urlscan.io logo urlscan.io
SecurityTrails logo

oncorretor.com.br Open in urlscan Pro
2606:4700:3037::ac43:a841  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://badonna.com.br/
Effective URL: https://oncorretor.com.br/
Submission: On March 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 6 countries across 15 domains to perform 92 HTTP transactions. The main IP is 2606:4700:3037::ac43:a841, located in United States and belongs to CLOUDFLARENET, US. The main domain is oncorretor.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.
This is the only time oncorretor.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3037::6815:1be7 (United States)

ASN13335 (CLOUDFLARENET, US)
badonna.com.br
30    2606:4700:3037::ac43:a841 (United States)

ASN13335 (CLOUDFLARENET, US)
oncorretor.com.br
construtor.oncorretor.com.br
3    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2606:4700:4400::6812:2b9e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ukwest.onetrust.com
geolocation.onetrust.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    173.231.16.76 (United States)

ASN18450 (WEBNX, US)
PTR: 173-231-16-76.static.webnx.com
api.ipify.org
9    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
12    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    201.90.114.102 (Belém, Brazil)

ASN4230 (CLARO S.A., BR)
t-construtor.mstech.com.br
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
7    2a13:1ec0:1000::1073 (Armenia)

ASN201589 (EDGEAMLLC, AM)
code.jivosite.com
1    158.160.54.153 (Moscow, Russian Federation)

ASN200350 (YANDEXCLOUD, RU)
node-ya-4.jivosite.com
Apex Domain
Subdomains		 Transfer
30 oncorretor.com.br
oncorretor.com.br
construtor.oncorretor.com.br
1 MB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
324 KB
12 onetrust.com
cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 5093
geolocation.onetrust.com — Cisco Umbrella Rank: 588
133 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 82
846 KB
8 jivosite.com
code.jivosite.com — Cisco Umbrella Rank: 30891
node-ya-4.jivosite.com — Cisco Umbrella Rank: 155464
337 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
jnn-pa.googleapis.com — Cisco Umbrella Rank: 215
122 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
googleads.g.doubleclick.net — Cisco Umbrella Rank: 32
static.doubleclick.net — Cisco Umbrella Rank: 241
2 KB
3 mstech.com.br
t-construtor.mstech.com.br
35 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
15 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
20 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 226
2 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
9 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6069
408 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2634
142 B
1 badonna.com.br
badonna.com.br
866 B
92 15
Domain Requested by
20 oncorretor.com.br oncorretor.com.br
10 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
10 construtor.oncorretor.com.br oncorretor.com.br
10 cdn-ukwest.onetrust.com oncorretor.com.br
cdn-ukwest.onetrust.com
9 www.youtube.com oncorretor.com.br
www.youtube.com
7 code.jivosite.com oncorretor.com.br
code.jivosite.com
4 jnn-pa.googleapis.com www.youtube.com
3 t-construtor.mstech.com.br oncorretor.com.br
3 fonts.googleapis.com oncorretor.com.br
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.google.com oncorretor.com.br
www.youtube.com
2 www.google-analytics.com oncorretor.com.br
www.google-analytics.com
2 geolocation.onetrust.com cdn-ukwest.onetrust.com
1 node-ya-4.jivosite.com code.jivosite.com
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 www.google.de oncorretor.com.br
1 stats.g.doubleclick.net www.google-analytics.com
1 api.ipify.org oncorretor.com.br
1 badonna.com.br 1 redirects
92 22
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-11-26 -
2023-11-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-18		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.mstech.com.br
Go Daddy Secure Certificate Authority - G2		 2022-03-02 -
2023-04-03		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2		 2022-05-26 -
2023-06-04		 a year crt.sh

This page contains 2 frames:

Primary Page: https://oncorretor.com.br/
Frame ID: 8AD1069A1A06D66BD192B211BBD62E5B
Requests: 72 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Frame ID: 36A0CCC42EE520017EB834F3503C50B0
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OnCorretor Back ButtonFilter Button

Page URL History Show full URLs

  1. https://badonna.com.br/ HTTP 301
    https://oncorretor.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

92
Requests

99 %
HTTPS

84 %
IPv6

15
Domains

22
Subdomains

19
IPs

6
Countries

2999 kB
Transfer

7997 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://badonna.com.br/ HTTP 301
    https://oncorretor.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

92 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
oncorretor.com.br/
Redirect Chain
  • https://badonna.com.br/
  • https://oncorretor.com.br/
97 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET ARR/3.0
Resource Hash
9b1b48d6309b7674d767c4fa6cfaf21bd6ac5bef48c123e109eced7e1d198c6e
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7ab36377adaebb7a-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 21 Mar 2023 04:18:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agFl%2BWA5DbY%2FXqxs6OB5%2FHSWEuqr6MsuZh%2F73HKNxYXyX%2Bh5Cb3mMakqkbv%2F3ZBC57ypLUp%2Fxucres6DTDi9kvwy9Y6hgeXi%2Fel46YxeHnHfhPnNZxpzv7tgM9%2BcEvdVZlCf6alx7W14DVWT8wwePQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
statustext
OK
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
4.0
x-frame-options
AllowAll
x-powered-by
ASP.NET ARR/3.0
x-ua-compatible
IE=edge

