urlscan.io logo urlscan.io
SecurityTrails logo

pay.kiwify.com.br Open in urlscan Pro
2606:4700:4400::ac40:9138  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://opi.investindocomcarlos.com.br/checkout?utm_source=ActiveCampaign
Effective URL: https://pay.kiwify.com.br/8I2CaEH
Submission: On March 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 11 domains to perform 28 HTTP transactions. The main IP is 2606:4700:4400::ac40:9138, located in United States and belongs to CLOUDFLARENET, US. The main domain is pay.kiwify.com.br.
TLS certificate: Issued by E1 on March 19th 2024. Valid for: 3 months.
This is the only time pay.kiwify.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    67.199.248.13 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: cname.bitly.com
opi.investindocomcarlos.com.br
11    2606:4700:4400::ac40:9138 (United States)

ASN13335 (CLOUDFLARENET, US)
pay.kiwify.com.br
assets.kiwify.com.br
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    151.101.129.63 (United States)

ASN54113 (FASTLY, US)
assets.pagar.me
4    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
2    2a02:26f0:3100:39c::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
1    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.82.187.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-187-64.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
11 kiwify.com.br
pay.kiwify.com.br
assets.kiwify.com.br
645 KB
4 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2499
m.stripe.com — Cisco Umbrella Rank: 2405
170 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 251
157 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2673
16 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1189
20 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
273 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
87 KB
1 pagar.me
assets.pagar.me
81 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
1 investindocomcarlos.com.br
opi.investindocomcarlos.com.br
196 B
28 11
Domain Requested by
9 assets.kiwify.com.br pay.kiwify.com.br
4 connect.facebook.net pay.kiwify.com.br
connect.facebook.net
assets.kiwify.com.br
3 js.stripe.com assets.kiwify.com.br
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 s.pinimg.com assets.kiwify.com.br
s.pinimg.com
2 pay.kiwify.com.br pay.kiwify.com.br
1 m.stripe.com m.stripe.network
1 www.facebook.com pay.kiwify.com.br
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com assets.kiwify.com.br
1 assets.pagar.me pay.kiwify.com.br
1 fonts.googleapis.com pay.kiwify.com.br
1 opi.investindocomcarlos.com.br 1 redirects
28 13

This site contains no links.

Subject Issuer Validity Valid
kiwify.com.br
E1		 2024-03-19 -
2024-06-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.pagar.me
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-03 -
2024-08-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-28 -
2024-03-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-07 -
2024-05-09		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2024-05-23		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://pay.kiwify.com.br/8I2CaEH
Frame ID: 69423314CABE8F86D82440BF35ACD8C4
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 1805F282DDC5B70C840C42918B1992AF
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 9E84434B183E4D000ABF1A4D5AE67DEE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Produto Indisponível

Page URL History Show full URLs

  1. https://opi.investindocomcarlos.com.br/checkout?utm_source=ActiveCampaign HTTP 301
    https://pay.kiwify.com.br/8I2CaEH Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

28
Requests

100 %
HTTPS

64 %
IPv6

11
Domains

13
Subdomains

10
IPs

2
Countries

1180 kB
Transfer

4053 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://opi.investindocomcarlos.com.br/checkout?utm_source=ActiveCampaign HTTP 301
    https://pay.kiwify.com.br/8I2CaEH Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 8I2CaEH
pay.kiwify.com.br/
Redirect Chain
  • https://opi.investindocomcarlos.com.br/checkout?utm_source=ActiveCampaign
  • https://pay.kiwify.com.br/8I2CaEH
33 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.kiwify.com.br/8I2CaEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
791422f89ea13f0c35a85af9b9731ac9a32ae8f091dda021dc6210d595e17fe2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
8670c37449c56ae7-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 19 Mar 2024 22:05:22 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-cloud-trace-context
f60f183dbd9249037238286b34fa8aba

