ms
25ms Script
application/javascript 2606:4700:3108::ac42:28b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/DGUID/0369C737-4D2A-6C70-6C64-AC240D5841A8/proc.js?ts=1643259600
Requested by: Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1643259600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
cf-cache-status: HIT
age: 406
x-powered-by: sunset.solutions
last-modified: Thu, 29 Oct 2020 12:24:53 GMT
content-length: 0
cf-bgj: minify
server: cloudflare
etag: "5f9ab495-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 6d3ecda83e323751-MXP
expires: Sun, 27 Feb 2022 03:13:07 GMT

GET
H2 200 datatunnel.js Show response
conectiva.io/XEngine/extensions/datatunnel/ Frame 665F 788 B
499 B 21ms
21ms Script
application/javascript 2606:4700:3108::ac42:28b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/extensions/datatunnel/datatunnel.js?ts=1643259600
Requested by: Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1643259600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: 755a031eaeb32170081e04ff2f614f99ff4bd102cc915420bc5f503368a5c716

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 406
x-powered-by: sunset.solutions
last-modified: Fri, 30 Aug 2019 19:31:10 GMT
cf-bgj: minify
server: cloudflare
etag: W/"5d69797e-3d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400
cf-polished: origSize=979
cf-ray: 6d3ecda83e343751-MXP
expires: Sun, 27 Feb 2022 03:13:07 GMT

GET
H2 200 visitor.js Show response
conectiva.io/XEngine/extensions/visitor/ Frame 665F 5 KB
2 KB 24ms
24ms Script
application/javascript 2606:4700:3108::ac42:28b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/extensions/visitor/visitor.js?ts=1643259600
Requested by: Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1643259600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: 64dae6b56fb827d3fb04c7e64c39ea918dbae30cc7b4638165cb06a53845a212

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 406
x-powered-by: sunset.solutions
last-modified: Thu, 06 Jan 2022 16:09:30 GMT
cf-bgj: minify
server: cloudflare
etag: W/"61d7143a-2e61"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400
cf-polished: origSize=11873
cf-ray: 6d3ecda83e363751-MXP
expires: Sun, 27 Feb 2022 03:13:07 GMT

GET
H2 200 cartstackbr.js Show response
conectiva.io/XEngine/extensions/cartstackbr/ Frame 665F 3 KB
1 KB 21ms
21ms Script
application/javascript 2606:4700:3108::ac42:28b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/extensions/cartstackbr/cartstackbr.js?ts=1643259600
Requested by: Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1643259600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: e2fab1d8fbe2b2c340827ef2cf162707e7363a184e301750a59f285b81388133

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 406
x-powered-by: sunset.solutions
last-modified: Sat, 11 Sep 2021 16:07:16 GMT
cf-bgj: minify
server: cloudflare
etag: W/"613cd434-146f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400
cf-polished: origSize=5231
cf-ray: 6d3ecda83e383751-MXP
expires: Sun, 27 Feb 2022 03:13:07 GMT

GET
H2 200 performa.js Show response
conectiva.io/XEngine/extensions/performa/ Frame 665F 2 KB
1 KB 25ms
25ms Script
application/javascript 2606:4700:3108::ac42:28b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://conectiva.io/XEngine/extensions/performa/performa.js?ts=1643259600
Requested by: Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1643259600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / sunset.solutions
Resource Hash: 1cb6cd28bcd130dd28473b788e18f816814614baed68c649f6d4cb0ec6941a35

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 406
x-powered-by: sunset.solutions
last-modified: Tue, 20 Jul 2021 18:20:37 GMT
cf-bgj: minify
server: cloudflare
etag: W/"60f713f5-de4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2678400
cf-polished: origSize=3556
cf-ray: 6d3ecda83e393751-MXP
expires: Sun, 27 Feb 2022 03:13:07 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/777904180/ Frame 665F 42 B
64 B 37ms
37ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/777904180/?random=1643253187821&cv=9&fst=1643252400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=8&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fduromax.shop%2F%3Fpv%3Dpropvndo%26af%3Dafi89zm3x%26src%3Dmais-tesao-oncartxC&ref=https%3A%2F%2Fclube-de-ofertas.oncartx.io%2F&tiba=DuroMax%20-%20Site%20Oficial%20%5BJogue%20duro%2C%20jogue%20com%20DuroMax%5D&async=1&fmt=3&is_vtc=1&random=12547022&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 03:13:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.it/pagead/1p-user-list/777904180/ Frame 665F 42 B
548 B 124ms
37ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/pagead/1p-user-list/777904180/?random=1643253187821&cv=9&fst=1643252400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=8&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1o0&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2Fduromax.shop%2F%3Fpv%3Dpropvndo%26af%3Dafi89zm3x%26src%3Dmais-tesao-oncartxC&ref=https%3A%2F%2Fclube-de-ofertas.oncartx.io%2F&tiba=DuroMax%20-%20Site%20Oficial%20%5BJogue%20duro%2C%20jogue%20com%20DuroMax%5D&async=1&fmt=3&is_vtc=1&random=12547022&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 03:13:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 core.js Show response
app.cartstack.com.br/activeAPI/cnct/ Frame 665F 8 KB
3 KB 21ms
21ms Script
application/javascript 2606:4700:3108::ac42:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cartstack.com.br/activeAPI/cnct/core.js?ts=1643259600