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7ab36374595a6927-FRA
content-type
text/html; charset=utf-8
date
Tue, 21 Mar 2023 04:18:01 GMT
location
https://oncorretor.com.br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8bNIItcUXUSO8mgsyffnDOpBdZaTOTospvrtU10nT%2B8nwOS4nGbbMKBaBEFF1bKG%2BrDdU7Hop%2FvgBbq%2Fr16Jk5srpfhu%2BAqPl0YqnuJlEeFOCB1%2B9feFCUzUWmTNmdbnHIt7f5RA8ofODObcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
statustext
Moved Permanently
x-aspnet-version
4.0.30319
x-aspnetmvc-version
4.0
x-frame-options
AllowAll
x-powered-by
ASP.NET ARR/3.0
x-ua-compatible
IE=edge
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
29a33a79af48c8ad7d48d1a3855b17c954160b7c68a2b0213236330b61e8149e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 21 Mar 2023 03:51:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Mar 2023 04:18:02 GMT
otSDKStub.js
cdn-ukwest.onetrust.com/scripttemplates/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Ewgd1d1Vp0nFNYpIMiFTtA==
age
38453
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
8460
x-ms-lease-status
unlocked
last-modified
Tue, 28 Feb 2023 21:23:24 GMT
server
cloudflare
etag
0x8DB19D206887DE0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c40478ab-a01e-004d-10e4-51e279000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ab3637bbc5a6919-FRA
expires
Wed, 22 Mar 2023 04:18:02 GMT
ThemesBase.min.css
oncorretor.com.br/content/bundles/ 		220 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
8da30421af9bdda9d9ffa1e2a02f91c4b8b4e6983cb3c9e559627d96ab710d2c
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:14 GMT
server
cloudflare
etag
W/"09d52fcd1e4d81:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAUVPlEVGPnZWXpWYm6MYTfjPeq%2FTDf%2B8qDK3KIBSkNXhYTxe%2FR0IrTwipH9pPKX%2BL1mJVEiEU%2Bx9iRlC1S0meb70TVTC0eyUUXxgkIq0Ak416gUYUiMlzh8Q2R5YZPvgE5RfaV8mEHhcAP0aEQLzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7ab3637b6900bb7a-FRA
statustext
OK
Tema_VinteDois.min.css
oncorretor.com.br/content/bundles/ 		55 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
4668c1865157dba21d7a7e72a1007e3513a59c16eee8a1740f6c2faa69ff83e9
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:14 GMT
server
cloudflare
etag
W/"f12a8ffcd1e4d81:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df4d36TH6tMVYIO77zNZrPRMqG3b3MgDWg7XVQTSc0XaddYnnPY6RLEVZL%2BtSUSrMUIdh4YZ%2FpArUNBHUBakryudPJ0xG8DUv8%2FjfXGlUci%2B4TtivlgtLleiFLthcbfChf7PeaLO4AASZ4dQsKI2%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7ab3637b6902bb7a-FRA
statustext
OK
bundleModernizr.min.js
oncorretor.com.br/scripts/bundles/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleModernizr.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
228e5724f42da8822bb4c023aa371dd929c43657c76a7a0cb6b13f555a29f79a
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:39:10 GMT
server
cloudflare
etag
W/"0a337664157d41:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ykT393pMtydUx8BZ0g0g53jAr9DBZVM2yZ2A58QrYPpAOxbj577Hwdh4z4a4tSKXSZtiTSbkUjk72fQyw4vZJ%2F0xJ%2FqZFfzbO4YSPwj0YKUCn6heKTMgTQumzBbu4HNn62y9p43T6jgL7c0fxz8Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7ab3637b6903bb7a-FRA
statustext
OK
bundleJQuery.min.js
oncorretor.com.br/scripts/bundles/ 		321 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleJQuery.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
614c2c16836adff497003759038d70809d2413f3e54da26e0400625cea2804d0
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:30 GMT
server
cloudflare
etag
W/"05dc5d2e4d81:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNMcruv5kVXlF6%2F9XEQ%2FEUx2zOvIDz8RcKgnkEzpWtEoXWDH%2BbVR%2BH3hV3IHSPRrHoniCrCFCrW%2B9d%2BmnxhN3NQz%2FvlfaMl15TjcOFSNv5Va6RaWtX2tCBuE0lMG%2FlvBUQZPNqkHediWexe0CcBYRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7ab3637b6904bb7a-FRA
statustext
OK
bundleCustomUI.min.js
oncorretor.com.br/scripts/bundles/ 		257 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleCustomUI.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
d36bf5cd9297a7fceb45510c912556bce0f00977be215b9617da5a9cccb7ff0f
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:30 GMT
server
cloudflare
etag
W/"05dc5d2e4d81:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsMYxXoA8eAl70nGa0mWl2cTw53lJqZg0%2FULkH7Fr3A6b9yzmkMG90l89sCykfi0Xx8I8JmT0MVZ4jQirlfEugIGimCIYuLrUXW2HvhbqRlr5ynCu1o9nale4pFBpPnAgpZBnwMmX0%2FCQH6ctNue%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7ab3637b6906bb7a-FRA
statustext
OK
bundleMst.min.js
oncorretor.com.br/scripts/bundles/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleMst.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
26e3c64b00ad8007a54332911a6c5a67c1a7d6303e51d7f24b90ee6fa91f1297
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Thu, 26 Mar 2020 15:42:11 GMT
server
cloudflare
etag
W/"80cb3b1d853d61:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1aCsvrfNbpFCcKwgOYB53O9J%2BV6Emxmsy%2F%2F3oMB46Mh4%2BF1ZL4QBCX9lgeQUatkf9sMvPWZ%2FpBOYYP4ZqKNnW1ARvAXTivWYUIEdrKLj9mBj36EmMZc%2F3BKcC2qQmYKbnuLxmgA4%2BPY0T9klsZFzw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7ab3637b6908bb7a-FRA
statustext
OK
echo.min.js
oncorretor.com.br/scripts/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/echo.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
21466243c4482fa9843b9b7bb460076520cab54532c018a86c9151db666bac40
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Mon, 18 Feb 2019 19:22:10 GMT
server
cloudflare
etag
W/"0dd633ebfc7d41:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZS2csU8k4wBmsAU9C4D2m%2FXjdqzWBjx2ASQPaCGhR1P6SCl0PbHd4Q%2FnYLdRHVDMbxqmVLnDpShF%2FKH2DZti5eyoXgC6k5J4aafke0lEXaZf6c3hkIIbWzOBv5HYv9XQaV%2FnX6KvSN%2BWVySBgFHVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7ab3637b6909bb7a-FRA
statustext
OK
ajax-loader.gif
oncorretor.com.br/Content/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/Content/images/ajax-loader.gif
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3208
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:38:44 GMT
server
cloudflare
etag
"05ab8564157d41:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8y5XvwjaFCdL8BCT2XxwKa1Q8QgPONKBkh2og3sQk3gbtQffuC95cqp1sz7PeKn5tT1YKHMcl3FqK%2FULRPnZGFxzzRioXLL6J%2BYdUajJaoFzMccEzfuQONC4L3FRxGuXGlpVvzlIBlh5T9SP1MJUSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7ab3637ebbf49bf2-FRA
statustext
OK
http_imgload1.gif
oncorretor.com.br/content/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/content/images/http_imgload1.gif
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
e60853622a54f85bfb4bab4c133c54e3a304386dfb19c23c8512d10e50d56bf4
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:02 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1460
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:38:44 GMT
server
cloudflare
etag
"05ab8564157d41:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiUIajiNGdO0aJMEWzPmZyg42Mdyaak0VBqXd83pn%2BRoBo73fbr32497Ypc0%2FxUkZ3JebYCH86rOMQICiyDNm5VoOjLFrH2Fqmyoew07An%2FKWhZtIaW%2F%2B%2BPC00YVRyDRoAfp3iRwU%2FToPqJYxvfnhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7ab3637ecbfc9bf2-FRA
statustext
OK
ico-headset.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		403 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-headset.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
1c08d75229d36229f9db2aac485b2fd3d0a48c787afecbbbb8058d3fa0cda8d2
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:27 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0Tsh633s5IfFGUwra3xjUZJ4yU%2BXZbcwdM40LVxhxWQtn6ydMlwzOfLBebzl6oJW0Vkx9x1W7lGucXuEZZIbAIbdzR2XpLnyQKgvEB4J8Jf%2BKMX1CQx%2ByeqTdv%2BSw56qw%2FBxT8H9HRPK5%2F3F7U%2F8X4837wz2odZJl2v"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7ab363820e93bb7a-FRA
statustext
OK
ico-whatsapp.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		503 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-whatsapp.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
4fbe0518411a4427a60e5e7baf7c1b2d11731efd024cb239333ac0d530506456
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:26 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kELnm2IiRD%2FotEE6EixGDN8cgrRa3yH6IShEZm2Gkkgo56M0H8hlFhZnTu3uhhPGXJ2jqiBrDKpTAcZjyFldJpjLXqT%2F%2BFOhPiqrRmDUXyR0jAuq55umroXHVb%2BMyTjMeRyeOttQYB3cqpikFWgQlRMEPtvWSZC2YQK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7ab363820e94bb7a-FRA
statustext
OK
ico-usuario.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		798 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-usuario.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