Redirect headers

cache-control
private, max-age=90
content-length
120
content-type
text/html; charset=utf-8
date
Tue, 19 Mar 2024 22:05:21 GMT
location
https://pay.kiwify.com.br/8I2CaEH
server
nginx
favicon.ico
pay.kiwify.com.br/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.kiwify.com.br/favicon.ico
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/8I2CaEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f639c02a8e6f86f46bce2a43e11d81472ceeff5a0d0bad5037804b6243cf4414
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/8I2CaEH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 22:05:22 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
11003
etag
W/"r756fw"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
x-cloud-trace-context
d088a74385e4c3234253fa07f2cf0e1d;o=1
cache-control
public, max-age=14400
cf-ray
8670c378ae5d6ae7-FRA
expires
Wed, 20 Mar 2024 02:05:22 GMT
css2
fonts.googleapis.com/ 		34 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@400&family=Lato:wght@400;700&family=Open+Sans:wght@300;400;600;700&family=Roboto:wght@300;400;600;700&display=swap
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/8I2CaEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba12f9da0f756afff6584d4c98a48bca8f552368d759acb4d7527822a38476eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Mar 2024 22:05:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 22:05:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Mar 2024 22:05:22 GMT
pagarme.min.js
assets.pagar.me/pagarme-js/4.5/ 		294 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pagar.me/pagarme-js/4.5/pagarme.min.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/8I2CaEH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.63 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea66632826a434319dd8083b6dabaff9b2c74c67ff85e3ebcb95fd47ed2b9a13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 22:05:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
3871
x-cache
HIT, HIT
content-length
82955
x-served-by
cache-bfi-krnt7300099-BFI, cache-fra-etou8220045-FRA
last-modified
Tue, 15 Oct 2019 00:23:11 GMT
server
nginx
etag
"5da5116f-49870"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
9810, 1
sdk.js
connect.facebook.net/en_GB/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/8I2CaEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
276f8b6125c942d4009fc7aed0cb71210d38a0b74ea5dcbdab6ae7a946fdd028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pay.kiwify.com.br/
Origin
https://pay.kiwify.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Mar 2024 22:05:22 GMT
content-md5
rQikeGdGfIsLiclFGPKUUg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=14, mss=1294, tbw=2796, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
Fqv/l6s9RPoBYHUiMgf61w+7bzY7H3lDadEtpjSaqQYAuqcTOk04O5mu8emiuSPRJk9bLNGaijBq6OeEpWXeXw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
a23aa8083404ea4796a8030167f6c164
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"e79776a69551e49656c98b9b385c387e"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 19 Mar 2024 22:21:14 GMT
c46d1c4.js
assets.kiwify.com.br/custom_checkout/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/c46d1c4.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/8I2CaEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
618092ab139852b392c067dfdaaa4313a071fb59f637b35f87377342e3778be0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 22:05:22 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
207
x-guploader-uploadid
ABPtcPqMyI3ltq8iEDtyguZsct8dRgs8Z203k--H1_UUGhoMd0OQY9ls778LpD_UuIwB7zZrIED6Y6HkNA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
1237
last-modified
Tue, 19 Mar 2024 15:53:23 GMT
server
cloudflare
etag
"f0f65a07c5a461b469f2a96ed38c6364"
vary
Accept-Encoding
x-goog-generation
1710863603130157
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=GbS+sg==, md5=8PZaB8WkYbRp8qlu04xjZA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
1237
accept-ranges
bytes
cf-ray
8670c3797efe6ae7-FRA
expires
Wed, 20 Mar 2024 02:05:22 GMT
8e3a65f.js
assets.kiwify.com.br/custom_checkout/ 		250 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/8e3a65f.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/8I2CaEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e15e20949764fdc7269c3e21bcb1744975cda4818d737e81f9b9da250c259fe0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 22:05:22 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
2131
x-guploader-uploadid
ABPtcPokHGf83d2FRYZOFzR0hrMqNIQdUfxsrJolpVwXopcD7NgN4eJi4slTYZKYZXX9kshpbpW4POZvGQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
87019
last-modified
Mon, 18 Mar 2024 17:17:10 GMT
server
cloudflare
etag
"1549bcfac70e20ff3a9f54a79987a167"
vary
Accept-Encoding
x-goog-generation
1710782230429089
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=F4HOUg==, md5=FUm8+scOIP86n1SnmYehZw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
87019
accept-ranges
bytes