Requested by

Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1643259600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / sunset.solutions

Resource Hash

f06668f2b111e52294d99598ffa92c7b071c6d02115f74d341a9b9d5dd3135f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-cs: MISS
age: 140
x-powered-by: sunset.solutions
cf-bgj: minify
x-ua-compatible: IE=Edge
last-modified: Thu, 27 Jan 2022 01:57:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sun, 27 Feb 2022 03:13:07 GMT
cache-control: public, max-age=2678400
cf-polished: origSize=13979
cf-ray: 6d3ecda86ab459dd-MXP
x-lb: 1

GET
H2 200 / Show response
api.performa.ai/v1/ Frame 665F 180 B
519 B 73ms
22ms XHR
application/json 2606:4700:3108::ac42:291b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.performa.ai/v1/?type=front&params={%22route%22:%22store_details%22}&pubkey=0369C737-4D2A-6C70-6C64-AC240D5841A8&cache=remote
Requested by: Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:291b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 823c309e1b7393e21bac0a421ef69704350de89dbe4c24878b9267379ef8c1db

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:07 GMT
content-encoding: gzip
cf-cache-status: HIT
x-cs: BYPASS
age: 1911
last-modified: Thu, 27 Jan 2022 00:43:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6d3ecda8bd3983ae-MXP
access-control-allow-headers: *
expires: Thu, 27 Jan 2022 04:13:07 GMT

GET
H2 200 proc.js Show response
app.cartstack.com.br/activeAPI/cnct/ Frame 665F 14 KB
5 KB 582ms
582ms Script
application/javascript 2606:4700:3108::ac42:2bc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cartstack.com.br/activeAPI/cnct/proc.js?newlayer=aHR0cHM6Ly9kdXJvbWF4LnNob3Av&__utmc=0,0&__utmz=0&ref=auto&ts=1643259600

Requested by

Host: conectiva.io
URL: https://conectiva.io/XEngine/core.js?ts=1643259600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2bc4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / sunset.solutions

Resource Hash

12ff29b0ba07c9aa36bc0df95593a6dc08aa604ad65ea5f8443300ce54f1c0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-cs: MISS
x-powered-by: sunset.solutions
cf-bgj: minify
x-ua-compatible: IE=Edge
last-modified: Thu, 27 Jan 2022 03:00:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sun, 27 Feb 2022 03:13:08 GMT
cache-control: public, max-age=2678400
cf-polished: origSize=14601
cf-ray: 6d3ecda88af159dd-MXP
x-lb: 1

OPTIONS
H2 200 ajax.php
whatsapp.cartx.io/ Frame 0
0 377ms
136ms Preflight
text/html 3.130.225.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whatsapp.cartx.io/ajax.php?slug=clube-de-ofertas&uniqid=1643253188085
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.225.230 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-225-230.us-east-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-csrf-token
Origin: https://clube-de-ofertas.oncartx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 27 Jan 2022 03:13:08 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.16.1
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization, X-Requested-With,X-CSRF-Token
content-encoding: gzip

GET
H2 200 ajax.php Show response
whatsapp.cartx.io/ 5 B
564 B 131ms
131ms XHR
text/html 3.130.225.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://whatsapp.cartx.io/ajax.php?slug=clube-de-ofertas&uniqid=1643253188085
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.130.225.230 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-225-230.us-east-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://clube-de-ofertas.oncartx.io/
X-CSRF-TOKEN: UpiKp88hgwP66aY4FBmorqx4UhaNdORu4E8BIGM4
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Jan 2022 03:13:08 GMT
content-encoding: gzip
server: nginx/1.16.1
access-control-allow-headers: Content-Type,Authorization, X-Requested-With,X-CSRF-Token
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK NRJS-26911f9027ef45ffffd Show response
bam.nr-data.net/events/1/ 24 B
194 B 122ms
121ms XHR
image/gif 162.247.242.18
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-26911f9027ef45ffffd?a=1414686991&v=1214.62a3223&to=ZwRSNksDWUMDB0MPXF5OcQFNC1heTSVHFm94FUQSZSFYXhYWWApfVRNDPmsNQkQHJ1gIR0IOXA5cEHdAEAtTE1BEEngDVwZbVQ%3D%3D&rst=4244&ck=1&ref=https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Requested by: Host: clube-de-ofertas.oncartx.io
URL: https://clube-de-ofertas.oncartx.io/products/mais-tesao-funciona-bula-mercado-livre-reclame-aqui-anvisa-composicao-como-usar-onde-comprar-para-que-serve-e-bom-site-oficial
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.18 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-6.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://clube-de-ofertas.oncartx.io/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://clube-de-ofertas.oncartx.io
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame B81B 28 B
54 B 44ms
43ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/lLe6EWMTsgk
X-YouTube-Client-Version: 1.20220125.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtDeFM2Y1lhR0VGUSjBm8iPBg%3D%3D
X-YouTube-Ad-Signals: dt=1643253185894&flash=0&frm=2&u_tz&u_his=8&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C466%2C150&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 27 Jan 2022 03:13:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 27 Jan 2022 03:13:08 GMT