37f117fe797c82efbddf3dc26f13fa2a5e95897ea8d9b695de7caf206dd27565
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:28 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdJaY0hxJAbUxwv%2BNaBMSqnbxi%2BG2SvNJphrpvH4%2B1piNeZIkxMdXIuHFvrXLbD%2B7vnDHuEiJqMsd80eBS5wesyV%2F4vHPki1gcmhbfTTIpQohLbumG%2F3ncBxk9nMsF19LM7x4%2B%2BQ00Jw9d2MtkK4Fuzf05aG5Es0WLFe"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7ab363820e92bb7a-FRA
statustext
OK
ico-suporte.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-suporte.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
ebfd38a16291aa6acd56699f5839b9c6adc54be515d77bc8b25ac0d044e029ad
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Thu, 12 Mar 2020 12:46:11 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kAbp0RMhoObNqaLGOXqmnPZpSJEXf7NAF2icmpmepj2wFSjhz6lF4DxOtTqCjdh6DGq25w5eSSYHNpTSKtUBcX%2FfSJSA3HWu8HcnPbBLEdJGoewRKhvff7B%2BWFkuAomly1TaZmAX8%2BnnAI4w2bQg4xNO95zo9r1UL7d"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7ab363820e96bb7a-FRA
statustext
OK
ico-produtos-prontos.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-produtos-prontos.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
cfbb7d3aee4af4a0846149bd38dd50b4d12c624a20952150cc60159176a977fb
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
30865
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Mon, 27 Apr 2020 12:07:26 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8VfC8GMUBJS77CZWWn%2Be3PbrQ5eQOXoMYnd%2F0mQwLe7R2rhbFwCAlnb3%2Fy2JfMwaRjJ%2FcRk%2B27YE6H%2B1OLbtRyUZuuCyZf3W5AfUhu9eAKhlvdsN9Gq8TOTAXEfeI7jHWZTtmbByL7G3IGNlnrNJLt3Z5fSmpWYLmaF"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7ab363820e98bb7a-FRA
statustext
OK
ico-potencializa-presenca.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-potencializa-presenca.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
055740ee6c82f82a64354b7916b547e6946ba467dbbf6bf0c1c4eae0eaaedbaf
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Mon, 27 Apr 2020 12:19:22 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAHeKBGJ3c0ZEXfJ8alLIROF%2F98E%2Fs7KMr3XZe9jDbOsHgsfDzPyJ9ZEO03GJWR9eB9kM69Z7I3qgUmOxssS23gJuVCwIKe9Y%2BVNQZdCjmbVkUFqz3N2bCmjK%2F1XXv3wbDu3ZZ6Hp3YddByEAPZli4YRfu0EzCnUGELN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7ab363820e97bb7a-FRA
statustext
OK
ico-email-mkt.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-email-mkt.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
e3c408ae38a005bd07ee5354fe2e349e6578ed9d28ac65af523486e4873df4ea
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
98385
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Thu, 12 Mar 2020 12:46:12 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16VExtUi7EKC9hN57w68LPko2bFd7a5P0yNc18zb7x4lHwWSSfOr5NL1%2F7QeDzX%2Bzwt9b2Giy%2FEZdSO0UZ81Ji4EYrzVawMDVZST4gyMHazgLiQDsRI7rBxYZxQCdHHB%2Frck%2FFcCTUbLN3NYwqhbp%2BgfcoUXtIjfShak"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7ab363823e479bf2-FRA
statustext
OK
ico-cofrinho.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/icones/ico-cofrinho.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
41dfba8c597663a81aa3b5685cbfeb86ec2eb49ac5663bd3232f0aa42862ffcb
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
98384
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Thu, 12 Mar 2020 12:46:11 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ct3TOa1M5jEMeyzIDMmHSfX9d2GFQCIMjSBG3L6eoSBx9MK8a7bQ2fAj92W0bPTEfLw%2BPzSwWQuTed2WoP50hY4CECAgUt88VMbttuDUNwbPnfzOyyksDgPaEzQcKgWrhN67WSfD5q67bQ0S92%2Br5aYbDoM29JnBRozb"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7ab363823e4c9bf2-FRA
statustext
OK
ico-usuario-md.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ico-usuario-md.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
d69055c0bb25f88931abe7a5483ed1a66744a3b2960586c2d93891015a1d3b94
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
98387
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:17 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9fIYTXtjkH%2FKjFvj%2FlcbwpEgQWSrwzrmZso%2Fp4hKMDFeTJGJ6sTcPOOkdPKIjjXdxFU3XGMayXRzns%2B038%2Fb5ZeBqJ8LtMz8vPjTaDBV8G4zsAsdC2NWM%2BcJDXn7A79Wv%2BPEWLMUcV8S9vrmkH8FVfQLZCgwOP%2FZ3Ei"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7ab363823e4f9bf2-FRA
statustext
OK
email-decode.min.js
oncorretor.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Mar 2023 22:56:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6407c11e-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptcaN6M8miNc7wgKNfSX1y99WazsUcC52Jgw1h%2FrYtIotAB2AcjfEnioR7tHBxZ3%2F1rnnW0fMOyhqeqDv9v6zINXg3Y4xl2iVdJNfHLf4xbo9a5wvfzhwNoCWyX4hCv3cAx9CntZHSrjv8ZoNf4Bxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7ab3637ddb499bf2-FRA
expires
Thu, 23 Mar 2023 04:18:02 GMT
css
fonts.googleapis.com/ 		14 KB
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700&display=swap
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cd21558475c8a56e2b38af04d85c7d27d0bfec6b38c9c5f0d6216d4341da481a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 21 Mar 2023 04:18:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Mar 2023 04:18:02 GMT
icon-zapzap.png
oncorretor.com.br/Content/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/Content/images/icon-zapzap.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
b2921cdf4de2dc6ade3d36eeb95dce7cd56bfdac50c346fcfe50cbf7d799b1f9
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19212
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:38:44 GMT
server
cloudflare
etag
"05ab8564157d41:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sjj9pIJJZlD0So9%2Bo448uFfSRZeD8FXs1qnBG%2F%2BNTBHZJHsVo5bJX8iUYso8%2By4wwAAzHn0hiulbdXmQlq8GgCKE9YB4FxmjQ4HTsAJlGfCo%2BmG20gGtQ3cnQleQf5C1xy%2F8YFA%2F8tP3zkX%2BC%2BUTJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7ab3637ecbff9bf2-FRA
statustext
OK
bundleUnobtrusive.min.js
oncorretor.com.br/scripts/bundles/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/scripts/bundles/bundleUnobtrusive.min.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
ce6187956822e965a48b8f8d5af506c9308282cea73c424c3573013c09c87adb
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
last-modified
Wed, 02 Jun 2021 15:12:14 GMT
server
cloudflare
etag
W/"aaa6fabc157d71:0"
vary
Accept-Encoding
x-frame-options
AllowAll
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyLbC9kOyWmkMPvoTre0pVOAPIofZ7519GuvGbwD1NsGv9E7wvu6bjpaBNKZ3nGGA8PYUp%2BSY8u%2FpEddqddoktn5ZbO0xlWrAbFp07CVtfsCgtslsDlD4kiYKy4HRuVbvLc99%2FFhyRggKmsStoJc6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7ab3637e2b899bf2-FRA
statustext
OK
4a4794da-bb8f-4f22-9f90-361901d2867b.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/4a4794da-bb8f-4f22-9f90-361901d2867b.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce2e0617f95c297d9cdb2ac5a31e520d929122c73a8ab2c22abf17d049cde74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
ZAKwUaFYEsEwrgOPhKB5IA==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1083
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:36 GMT
server
cloudflare
etag
0x8D86548C9A2AE38
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c025c44c-101e-0032-34f1-517c4b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ab3637c5a233683-FRA
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://oncorretor.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7ab3637cca813683-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/ 		338 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Xs4BplpA7QV+zkRYpo3+wA==
age
31603
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
73082
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:31 GMT
server
cloudflare
etag
0x8D854CC113CF89C
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
71096228-e01e-0068-59e4-517aca000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ab3637ecf826919-FRA
expires
Wed, 22 Mar 2023 04:18:02 GMT
css
fonts.googleapis.com/ 		328 KB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
602e6102a9d386bf6321e43dc289605c5c3d413f98a84abcf9addae89633e1cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 21 Mar 2023 04:18:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 21 Mar 2023 04:18:02 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 21 Mar 2023 02:23:33 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6869
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 21 Mar 2023 04:23:33 GMT
PortoRoobert-Medium.woff2