cf-ray
8670c3797ef36ae7-FRA
expires
Wed, 20 Mar 2024 02:05:22 GMT
a6b7c3f.js
assets.kiwify.com.br/custom_checkout/ 		876 KB
273 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/a6b7c3f.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/8I2CaEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f64333e0c781adf7d680d43134966f103913823c3554cd588f7056bf449d362e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 22:05:22 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
2131
x-guploader-uploadid
ABPtcPqUA0MOso1wsJ7B3X1tSjEW6ICQn9T8Crt_t7u5xbJ8Yqubx58BzKi4gIjKiRChpRLsF2Yojtn0lQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
279150
last-modified
Mon, 18 Mar 2024 17:17:10 GMT
server
cloudflare
etag
"de6e4dd6e6cdcf75c8a535965b203b1b"
vary
Accept-Encoding
x-goog-generation
1710782230500663
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=QRjgiQ==, md5=3m5N1ubNz3XIpTWWWyA7Gw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
279150
accept-ranges
bytes
cf-ray
8670c3796ef16ae7-FRA
expires
Wed, 20 Mar 2024 02:05:22 GMT
2bb26bb.js
assets.kiwify.com.br/custom_checkout/ 		158 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/2bb26bb.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/8I2CaEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18d824f4cceb2a7589541153a2208a05deab9b1f86dad2f61c1518f19eebceb0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 22:05:22 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
2119
x-guploader-uploadid
ABPtcPpw83sD5xwo0fRUR1O7296gGWTZQLZO6MBM8PtKVksoQgl3VvubWNKFmC8nwWEqTHNuQhyY9W3U6w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
48245
last-modified
Tue, 19 Mar 2024 12:19:40 GMT
server
cloudflare
etag
"1c27db3b250a26c1fd51b8041468a73b"
vary
Accept-Encoding
x-goog-generation
1710850780892116
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=2fqAlw==, md5=HCfbOyUKJsH9UbgEFGinOw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
48245
accept-ranges
bytes
cf-ray
8670c3796ef06ae7-FRA
expires
Wed, 20 Mar 2024 02:05:22 GMT
6c86a60.js
assets.kiwify.com.br/custom_checkout/ 		421 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/6c86a60.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/8I2CaEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3747b0da46f3883f43f8b6582deeb47d85c8a913724f064b29a52922756e426c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 22:05:22 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
207
x-guploader-uploadid
ABPtcPqDJ2ukIfOkkYY37ROzMacYOnyBL0PtW01t4wrISUjo7ot0ktFQP4M53bSTRNfi90ul1q5k3eP_Hw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
107682
last-modified
Tue, 19 Mar 2024 15:53:23 GMT
server
cloudflare
etag
"2a4c059a0e28d6436db28163fcc09751"
vary
Accept-Encoding
x-goog-generation
1710863603130825
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=PkJZNg==, md5=KkwFmg4o1kNtsoFj/MCXUQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
107682
accept-ranges
bytes
cf-ray
8670c3797ef76ae7-FRA
expires
Wed, 20 Mar 2024 02:05:22 GMT
aabb1d4.js
assets.kiwify.com.br/custom_checkout/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/aabb1d4.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/8I2CaEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0332bb1e98f58e01219f8509ae57b42d5b32384962c8ed295d260c6b609cfb1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 22:05:22 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
2119
x-guploader-uploadid
ABPtcPqIQwn9J4T8VFwX-ic2qs0mdnb5HD-QEsD34GK2jf6pBSnmxXWrPSvQ2XnS9oroHH_L9gESDToEnw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
4861
last-modified
Tue, 19 Mar 2024 12:19:40 GMT
server
cloudflare
etag
"a94c589bfcb1c3b09cd3ad26b6ece6da"
vary
Accept-Encoding
x-goog-generation
1710850780884598
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=PzQ6Hg==, md5=qUxYm/yxw7Cc060mtuzm2g==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
4861
accept-ranges
bytes
cf-ray
8670c3797ef96ae7-FRA
expires
Wed, 20 Mar 2024 02:05:22 GMT
e727acc.js
assets.kiwify.com.br/custom_checkout/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/e727acc.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/8I2CaEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbcfa06427d0f3625560171d90393c25d2f1495e0461babb0a4819368bb411d9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 22:05:22 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
2119
x-guploader-uploadid
ABPtcPrfxszP0h28BUlbNftukgZaGX9_YABnccJD6qgdbYuBOqx0GYWEJWvs8-EDgVxQlTqcxIKe5y17yA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
5273
last-modified
Tue, 19 Mar 2024 12:19:40 GMT
server
cloudflare
etag
"448ce7091bbe8e5e1c1ce01a9028c1ce"
vary
Accept-Encoding
x-goog-generation
1710850780896683
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=x5BrJw==, md5=RIznCRu+jl4cHOAakCjBzg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
5273
accept-ranges
bytes
cf-ray
8670c3797efb6ae7-FRA
expires
Wed, 20 Mar 2024 02:05:22 GMT
4363250.js