POST
H2 200 cart.php Show response
api2.cartstack.com.br/br/php/ Frame 665F 56 B
414 B 659ms
568ms XHR
application/json 2606:4700:3108::ac42:283c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.cartstack.com.br/br/php/cart.php

Requested by

Host: app.cartstack.com.br
URL: https://app.cartstack.com.br/activeAPI/cnct/core.js?ts=1643259600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:283c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebc3e41cb5bcf6ab37335ac6d2650a668efd21b7b8136e5e1aab4282fdc26bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 27 Jan 2022 03:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json;charset=utf-8
access-control-allow-origin: *
x-server: DASHBOARD-1
cf-ray: 6d3ecdacc9c4374f-MXP
access-control-allow-headers: *
x-ua-compatible: IE=Edge

GET
H2 200 pgvw.png
conectiva.io/XEngine/services/ Frame 665F 68 B
264 B 163ms
163ms Image
image/png 2606:4700:3108::ac42:28b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://conectiva.io/XEngine/services/pgvw.png?DGUID=0369C737-4D2A-6C70-6C64-AC240D5841A8&domain=duromax.shop&visitorID=42179237-2703-4712-ac1c-a1e42aa7fdbd&ts=1643253188
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e78e66902d022c88363c7283373874972f634fa86a265a1cafbe67f1ea2b25

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://duromax.shop/?pv=propvndo&af=afi89zm3x&src=mais-tesao-oncartxC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:13:08 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 04 Jan 2020 13:28:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 6d3ecdac38833751-MXP
content-length: 68
svr-datetime: Thursday, 27-Jan-2022 00:13:08 -03
expires: Thu, 27 Jan 2022 03:13:07 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 8FB4 28 B
54 B 49ms
49ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/VLfgebzpsmM
X-YouTube-Client-Version: 1.20220125.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtDeFM2Y1lhR0VGUSjCm8iPBg%3D%3D
X-YouTube-Ad-Signals: dt=1643253186803&flash=0&frm=2&u_tz&u_his=8&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 27 Jan 2022 03:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 27 Jan 2022 03:13:09 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 5A94 28 B
54 B 45ms
42ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/BmTGtdob4rc
X-YouTube-Client-Version: 1.20220125.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtDeFM2Y1lhR0VGUSjCm8iPBg%3D%3D
X-YouTube-Ad-Signals: dt=1643253186894&flash=0&frm=2&u_tz&u_his=8&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 27 Jan 2022 03:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 27 Jan 2022 03:13:09 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 1087 28 B
54 B 47ms
44ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/JldNClFzmSc
X-YouTube-Client-Version: 1.20220125.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtDeFM2Y1lhR0VGUSjCm8iPBg%3D%3D
X-YouTube-Ad-Signals: dt=1643253186837&flash=0&frm=2&u_tz&u_his=8&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 27 Jan 2022 03:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 27 Jan 2022 03:13:09 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4848 28 B
55 B 43ms
42ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/MJlbfZme01Y
X-YouTube-Client-Version: 1.20220125.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtDeFM2Y1lhR0VGUSjCm8iPBg%3D%3D
X-YouTube-Ad-Signals: dt=1643253186963&flash=0&frm=2&u_tz&u_his=8&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 27 Jan 2022 03:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 27 Jan 2022 03:13:09 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 5278 28 B
55 B 44ms
41ms XHR
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/8ad9c87a/player_ias.vflset/it_IT/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/BF5jWDgcln4
X-YouTube-Client-Version: 1.20220125.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtDeFM2Y1lhR0VGUSjCm8iPBg%3D%3D
X-YouTube-Ad-Signals: dt=1643253187017&flash=0&frm=2&u_tz&u_his=8&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 27 Jan 2022 03:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 27 Jan 2022 03:13:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/lLe6EWMTsgk