oncorretor.com.br/content/themes/base/fonts/porto-robert/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/base/fonts/porto-robert/PortoRoobert-Medium.woff2
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
41bba2536c7561e281809703bf9437582bfa1ce4862a9fbd80a5778d773e9f60
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23900
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:24 GMT
server
cloudflare
etag
"81e5c02d2e4d81:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X22LYuXAzR7552PT9qYxvcUTeuQa2DMMChfC3KnFUqyaZaJ0I6Q0cV%2Fy28DabpoNQTAuKJPtPLuMP7Kk9%2BFsUTKKDHTGeUQ%2FzoTmhgjw0mm%2FfdMM1AoKQT1eTRLZaPGAwY5hp19klFcJE56QjYkXlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7ab3637edc049bf2-FRA
statustext
OK
/
api.ipify.org/ 		67 B
142 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=jsonp&callback=jQuery171036243281067984845_1679372282721&_=1679372282737
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/scripts/bundles/bundleJQuery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.231.16.76 , United States, ASN18450 (WEBNX, US),
Reverse DNS
173-231-16-76.static.webnx.com
Software
/
Resource Hash
87204c552226b471bc69da0b2e6b5e8c0c2a9f37f9832a055a202b9a019e6b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:04 GMT
content-length
67
vary
Origin
content-type
application/javascript
NFhZ1WJYYy0
www.youtube.com/embed/ Frame 36A0 		70 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
431e73f0f10470220883e4ad55bbadbb13dc800f372c759c1118e9d594edb856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oncorretor.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Mar 2023 04:18:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
banner-home1.png
construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		661 KB
662 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://construtor.oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/banner-home1.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
546cd586e691a114a7dd6a258b7c1e07561b3232226375dc54d80133d687a1f8
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:04 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 22 Feb 2022 00:17:17 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FpOwb%2FSwJY7r6Ay%2BoyQDRVu7IRVeAWgz%2BZUknybr%2BKYT9hpN8bp9bw4XNaFYMOPEaI8xD5Eyuuktyf%2FKLAzdOt3tss4BoERl1T6xCDQMg3yk66YGGVqhSs9k5UQZdQTDco6egh7War0UFYDsL7LhX%2Bk4iI2BcP4%2FgCj"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, no-cache="Set-Cookie", max-age=604800
cf-ray
7ab363820e95bb7a-FRA
statustext
OK
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.118.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21bcdb45a9da93f60db773abfc0660347b15f2f363baacf2b2be56747befc3d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 09:02:19 GMT
x-content-type-options
nosniff
age
414943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17576
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:55:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 09:02:19 GMT
xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.118.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40f23f7fb2798d8febd60d5c42ea1694370b18e5fe91fbe7783df98358d7973b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 09:06:22 GMT
x-content-type-options
nosniff
age
241900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17684
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:04:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Mar 2024 09:06:22 GMT
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.117.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34a693cbdc7707515a18d4a070c9422d9ffa212148ffc19407e7da937e0bffc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 23:02:54 GMT
x-content-type-options
nosniff
age
364508
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13340
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:55:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 23:02:54 GMT
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.119.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a31dd135b233457652c1f5373c3eb05202bf106bef31f0a6a46654e5235f7719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 14:27:13 GMT
x-content-type-options
nosniff
age
222649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60552
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:55:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Mar 2024 14:27:13 GMT
xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.59.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn77YHs72GKoTvER4Gn3b5eMZHKMRkt3Q8XVs92JGKiledLupW3zxgEInRsa.59.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0668f33995f935ba82833d444f697f83d9bc10829895199f30aed5eb63ee4c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 11:34:08 GMT
x-content-type-options
nosniff
age
405834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18900
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:03:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 11:34:08 GMT
xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.119.woff2
fonts.gstatic.com/s/notoserifjp/v21/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserifjp/v21/xn7mYHs72GKoTvER4Gn3b5eMXNvMckQlPa61uNKcCqOfbtLXoH3502Rk.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif+JP:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c79f1d4b1143b7b00fc82fbc8d80557525d7d127e0203a90ba23fbd8578fedee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 15:35:40 GMT
x-content-type-options
nosniff
age
391342
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60536
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:04:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 15:35:40 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 05:05:33 GMT
x-content-type-options
nosniff
age
429149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 05:05:33 GMT
4a4794da-bb8f-4f22-9f90-361901d2867b.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/4a4794da-bb8f-4f22-9f90-361901d2867b.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce2e0617f95c297d9cdb2ac5a31e520d929122c73a8ab2c22abf17d049cde74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
ZAKwUaFYEsEwrgOPhKB5IA==
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1083
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:36 GMT
server
cloudflare
etag
0x8D86548C9A2AE38
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c025c44c-101e-0032-34f1-517c4b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ab3637f5c333683-FRA
multicanal.woff
oncorretor.com.br/content/themes/base/fonts/multicanal/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/base/fonts/multicanal/multicanal.woff?enk4db
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
d3ca7c93e7081f8c75b63c797e61736d4e4939fce38c0b0e54c25efb8747a55f
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3340
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:24 GMT
server
cloudflare
etag
"81e5c02d2e4d81:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXxrK4uyjiZQG0Bs7H6lCVD6j3hhQELLvJzWALIQ0bCDGHCF8CU%2BYzy6IvYk%2FgP0WXODf5EsPD318PO3%2Bwg0QzPmvv1IbhnOTLloXZtyTjUp0FNmbIrStUpU1quju2KkAjjGNCD1dr20FB1VookpLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-woff
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7ab3637f6c549bf2-FRA
statustext
OK
pt.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/ 		20 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/pt.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157cef6e4bf8b2f6648030cec38d547ae654e35bca30baa4201dfc12031a6ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
pD91Xah8p1mVB+xlu8vNyg==
age
43886
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7803
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:39 GMT
server
cloudflare
etag
0x8D86548CB345E78
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8dfec5dd-001e-002d-50be-52a75b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ab3637f8c503683-FRA
taoui.woff
oncorretor.com.br/content/themes/base/fonts/ 		100 KB
101 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/base/fonts/taoui.woff
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
abff1010af6774dbb9d1c68772e63a66f95b2aeb273af6b272ddc6cc6f9b6cf8
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
102464
x-ua-compatible
IE=edge
last-modified
Fri, 28 Sep 2018 15:39:02 GMT
server
cloudflare
etag
"0ef72614157d41:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HX12ZSYmxVxd9l7H5Z7VtFX08LjXzP7TE%2FF%2BFqVdTgKMftid%2F1TZgWuHO10%2BC1nM8YVyaQoNnHh%2BG%2B60S%2Fsz%2By5tC5c6TOAf4hr9xpEuiCxygNwI9aksLu72a1WWJ2CQ%2BsP1nAEac1FeKL11piA4cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-woff