assets.kiwify.com.br/custom_checkout/ 		362 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/4363250.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/8I2CaEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45f3df9db6e21d4785535a9f48d0a97a5e35c8c6494387dd7c8bf2774114d6d7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 22:05:22 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
2118
x-guploader-uploadid
ABPtcPqtwTw2kTKY90JGFbOjHoru0pRr-XUethMhjh61fcDYGV6UPYVBgEwS3ykhvPbj5FfGBACix-i_CQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
110042
last-modified
Tue, 19 Mar 2024 12:19:40 GMT
server
cloudflare
etag
"d8ea4f558b3172ecaf96ada28c80f6f4"
vary
Accept-Encoding
x-goog-generation
1710850780906459
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=+TsSuA==, md5=2OpPVYsxcuyvlq2ijID29A==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
110042
accept-ranges
bytes
cf-ray
8670c3797ef66ae7-FRA
expires
Wed, 20 Mar 2024 02:05:22 GMT
4eb96ec.js
assets.kiwify.com.br/custom_checkout/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.kiwify.com.br/custom_checkout/4eb96ec.js
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/8I2CaEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9138 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac69dabf5af5047a31f2d46bfc5e8b8535dc61c5ebf8e648ff13e372ec7225c5
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 22:05:22 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains
age
2118
x-guploader-uploadid
ABPtcPpMLWc1CPPLb5Iy6rYFRlytPdqjFn4QlGU61EUSFIZbmbi38sqmkSNp1Thw1co8Elc5j75kpzUyzw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
2456
last-modified
Tue, 19 Mar 2024 12:19:40 GMT
server
cloudflare
etag
"1da1b9d1947fda55ec1c157291d1962d"
vary
Accept-Encoding
x-goog-generation
1710850780895877
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=2nqA0g==, md5=HaG50ZR/2lXsHBVykdGWLQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
2456
accept-ranges
bytes
cf-ray
8670c3797ef56ae7-FRA
expires
Wed, 20 Mar 2024 02:05:22 GMT
sdk.js
connect.facebook.net/en_GB/ 		298 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js?hash=70b2bd8be3a78cf3f35e548b2dc2c2ca
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
276af9bdb40dc131b6260fc33f2375937a567505c66bdc40954995fbd92aa287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pay.kiwify.com.br/
Origin
https://pay.kiwify.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Mar 2024 22:05:22 GMT
content-md5
1hSNvVxPj1ktB0ijjIOx/g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87214
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=21, mss=1294, tbw=6397, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
qUNwDQCBL0kWxbDUy3AdA+R7DgVi9wYu0grlivKP6r2VdbqFpTIv+F+aZD6vOYHnMChZolHeiRVMu2VGb40npw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
00005a3a0ef20fd1f8d70a5dcdf8d2f3
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"8154afc0a9846d330d270f2824bd3e27"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 19 Mar 2025 21:13:39 GMT
js
www.googletagmanager.com/gtag/ 		249 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GN9MC80Y2B&l=dataLayer
Requested by
Host: assets.kiwify.com.br
URL: https://assets.kiwify.com.br/custom_checkout/a6b7c3f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
260b458a0cd0eb64f6c2e88912b7b095a6b6c051038d997d71932fd4ccfa6f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 22:05:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88611
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Mar 2024 22:05:23 GMT
v3
js.stripe.com/ 		607 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: assets.kiwify.com.br
URL: https://assets.kiwify.com.br/custom_checkout/4363250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
025086446a470c6b0dfa9b7140e08679a471b53be8b88d3ad5fc799f9c82dbfe
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Mar 2024 22:05:23 GMT
via
1.1 varnish
age
50
x-cache
HIT
content-length
171443
x-request-id
f9f8ecb6-afd6-4276-82c8-d499414fe45c
x-served-by
cache-fra-etou8220105-FRA
last-modified
Tue, 19 Mar 2024 20:56:08 GMT
server
Fastly
etag
"dd7a2052d790ac73aa752bd2610840ec"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
12
fbevents.js
connect.facebook.net/en_US/ 		216 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: assets.kiwify.com.br
URL: https://assets.kiwify.com.br/custom_checkout/2bb26bb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 19 Mar 2024 22:05:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57659
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=4319, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
iXBLcVrax42zQjooDyQV3JnSfnlIGD6Ni5stxEqOtjSCK0mGBFy2Hraxnl8DEw0AFnrlbsVGQRg6Yr369iGWmw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: assets.kiwify.com.br
URL: https://assets.kiwify.com.br/custom_checkout/2bb26bb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:39c::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5c8c192adca12497452b0a6c25b5913fad79f9afc4760673947377cd81575d81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"d9d39f44b74d00726ec92710f4e4c69c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1856