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: cqi37rvqc1j7m89vpenl2cuk3s
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: eRnLFwX52P4
.youtube.com/	1970-01-20 04:46:45	Name: VISITOR_INFO1_LIVE Value: CxS6cYaGEFQ
.oncartx.io/	1970-01-20 17:58:45	Name: _ga_G54H1ZHQN2 Value: GS1.1.1643253185.1.0.1643253185.0
.oncartx.io/	1970-01-20 17:58:45	Name: _ga Value: GA1.1.793220352.1643253185
clube-de-ofertas.oncartx.io/	1970-01-20 00:37:37	Name: recentViewsCartX Value: ["3587981"]
ev.braip.com/	1970-01-30 00:26:06	Name: refBraippropvndo Value: afi89zm3x
ev.braip.com/	1970-01-30 00:26:06	Name: ref_before_http_propvndo Value: https%3A%2F%2Fclube-de-ofertas.oncartx.io%2F
ev.braip.com/	1970-01-30 00:26:06	Name: ref_before_urls_http_propvndo Value: cdceac9f579e4bedc8b848ede5f5a27775f472f1
ev.braip.com/	1970-01-30 00:26:06	Name: braipDataRequestpropvndo Value: %7B%22pv%22%3A%22propvndo%22%2C%22af%22%3A%22afi89zm3x%22%2C%22src%22%3A%22mais-tesao-oncartxC%22%7D
.duromax.shop/	1970-01-20 00:28:59	Name: xe_config Value: MktRMkExOTA5MCwwMzY5QzczNy00RDJBLTZDNzAtNkM2NC1BQzI0MEQ1ODQxQTgsLmR1cm9tYXguc2hvcA==
.doubleclick.net/	1970-01-20 00:27:34	Name: test_cookie Value: CheckForPermission
clube-de-ofertas.oncartx.io/	1970-01-20 00:28:09	Name: XSRF-TOKEN Value: eyJpdiI6ImluRThrUTlVM1wvYU55WXNQcCt4aHVRPT0iLCJ2YWx1ZSI6IjFHa3pSWXh5cnBRb1d6NE9DNVJWNzRGSXlXMm54NmFjXC9oZUxqMkd2SElxWWExVEFTUE1KSlwvV0IzWks4SW0wVys4QllvWWVCZ05Pa0tnTWdEeGMrMDNESkRWVUVDT1lKdUV6dmEwXC9aejFpdVNNUklCMjdIbmJJcmJ3OHdicTAwIiwibWFjIjoiZGE5ZmY1ZTJjYjYwNDE5MGUyMjIwZTZiNTM3NzlkOTA5MDkxZjg3ZDA5YTNmOTNiYjZlYjgxZjAzYmIwNzAzZSJ9
clube-de-ofertas.oncartx.io/	1970-01-20 00:28:09	Name: cartx_frontend_session Value: eyJpdiI6ImtxbjRcL1wvVVB2N0Zlb21FQmpBQzBEQT09IiwidmFsdWUiOiI0aUc5NmZobjd3Zk9OM21xVDlSWm9IS2dEQmMxSHNocXBoK09CZEx2clNDdmptZlU4ZXgwbUdXWEN1Vyt1Y1Q5dTBtdFlsMTNrSXV5eEpNRGQzaGp3aVRaTXQ2SDhEMjE4V1JTeVwvMnQ1VnpkeEdiQ3FlbUFETnphMkFUaHZ3Tk4iLCJtYWMiOiI1OTczYWM0MjgwNDkwNzc5OTFjZGEyNzdkZmVlYzQyMmNmNGViODQyNTJlZjZlMmE1NzI5NWRhYjYzN2YwYzg3In0%3D
clube-de-ofertas.oncartx.io/	1970-01-20 09:13:09	Name: visit_token Value: eyJpdiI6IjBLcEZzUUtqSjVnbU9zQ3NndjU0eVE9PSIsInZhbHVlIjoicG9ZaTRvcU5qd2I5U3lpXC9TZzZTbWpkWFhqeVRPd0twbFwvNEJkcDg1R2huOHdDcE9hMlNnaHlLT3ROZGlOeEJCc00rb3RPaVlqM0hFbWtnNmRPWm9QSzBGSTRaZG0yeHAydndVbmNlMDMwTnUzNmZWeE9Ua3djOEk3U056RWpIXC92bzB3V1VIZUViMEFsamdKa0NPUUVBPT0iLCJtYWMiOiJiNjlmMTBkN2ZmNzY5MjAxY2JlYTM3MGQwNTFjZmFjODIwZjM5NWJjZGZiMDUxY2U2NWJhN2ZiN2YzNzNmYWMyIn0%3D
clube-de-ofertas.oncartx.io/	1970-01-20 00:27:34	Name: session_token Value: eyJpdiI6ImV3R2R1RERvOVlkaWdKaW1UcjhaeXc9PSIsInZhbHVlIjoiZE5POFpxUjMrZFh4MHRqVFJnbGFLQURRdW5vR1M2aEJ0V0t5YTdIbmZKb1pJNGhxdFFmbG50SndvR2lvdVwvOGpORzkwaUdhUWVqS2tEaVV3cFArSnFHYTJORDdTQXU2MDNyQTdFRzNFXC9nRTRUUEl3bGVQMGFTQTJLUTIyb3V6clNTWEE2emFWVTlHMmNDZlwvOXVFZkxRPT0iLCJtYWMiOiIzZDFlMjVhMmUyMTU4ZTQ1ZjI5OTFlZjNlMzViNzExMzJhMjQzZjFiZDNkNmVkNTZmYTYwZTUxNzU3ZjRiMDVmIn0%3D
whatsapp.cartx.io/	1970-01-20 00:37:37	Name: AWSALBCORS Value: SE8+qJ6t6hPA1h1J9hLtc14IkfXfLJTTjDsKPo2AXCUq80nOCt9m6VMqEf0UrvEl0gYVI32LspoS3DLFJ1IiDcORuYeR051LEEThppSOHzBbQsLzCTV3UI6gvqPY
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 2e76a478716ce51b
socket.apps.cartx.io/	1970-01-20 00:37:37	Name: AWSALBCORS Value: IXpVsErCXXCuo88e1TuPsgTT5+yqrBEfJ2nSPaWWbzYMHqDdC26B6zbQKeWKR1YkFPzy+m/W6YFBRSQFyS7T3ixspqU3+R7lo0gN6jNP/ngcm6VBxoJ2xaVjgVQX
.duromax.shop/	1970-01-20 17:44:21	Name: xe_visitor Value: eyJpZCI6IjQyMTc5MjM3LTI3MDMtNDcxMi1hYzFjLWExZTQyYWE3ZmRiZCIsImVtYWlsIjoiIn0=
api.sunset.systems/	1970-01-20 17:44:21	Name: xe_visitor Value: eGVfdmlzaXRvcnx7ImlkIjoiNDIxNzkyMzctMjcwMy00NzEyLWFjMWMtYTFlNDJhYTdmZGJkIiwiZW1haWwiOiIifXw3MjA=
.duromax.shop/	1970-01-20 09:13:09	Name: cartstack.com-cartid Value: MzQzNTAzMzc4
api.sunset.systems/	1970-01-20 09:13:09	Name: cartstack.com-cartid Value: Y2FydHN0YWNrLmNvbS1jYXJ0aWR8MzQzNTAzMzc4fDM2NQ==