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7ab3637f8c689bf2-FRA
statustext
OK
ms-social-icon.woff
oncorretor.com.br/content/themes/Tema_VinteDois/fonts/ms-social-iconfont/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/Tema_VinteDois/fonts/ms-social-iconfont/ms-social-icon.woff?osj28
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
1e3e738cbaa772a437bd8bd392009a42523e6016fcc8cbd526c57c8f57be3142
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/Tema_VinteDois.min.css
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4576
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:28 GMT
server
cloudflare
etag
"2f7cb4d2e4d81:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Al5ARHSCbcNMwLXyQsNW4nrSuQNwOSVF4DtvMl3ae%2FOR%2FaJkU9hMbS0IbSB7xrj47DJGB%2B3Xs%2BvmxpIrxF7vmU41T5QGvpHF8M9XjjJAFPBEA024aOoom9NDAD7mC6G%2BI2q4ENN03E9WY0gozlEMfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-woff
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7ab3637f8c699bf2-FRA
statustext
OK
collect
www.google-analytics.com/j/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=557737378&t=pageview&_s=1&dl=https%3A%2F%2Foncorretor.com.br%2F&ul=en-us&de=UTF-8&dt=OnCorretor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=1999542070&gjid=1817646196&cid=865295460.1679372283&tid=UA-56771285-5&_gid=1134434466.1679372283&_r=1&_slc=1&z=608369979
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oncorretor.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 21 Mar 2023 04:18:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oncorretor.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://oncorretor.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
7ab3637fdc7b3683-FRA
access-control-allow-headers
Content-Type
otFlat.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otFlat.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
R7qOr1WClmhADOzbz5s+Bw==
age
43886
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3248
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:20 GMT
server
cloudflare
etag
0x8D854CC0AEB8866
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
82afed63-901e-000a-0a6f-583d12000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ab3637fdc863683-FRA
expires
Wed, 22 Mar 2023 04:18:02 GMT
otPcTab.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		57 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otPcTab.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Mg7iJdVoxVGmqw/VwCobbQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14112
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:22 GMT
server
cloudflare
etag
0x8D854CC0BEE9132
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a79c1da4-f01e-0033-2ee4-517db6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ab3637fdc873683-FRA
expires
Wed, 22 Mar 2023 04:18:02 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-56771285-5&cid=865295460.1679372283&jid=1999542070&gjid=1817646196&_gid=1134434466.1679372283&_u=IEDAAEAAAAAAACAAI~&z=1992974042
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oncorretor.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 21 Mar 2023 04:18:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oncorretor.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pt.json
cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/ 		20 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/4a4794da-bb8f-4f22-9f90-361901d2867b/37fc6cf0-7062-4a91-8285-754d81c2c877/pt.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157cef6e4bf8b2f6648030cec38d547ae654e35bca30baa4201dfc12031a6ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Mar 2023 04:18:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
pD91Xah8p1mVB+xlu8vNyg==
age
43886
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7803
x-ms-lease-status
unlocked
last-modified
Wed, 30 Sep 2020 13:57:39 GMT
server
cloudflare
etag
0x8D86548CB345E78
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8dfec5dd-001e-002d-50be-52a75b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ab363805ce33683-FRA
www-player.css
www.youtube.com/s/player/59acb1f3/ Frame 36A0 		399 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/59acb1f3/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
627b65348371145aaabe55e47cd88f930ac1deceee9035c225e2599620b31809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 03:16:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
3718
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51796
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 20 Mar 2024 03:16:04 GMT
www-embed-player.js
www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/ Frame 36A0 		346 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e6d16fdbd323a6e1f9f5de2832e0e104b4f96c08522617706df1625e556e135
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 03:59:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
1125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110099
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 20 Mar 2024 03:59:17 GMT
base.js
www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/ Frame 36A0 		2 MB
611 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0786c93417ede2a0a5d482288da45887ce070d846d7c1e5f7c882a3268f17c85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 10:44:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
236041
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
624818
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 17 Mar 2024 10:44:01 GMT
fetch-polyfill.js
www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/ Frame 36A0 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/59acb1f3/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 03:56:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
1293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 20 Mar 2024 03:56:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 36A0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 15:27:04 GMT
x-content-type-options
nosniff
age
391858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 15:27:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 36A0 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 18:28:44 GMT
x-content-type-options
nosniff
age
467358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Mar 2024 18:28:44 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-56771285-5&cid=865295460.1679372283&jid=1999542070&_u=IEDAAEAAAAAAACAAI~&z=1942482642
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Mar 2023 04:18:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-56771285-5&cid=865295460.1679372283&jid=1999542070&_u=IEDAAEAAAAAAACAAI~&z=1942482642
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 21 Mar 2023 04:18:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
otFlat.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otFlat.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Mar 2023 04:18:03 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
R7qOr1WClmhADOzbz5s+Bw==
age
43887
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3248
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:20 GMT
server
cloudflare
etag
0x8D854CC0AEB8866
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
82afed63-901e-000a-0a6f-583d12000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ab363815d9d3683-FRA
expires
Wed, 22 Mar 2023 04:18:03 GMT
otPcTab.json
cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/ 		57 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/assets/otPcTab.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 21 Mar 2023 04:18:03 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
Mg7iJdVoxVGmqw/VwCobbQ==
age
1
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14112
x-ms-lease-status
unlocked
last-modified
Wed, 09 Sep 2020 14:24:22 GMT
server
cloudflare
etag
0x8D854CC0BEE9132
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a79c1da4-f01e-0033-2ee4-517db6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7ab363815d9f3683-FRA
expires
Wed, 22 Mar 2023 04:18:03 GMT
bg-video.png
t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ 		16 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/bg-video.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
201.90.114.102 Belém, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
fdb409788f6e7f06297d50fdc6f9dcf2b50682e8d9aeb61890d490fe21203b5d
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