475913216709140
connect.facebook.net/signals/config/ 		54 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/475913216709140?v=2.9.150&r=stable&domain=pay.kiwify.com.br&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
353d877a1b643b863635f5016d9813606988c1b5144a8c51f2122cb3e457bc66
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 19 Mar 2024 22:05:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11441
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=72, mss=1232, tbw=65343, tp=61, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
b/WqUk7TmMLmRVFWXtsD8usjxpW5TklOUUM72XMytlwLJ6TZXv+kDx+GTvlRqywliPw0owey/IV9uShemaGivw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GN9MC80Y2B&gtm=45je43d0v878871083za200&_p=1710885922996&gcd=13l3l3l3l1&npa=0&dma=0&cid=1141574597.1710885923&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=1&sid=1710885923&sct=1&seg=0&dl=https%3A%2F%2Fpay.kiwify.com.br%2F8I2CaEH&dt=Produto%20Indispon%C3%ADvel&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&tfd=1995
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GN9MC80Y2B&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Mar 2024 22:05:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pay.kiwify.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.cb6ceab7.js
s.pinimg.com/ct/lib/ 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.cb6ceab7.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:39c::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3b4f2e1b70a9ab8aef23d65cc1b072b5eb6eba4979f6575c64771256e260409d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"df5cf5cb5de352dc30a944e95eca73e1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18542
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=475913216709140&ev=pageView&dl=https%3A%2F%2Fpay.kiwify.com.br%2F8I2CaEH&rl=&if=false&ts=1710885923442&sw=1600&sh=1200&v=2.9.150&r=stable&ec=0&o=4126&fbp=fb.2.1710885923439.1048772397&ler=empty&cdl=API_unavailable&it=1710885923308&coo=false&rqm=GET
Requested by
Host: pay.kiwify.com.br
URL: https://pay.kiwify.com.br/8I2CaEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.kiwify.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1294, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 19 Mar 2024 22:05:23 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 1805 		200 B
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pay.kiwify.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
4309644
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 19 Mar 2024 22:05:23 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
525758
x-content-type-options
nosniff
x-request-id
51eb9124-f28b-4048-8bd4-1d235d8cf792
x-served-by
cache-fra-etou8220105-FRA
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 1805 		526 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Mar 2024 22:05:23 GMT
via
1.1 varnish
age
4297553
x-cache
HIT
content-length
315
x-request-id
f236b96f-1f95-4eba-8e13-b375833d91c7
x-served-by
cache-fra-etou8220105-FRA
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
503027
inner.html
m.stripe.network/ Frame 9E84 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
203
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 19 Mar 2024 22:05:23 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
94
x-content-type-options
nosniff
x-request-id
757c7cbb-5bb8-43ef-9202-79e11e65f50b
x-served-by
cache-fra-etou8220105-FRA
x-timer
S1710885924.575086,VS0,VE0
out-4.5.43.js
m.stripe.network/ Frame 9E84 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Tue, 19 Mar 2024 22:05:23 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
83
x-cache
HIT
content-length
15509
x-request-id
43e0ff73-4404-4df2-940a-e1f1992e0dad
x-served-by
cache-fra-etou8220105-FRA
server
Fastly
x-timer
S1710885924.594026,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
43
6
m.stripe.com/ Frame 9E84 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.187.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-187-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
699f695c19393bc74d3df6aa20d3c9f4abcf41a437297863e7d39e90445c086b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 19 Mar 2024 22:05:24 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1710885924134653
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1710885924134296
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __NUXT__ object| FB object| __buffer object| _crypto object| pagarme object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| dataLayer function| gtag function| Pusher object| core object| DD_RUM function| fbq function| _fbq function| pintrk object| _tfa string| TiktokAnalyticsObject object| ttq string| KwaiAnalyticsObject object| kwaiq object| install object| $nuxt object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkStripeJSouter function| noop function| Stripe