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-full-version-list'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-full-version-list'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-full-version-list'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-full-version-list'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-full-version-list'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-full-version-list'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-full-version-list'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

575129-1859047-raikfcquaxqncofqfm.stackpathdns.com
575129-1859331-1-raikfcquaxqncofqfm.stackpathdns.com
575129-1859338-1-raikfcquaxqncofqfm.stackpathdns.com
a.exoclick.com
api.performa.ai
api.sunset.systems
api2.cartstack.com.br
app.cartstack.com.br
bam.nr-data.net
cdnjs.cloudflare.com
cloudflareinsights.com
clube-de-ofertas.oncartx.io
conectiva.io
cutt.ly
duromax.com.br
duromax.shop
ev.braip.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
img.oncartx.io
js-agent.newrelic.com
my.rtmark.net
sp.secureserver.club
stackpath.bootstrapcdn.com
static.cloudflareinsights.com
static.doubleclick.net
syndication.exdynsrv.com
syndication.exoclick.com
syndication.realsrv.com
whatsapp.cartx.io
www.duromax.com.br
www.duromax.shop
www.google-analytics.com
www.google.com
www.google.it
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
www.youtube.com
139.45.195.8
142.250.184.226
151.101.66.137
151.139.241.22
151.139.242.16
151.139.243.28
162.247.242.18
2001:4de0:ac19::1:b:1b
2606:4700:10::6816:707
2606:4700:10::ac43:8ee
2606:4700:3030::ac43:98ed
2606:4700:3032::6815:120b
2606:4700:3034::ac43:897e
2606:4700:3037::6815:5112
2606:4700:3108::ac42:283c
2606:4700:3108::ac42:28b8
2606:4700:3108::ac42:291b
2606:4700:3108::ac42:2b9c
2606:4700:3108::ac42:2bc4
2606:4700::6810:135e
2606:4700::6810:5e41
2606:4700::6812:1421
2606:4700::6812:1521
2606:4700::6812:bcf
2a00:1450:4001:801::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2006
2a00:1450:4001:813::2001
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a00:1450:4001:831::2016
3.130.225.230
68.169.106.40
0038a46147de8ad7ae4477a228fa1b23922fbeadeac512f61d020e5ffcbe6a9b
0087494def2aac8e6fc1febe2ccb47e8f7a336a0926ef64e1db9394934ae735e
0778a1fa944a4ea29538cd2496a00f91a5aece92ef4e0d5c6df77e1ce9a1a5c2
0856a4c53f704e22f9a4b5ceefa48e298cc5c767ae2128ad894d1c6c03f45dc8
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d267002f484189bc52d2707edfba4e1c4ff843f43ca302d6ddab54003ee2d6e
0dce67c19c517cf577028a3ce66aa7080d4a334a9dcea2fe293cb928b2e432c6
0eb3cd642dbe9d7686aa9cd99c1156c78215ed7aed17cd30aabdec44a14f2009
12ff29b0ba07c9aa36bc0df95593a6dc08aa604ad65ea5f8443300ce54f1c0c4
1370a42a09426735100bb273739e3b416ffc202b09019782bf4525389ac06ae8
13b0e3cbe4df410881889c98f66b1e9f942ad225dd30a25587be833c2fd9ad55
16c05f67482b399a7da9e1a8d91b4c26135875a75e532c582fc5380aad265b42
1aa84bfe47809a0b878b781615da482521b87433f4eb87f1ef79d618454543d5
1c4ad69b10b38106bece52a5dc27bc4796966f8680c8a4e2ef7e357f1a678a83
1cb6cd28bcd130dd28473b788e18f816814614baed68c649f6d4cb0ec6941a35
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
214ac07c17db30fb54ba7e8d453445e6834d5322f56ee7c8baf9fba8cb6673e0
21c49a55ef810425d925b65275cd5fe91c3e2a90bb26e9184480f2ab9783bf5d