statustext
OK
date
Tue, 21 Mar 2023 04:16:20 GMT
content-encoding
gzip
x-aspnetmvc-version
4.0
last-modified
Fri, 18 Feb 2022 09:49:32 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
etag
18954868EE0F58E68DC7B7654BC5BB0F
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
x-frame-options
AllowAll
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
content-length
14974
x-ua-compatible
IE=edge
ico-mais.png
t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ 		304 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ico-mais.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
201.90.114.102 Belém, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
2f00a55ead5f3a0e71d787e3abe319f80fb2c7fa396462e0e564224152ebcad3
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

statustext
OK
date
Tue, 21 Mar 2023 04:16:23 GMT
content-encoding
gzip
x-aspnetmvc-version
4.0
last-modified
Fri, 18 Feb 2022 15:58:48 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
etag
AAD7FC5A8E838EB27BF523F5EE86CDA1
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
x-frame-options
AllowAll
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
content-length
321
x-ua-compatible
IE=edge
bg-depoimentos-fundo-azul.png
t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t-construtor.mstech.com.br/webshared/t-oncorretor.com.br/layout-2022/bg-depoimentos-fundo-azul.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
201.90.114.102 Belém, Brazil, ASN4230 (CLARO S.A., BR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
c3b0b9c27918fc81b2e8ebcc325faa67560b7dc9a1f0437d9fbc72ecedc039ab
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