7 Cookies

Domain/Path Name / Value
.opi.investindocomcarlos.com.br/ Name: _bit
Value: o2jm5l-93b392567ce97c5122-005
.kiwify.com.br/ Name: _ga_GN9MC80Y2B
Value: GS1.1.1710885923.1.0.1710885923.0.0.0
.kiwify.com.br/ Name: _ga
Value: GA1.1.1141574597.1710885923
.kiwify.com.br/ Name: _fbp
Value: fb.2.1710885923439.1048772397
m.stripe.com/ Name: m
Value: 286bce30-3840-4550-b011-5de0a77bc1e36e3ada
.pay.kiwify.com.br/ Name: __stripe_mid
Value: 99ba01c1-6141-4346-837f-b1a562397e31c8b921
.pay.kiwify.com.br/ Name: __stripe_sid
Value: 5930cfab-e555-4300-8562-46f89be226e3cb2f96

3 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/475913216709140?v=2.9.150&r=stable&domain=pay.kiwify.com.br&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://pay.kiwify.com.br/8I2CaEH
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://pay.kiwify.com.br/8I2CaEH
Message:
The resource https://pay.kiwify.com.br/favicon.ico was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.kiwify.com.br
assets.pagar.me
connect.facebook.net
fonts.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
opi.investindocomcarlos.com.br
pay.kiwify.com.br
s.pinimg.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
151.101.0.176
151.101.129.63
2606:4700:4400::ac40:9138
2a00:1450:4001:811::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:828::200a
2a02:26f0:3100:39c::1931
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
35.82.187.64
67.199.248.13
025086446a470c6b0dfa9b7140e08679a471b53be8b88d3ad5fc799f9c82dbfe
18d824f4cceb2a7589541153a2208a05deab9b1f86dad2f61c1518f19eebceb0
260b458a0cd0eb64f6c2e88912b7b095a6b6c051038d997d71932fd4ccfa6f34
276af9bdb40dc131b6260fc33f2375937a567505c66bdc40954995fbd92aa287
276f8b6125c942d4009fc7aed0cb71210d38a0b74ea5dcbdab6ae7a946fdd028
353d877a1b643b863635f5016d9813606988c1b5144a8c51f2122cb3e457bc66
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3747b0da46f3883f43f8b6582deeb47d85c8a913724f064b29a52922756e426c
3b4f2e1b70a9ab8aef23d65cc1b072b5eb6eba4979f6575c64771256e260409d
45f3df9db6e21d4785535a9f48d0a97a5e35c8c6494387dd7c8bf2774114d6d7
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
5c8c192adca12497452b0a6c25b5913fad79f9afc4760673947377cd81575d81
618092ab139852b392c067dfdaaa4313a071fb59f637b35f87377342e3778be0
699f695c19393bc74d3df6aa20d3c9f4abcf41a437297863e7d39e90445c086b
791422f89ea13f0c35a85af9b9731ac9a32ae8f091dda021dc6210d595e17fe2
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
ac69dabf5af5047a31f2d46bfc5e8b8535dc61c5ebf8e648ff13e372ec7225c5
b0332bb1e98f58e01219f8509ae57b42d5b32384962c8ed295d260c6b609cfb1
ba12f9da0f756afff6584d4c98a48bca8f552368d759acb4d7527822a38476eb
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bbcfa06427d0f3625560171d90393c25d2f1495e0461babb0a4819368bb411d9
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e15e20949764fdc7269c3e21bcb1744975cda4818d737e81f9b9da250c259fe0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea66632826a434319dd8083b6dabaff9b2c74c67ff85e3ebcb95fd47ed2b9a13
f639c02a8e6f86f46bce2a43e11d81472ceeff5a0d0bad5037804b6243cf4414
f64333e0c781adf7d680d43134966f103913823c3554cd588f7056bf449d362e