2515a350be41495c77d6fd97bc42d305563c940a742eb2f51d1e5941b85a74fb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26ae33467341788d7d7bc74647f23c013c1f90ad2c05fa8ad8f0b1a35bd2fbd0
2705087be6cc0ac13171993dcebd8e4b1fe9c08403c01a52a0b9bd8c2a955fbb
27e58df70ed3481d6d00351abdaf314546274790e93327d6ea6a98257df2ab48
295b8154008f7dc83a967e2a458e3661909fccfd7e18b2f09bea06a1fb885645
29d429b11e0a88cb106e347660de63e48e53da83ee50b094e2df0f71d1b8c06c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d751e21d3a14f06cdbd836a4fda46ef22a33547069719f192b01bda0e980817
2e18e6f385e041085cb4ce616c1bb02d7e23dadf390e3fd3c5873e073c97db79
31fa44ed783fb77c86abd942961654e1a4b9571dd05e57b04a34a552d1fc25da
34941df67a7e7cc79a7b4fd9bfd7c7d44d57a15c63bd58d83c897adf31d18bb1
37f6c70d2b54c1d8dcd2fb525899733619619a803542962923a6f44d7a4bdb8f
38e8fbc0dd2dced6baf868693d2de7da475e8d3de08434cc6ac6c0b4950ab1d7
39666e2d07282ea6db82bab1f0de6a29433cd08784ea847649500296bab47420
3ca866d05478f419c0b93ef674147f1334d470942763c7f989afcc307fade01a
3ceaab2fa51d13daa642b0f8e31a987edb036fe237a016e7f6794456df9abce8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
407fdca9fbe6817935f63f94522f321ad7880f0b4a45b667ea479fea7fad2ed8
415a956d0d84f7f02e10233bcf0ba9ab058d547f20dc8825f8b649c96e1b699e
42d616efec1f62f495e6b1fd6a3fd22d20fc756dc5c12bb898d4e387d36428ce
439c700652f1c432ce59f41fade2301295138fba303b1d38b44a13250f9c942c
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
510b77ae9cbf39af118a3c544a98afdb84447042018aed369bbacbabbfd9e567
51368d0cdc85d5ac6d495ab181bd8f5784ca897ae4ca363461bd080452d3b1bd
5220d53ac04e0b45b56e166a65aff19cd5697544fc6e6e24a3948358066ff2c0
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5399190819c5fe50c886ff8beabd007571bde43316a9dc5b74427a93d96786c9
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
57b8db2a351da01bccb77b307d28375c7b0b11cc991a267f9e191b9130857593
5845d1b5646df4ece8b63901f45971e21cb006b75865a2e8c960d2a43314a2c4
59e623fb78cdfb931ce91f7d2b52fd78f3051ddfcc12ff164dc42e766cd51d3c
5b2bd40a45d294b11759ebc65aad3c5d18fbaf3b3c521d64cbe9091e99c1aeaf
5c3b216f7c0b688e117777b38a1de410cc9a89fdb7228ced8bdf17ba123bf8c4
5ce10a921c6f03ebfe211f9cc7932e6c49dbe8543f13f6b2f5f9d6edfbf41481
5e485b721c5360b601a3aaeaa6769fbc9aaa7b9d46cf730fd0e05e2765de4f94
5e5943ef56f97581622674efa51b864ccec9ed67b90d6dede00585d43e84d817
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5f6cc190d1d9f4f8294250bd8c928bbb7a9b3461be3cf3d356afc739930a1200
63158f73aa9f4d442cf349762c6beac9fcf35c14c3376888e728164acfde3b86
64dae6b56fb827d3fb04c7e64c39ea918dbae30cc7b4638165cb06a53845a212
65e44f0fe6ecdac261adcc8669067b57d8788f5b18d5624b756986c20270e228
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6873a10d9391ab3ba24249a10b125422502a59c0652002006fa9b20c1377dca6
691296a0dee4b1ff7c2f37cdd3dd12771c94fbad3536e58326a023b96730103c
6bb1c1f188753172b2c18c7d2e6cf1c1ec8220fbc9e75e34be6d115d09d4c6b5
6c60fb7c0e988c823ae983572139e2c4ef816b5482a9b36cdbace3afedc27413
6cdd59a5429bc9189e32a52b6b129c80a64e8110b8a9b67154533b00379d1212
6fa312ed13ce9c890045bb3a9a18de6acd53ffc6948c6cf42aa39a5ed9d07238
7004e528998e3f1efa262a080c13c094e3bf63a554f0632d6bfce16ece12814b
725e514003d78aba38b7eaae1bd3ec926543fdcc768cc601eea7b0ceff34531b
74db6029d3cbf5832b4bc3aba0b4137d58680798da00380dc1ff47dee64ccca8
752a8a12c53f948e54c28b27e87684d80ea4226257f2469db4078503e09d59cf