statustext
OK
date
Tue, 21 Mar 2023 04:16:23 GMT
content-encoding
gzip
x-aspnetmvc-version
4.0
last-modified
Fri, 18 Feb 2022 19:22:50 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
etag
42FB0D410D4C9283E5243246EFE80718
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
x-frame-options
AllowAll
content-type
image/png
cache-control
public, no-cache="Set-Cookie", max-age=604800
content-length
19043
x-ua-compatible
IE=edge
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:32:46 GMT
x-content-type-options
nosniff
age
297917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Mar 2024 17:32:46 GMT
dailyaccess
oncorretor.com.br/sys/ 		0
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/sys/dailyaccess
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/scripts/bundles/bundleJQuery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Accept
*/*
Referer
https://oncorretor.com.br/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

statustext
OK
date
Tue, 21 Mar 2023 04:18:03 GMT
x-aspnetmvc-version
4.0
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET, ARR/3.0
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqxYIAARriKhPxGTIk%2FZCOIdfIBXkre1lDVH87xs0OJM0LKyoGGaIr92MEmNCaNzQdGaTb1MxbMxP1D9dmrLSPXJrvmF1frh%2BJMxBYakdtNM0eL1rdEq8oq%2BxNqto3Eh7PCzxiGtwPUtk9IsOBq89g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private
cf-ray
7ab36381de0b9bf2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-ua-compatible
IE=edge
logo-novo.png
oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oncorretor.com.br/webshared/oncorretor.com.br/layout-2022/logo-novo.png
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
955139a6a1bde39ba8e112a8b38f7c215573155230749bb62748ea5b91f55f47
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
30945
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible
IE=edge
x-aspnetmvc-version
4.0
last-modified
Tue, 12 Apr 2022 11:14:55 GMT
server
cloudflare
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsZWcd2a6OH3BSvLvDueFADP6AcvVIQjQzCdgRIL1Bwp9n30wRJ40gY9ererEPr10B76SbhiSTlg4wWlTVXAhm23%2Bf2fPSX7XFHlrKoT%2FjslATGqrGtKKYL3C55%2BH2FcTol7tN1LRJcKbpaL5gZVBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=604800
cf-ray
7ab36381ee149bf2-FRA
statustext
OK
PortoRoobert-SemiBold.woff2
oncorretor.com.br/content/themes/base/fonts/porto-robert/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://oncorretor.com.br/content/themes/base/fonts/porto-robert/PortoRoobert-SemiBold.woff2
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:a841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET, ARR/3.0
Resource Hash
cc55d50d5533ee1a4fd2e6e51987ea8f876adc06b48f94f26ba759047ee7b6ba
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