755a031eaeb32170081e04ff2f614f99ff4bd102cc915420bc5f503368a5c716
76f140df1a17b03a8536f953f70bdf78f9ce261f7dac04ea4450f9f3da73fbb3
7701bdc06c656fc4f7d0983ed9373fda947df16280cadea34bbdf6afab3e460e
771960e3e360d91710834071e30f1fe5c0dc53001b6c008d02d4c948b6b6091a
7866ca96ad8999db21d21bb52ead372d81a1582fd58a2c11db73e953673ea535
7aaeaee193cc1d608cad09d15de879f6ebf7240e3cd0e6e8f84d2cd96de6bc54
7b6763e08ad49264662a46ee9ed3e092680bfc6637ed00ced7c57d5afe597f93
7ccbd37f1e2530a06bf0000debb7d60bc656a872015c5ea8742b0d349dd3f48d
81987799f1e92422e0fe8a3660ec3a969ed909b94534f179fdbf25c6d8ecacb5
823c309e1b7393e21bac0a421ef69704350de89dbe4c24878b9267379ef8c1db
844e57195d5c4951a02753da0da257c7a0684ea9335958373a665a2504c8378a
85dfc125a898827135af486298539a9858d06a9edfb047438b4faf6fb18dd374
898a6c90f3a5e40a34ea85d2cc8c12694dd8d211dc418c23be330f27b95f1c8d
89d7049c40580090a687cca2bb032d76e87856fec2a5a4644880d251e158669d
8a28a836fd075404d8fc23c14155d8a0c401af1d87aacb16bfb7fe705ffa7081
8bf595037606a2e03ad7daa4d377ef21da5fb47c24ed563fa69febf563f435f3
8fde7b1744fc3164ddf04d92536c1c227a5ac000e9107e6e1e09d75b64467f06
90352e5c4fe7c644050f2f288a34134419c5c4ac286624da4f771e9c0a833748
93324232a683bbbd32c126f9d1787b42e5af0c1ecbabba6bca99f89d736e0848
94f788c035274448e16e2e5648c2f0f28711362d5f43679bd3473b10abd14cc7
98c39e0d66a01a5dd9b4b8af0d68d8711cce80fb180e15ea5b349fb6882b7ac2
9a07a50c1bf7a958287ef565d815a67ab60dc94e9622e605d65f738e60a0f677
9b222a38eae0ce46c22c70e58f0cf50eb3edff677853be79504d3635fdd1cfd1
9f1700c851d546954280f71239daf3c0f62348d513f037d10775e479dde94c1b
9fcc32fac186a6a01ba828e7da1e599ebcd9f2caa21b71a9572266af795466f4
a176d2ab86d91e432adc0595471aca20c1a859478d8309c3a89800f404745a5e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a27565af22c166499574e29ea6cf9165fe450aa3438a74a93111bd1008cae3ff
a43dbdc37a004691afb0776a49d63a095143aee7ee09f60102461783bfcb0b59
a93eb94bc7012724e54880414a886f567e2701d620106621034719b33e5e49cf
a9c0fea47de9505a59e851f52fa8750c2004421c48fe93327a7647c55a0e3a94
aa96b012e2db0f97345289b5d7f14525c57b632a74ab3772a9098d28193face5
ab5b37ee027f7efe79b559dec441d03dba9d90d51a0576d8ff0718d005f87686
ac1e7257a75f95079823aeee2f9602cb401000105d8664172d159eaacba4800c
ada66326cff7d1db7ac1f34d9ee4c38485f95c811e11bbdf74be962a80c22767
ae4e43b328433ac8835cfb668a71a8246356d4ea486dfd5df6cd886f7e0017d5
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b416c901b12b36844bed1564c326e3e6100624319448530ff8c5a48fa9097717
b43f1d34199c8e27a507bb0b09437bacd625b615ec07d35d34d5072385b2322e
b465965cad0b185ac8c96b81be511c9a5ee2ee408e1047821b03cde1980aee83
b6913d57a380fcba124323fe421a0a4b4e443daf572e82447d4c1745326ffed1
b72fddbda81ed2e4a2ff9d32a5ac93cbe3be2de943e83c52fea3567c5aff16bf
b7ab5b781f1f9ad64b32f9b15ff61358a1e1091055e9a1a6032d8fb110394aa1
b8a080ddbde964f16bd7d7f283f11937cfeacbb71af03f9dccd806689c1e09bf
bac4ea004d72c2f74cb64b16cdd796cc3ef932c7c937487453bcb636d64bdcdd
bc75c17033ddcecf717ed63a71a43ce40dacd3502f1b65734df657aec3314619
bd8c36d3d4ee1a67fd4e49b90daadb08ab50379d2d67db887f57acef18dc21ea
bebb4b6672a276d57c250eabb00755bfe06a2c5aa085e4879b161fcffce2d162
c06dc5b8c56ba5c2083b0c4d1c4f8ccb31c171fb8781f00b94be7caa537b24df
c0a011de52f9603030bf042db850bea11a7133ac0755e060ab67f97792fe2f64
c171ef8afdd22cf792618cdd4f3c827d7083cb24b0ff4b04672e1302a13036e1
c35f524e84838fcce861ae0876ba564cd7cf0f5c292c844d414a1a8275e8cbc2
c39ae5a8c8feed7a9dbfdbcc274426a0bb42f8e8da8a0be001e40b3ab08482b4
c45d8d50ee99d5a584e0dd0509be2f1e3898520dfdcb04ca0674cf59e6adf77c
c56d1f4454743af32d92cc2d4386b3e451ab3b60795b7c52e65267487b3cae6f
c6b4c4780ac878e6d06c6f11293cb029cb33d41cf811173014e36184378ecafc
c9858da65ea1caad28bdc2eb8ee75a08e7478394781e6765c52d6703774548bf
cadfc11307c8688ca8d08f02904a27209633482aac11f4c6a6e9a7c5614fc46e
cba653fd5029baf05d1e9dee70d7dba6805b473ac923414f891eff4075f9e65b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d020700e9188cbf2b3392d8eb7f430b8e32ff00afdb7a538928eebfedcdea32e
d230efdee8999f46f78eacf6056139449adf35ed3a7e2298209d78b88c8cfa17
d5e78e66902d022c88363c7283373874972f634fa86a265a1cafbe67f1ea2b25
d6ced2d066935a4550fefe90e4a07e40ad503004724ba900c080bc127de24675
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8d2cc660c10e71ba60921fe734c0f307c387a8234518f2db094f6b0ffe9af23
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e0891527121f4048941a1095408b5a4c2dc254a0cc118c8a458c30e7d605564b
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e2fab1d8fbe2b2c340827ef2cf162707e7363a184e301750a59f285b81388133
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e92b472d543358b67c87feeefdcc952efba36d4f82f4d770a64e0c9a260cb0
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e7cc44265a9791bbf4744a6969112b7321f32e2f2adceaafa75e95ffb09ae83f
e870bf90d6a11b459366c0c7e57d29bf47c643ea9688f60bc4153e3876492029
e8d964b9133f9b0d1786bffb29f8abd24ce4b6c189308a104bc31cd98e2306e6
eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80
ebc3e41cb5bcf6ab37335ac6d2650a668efd21b7b8136e5e1aab4282fdc26bda
ecb30a21371575dbd068f15b29d1d24aa0531a77b9d47ffaeef4f3e82a3e70f4
ecb84b54891f98d44a666bcbd9371dbe83974f258b72014121d953504145eb56
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06668f2b111e52294d99598ffa92c7b071c6d02115f74d341a9b9d5dd3135f6
f3c52db7fe88606b4ffd2318b3d71fba9764781ac7676bbf9bacf36b47ee0e9b
f4a9dfbbef6b86955c1b8f6ba478cc882d8256e9b0d59d7b8e09601d868cba53
f5354fddb09531c8343146fdfb72a68cef8e8a91c06504302f63097fada4a61d
f89651cc1b698bbc1e3227d085feec82dcabaaecb320930941499cc93c119c4f
f986b6604a3d3db94198c78d2c3901602aa52d0a0e62fd4e5f94ece07f6c8361
f9dc728523dd315e779ee7f35e2d747bcf595288093a09da56677e15e437495f
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff19d60fda177e7afe73ce562583a5debbd5709f4cffc14ac89af277aeb4149a
ff2918d7d004ff49d568dff0fff6a1e31211aeecfc503f5b41345a035fefc25f
ff66508edf4bb20886cb76a48ab30c125cc6524b85af02ff4e3e1a5fb216d10f
ffc34d8e9bb51224fc3f8be6d63c00ea3fbe3b1a4e7592644d87dc09323f1743

clube-de-ofertas.oncartx.io Open in urlscan Pro 2606:4700::6812:1521 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

261 Requests

97 %HTTPS

76 %IPv6

32 Domains

42 Subdomains

38 IPs

4 Countries

7943 kBTransfer

24391 kBSize

23 Cookies

2 Outgoing links

Page URL History

Redirected requests

261 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

clube-de-ofertas.oncartx.io Open in urlscan Pro
2606:4700::6812:1521 Public Scan

Screenshot
Live screenshot

Full Image

261
Requests

97 %
HTTPS

76 %
IPv6

32
Domains

42
Subdomains

38
IPs

4
Countries

7943 kB
Transfer

24391 kB
Size

23
Cookies

261 HTTP transactions
6 data transactions