Referer
https://oncorretor.com.br/content/bundles/ThemesBase.min.css
Origin
https://oncorretor.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET, ARR/3.0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29184
x-ua-compatible
IE=edge
last-modified
Thu, 20 Oct 2022 22:19:24 GMT
server
cloudflare
etag
"2348c32d2e4d81:0"
x-frame-options
AllowAll
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjY4muBl35IcDKvD7AP3bllpqzRO6Wtj3teQLPzWaHwXi0AuPtgy8vdU2yDhpn8R83rUP1dIsv%2Fo9CMRE20IHhHbqNftrdGVo8cpPIolOTqOZQVvibljixlnRZRxf4z1s2idAwTW6Nb2c7dCJM278Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7ab363820e219bf2-FRA
statustext
OK
id
googleads.g.doubleclick.net/pagead/ Frame 36A0
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34c8bc1435bcbfd0ca94bb4f57baa0dcb02e81f6ae57006f822eb44ea4a754fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 21 Mar 2023 04:18:03 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 36A0 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:08:31 GMT
x-content-type-options
nosniff
age
572
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 21 Mar 2023 04:23:31 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 21 Mar 2023 04:18:03 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 36A0 		65 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a134cf49d569b70d71fd4ded736dac832ab8853e8a989dfbfd155d3531c1a88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30588
x-xss-protection
0
remote.js
www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/ Frame 36A0 		116 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd6fe8e7ae1c62891cb5eddccffd0e4fe658520f3c086c32d6c2efbd3c1e47af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 22:35:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
193377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36475
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 17 Mar 2024 22:35:06 GMT
mt3bjWXP6p0hid4nDliXOPxIfI5JPq9ZZRYTjhG38ko.js
www.google.com/js/th/ Frame 36A0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/mt3bjWXP6p0hid4nDliXOPxIfI5JPq9ZZRYTjhG38ko.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9adddb8d65cfea9d2189de270e589738fc487c8e493eaf596516138e11b7f24a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 03:56:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
260473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14150
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 11:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Mar 2024 03:56:50 GMT
hqdefault.webp
i.ytimg.com/vi_webp/NFhZ1WJYYy0/ Frame 36A0 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/NFhZ1WJYYy0/hqdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19c8e4a779d69e8a000b558766466ef9d732f554170eae795bf2570b7be02f90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8612
x-xss-protection
0
server
sffe
etag
"1587730858"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 21 Mar 2023 06:18:03 GMT
embed.js
www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/ Frame 36A0 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b624474cafaf891480d3b946b92e5e5181a58b85a452f86458fd7985b273a66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 19:23:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
204902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8702
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 00:16:22 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 17 Mar 2024 19:23:01 GMT
truncated
/ Frame 36A0 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
AL5GRJXO357ZIKWjw3gq1_hecAXBLe4UNapnjFoceQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 36A0 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AL5GRJXO357ZIKWjw3gq1_hecAXBLe4UNapnjFoceQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dc91aba1c20d01aeba865b192be8f66177a3f04a7d77f06dfc7763369a0941f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1264
x-xss-protection
0
expires
Wed, 22 Mar 2023 04:18:03 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 36A0 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 21 Mar 2023 04:18:03 GMT
generate_204
www.youtube.com/ Frame 36A0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?62o8UA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 36A0 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b066753f3606986bd434c7f8ae15c294905729d0a9e76f563986d191e2a659a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 21 Mar 2023 04:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 21 Mar 2023 04:18:03 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/111/ Frame 36A0 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/111/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 14:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14872
x-xss-protection
0
last-modified
Mon, 16 Jan 2023 16:05:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 21 Mar 2023 14:21:43 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 36A0 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/59acb1f3/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
X-Goog-Request-Time
1679372285865
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/NFhZ1WJYYy0?version=3
X-YouTube-Client-Version
1.20230314.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgswRmlzTjJOZ08zQSj63-SgBg%3D%3D
X-YouTube-Ad-Signals
dt=1679372283116&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C700%2C394&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 21 Mar 2023 04:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Tue, 21 Mar 2023 04:18:05 GMT
E03uZOYcoB
code.jivosite.com/script/widget/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/script/widget/E03uZOYcoB
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
a51ca013231b3360068bc838d193060713ae363841cdd30f8743248b6ce710fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Tue, 21 Mar 2023 04:18:07 GMT
content-encoding
br
via
1.1 sharxy
x-geo-shard
ya
content-length
6030
last-modified
Tue, 14 Mar 2023 10:40:54 GMT
server
nginx
etag
"64104f36-178e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
MISS
accept-ranges
bytes
expires
Tue, 21 Mar 2023 06:18:07 GMT
E03uZOYcoB
code.jivosite.com/script/widget/config/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/script/widget/config/E03uZOYcoB
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/script/widget/E03uZOYcoB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
972f8dcafd87eb0a4cfa2493076f13767981421a7e35a363fdf3e0eefa8d7c13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Tue, 21 Mar 2023 04:18:08 GMT
content-encoding
gzip
via
1.1 sharxy
server
nginx
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
MISS
accept-ranges
bytes
x-geo-shard
ya
content-length
1059
expires
Tue, 21 Mar 2023 06:18:08 GMT
E03uZOYcoB
node-ya-4.jivosite.com/widget/status/466355/ 		79 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node-ya-4.jivosite.com/widget/status/466355/E03uZOYcoB?rnd=0.3577944296040292
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/script/widget/E03uZOYcoB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.160.54.153 Moscow, Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software
foxy/2.0.1 /
Resource Hash
d79d5e44ce71d3a8da5b3b51d0652338b7c4bb90974e1b4913bc45fd368245b3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
frame-ancestors 'none';
date
Tue, 21 Mar 2023 04:18:08 GMT
server
foxy/2.0.1
x-botmode
no
x-geoip
DE;TH;Erfurt
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oncorretor.com.br
access-control-expose-headers
X-Geoip, X-Botmode
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-max-age
1728000
content-length
79
bundle_pt_BR.js
code.jivosite.com/js/ 		1 MB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/js/bundle_pt_BR.js?rand=1678880645
Requested by
Host: code.jivosite.com
URL: https://code.jivosite.com/script/widget/E03uZOYcoB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
b358f4f1b82337ae331f2870998701fa008ecba4291fe8b999602a679d1d789a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Tue, 21 Mar 2023 04:18:08 GMT
content-encoding
br
via
1.1 sharxy
x-cached-since
2023-03-21T04:06:51+00:00
x-geo-shard
ya
content-length
267813
last-modified
Tue, 14 Mar 2023 10:42:08 GMT
server
nginx
etag
"64104f80-41625"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
cache
HIT
accept-ranges
bytes
widget.css
code.jivosite.com/css/fb2d13b/ 		225 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/css/fb2d13b/widget.css
Requested by
Host: oncorretor.com.br
URL: https://oncorretor.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
395543abf9061f0d5234b6bb63dea8d3aad8567ab4d0fda577f60102447f1ecb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oncorretor.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-id
fr5-up-gc15
date
Tue, 21 Mar 2023 04:18:08 GMT
content-encoding
br
via
1.1 sharxy
x-cached-since
2023-03-21T04:07:18+00:00
x-geo-shard
ya
content-length
53666
last-modified
Tue, 14 Mar 2023 10:41:49 GMT
server
nginx
etag
"64104f6d-d1a2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=864000
cache
HIT
accept-ranges
bytes
expires
Fri, 31 Mar 2023 04:07:17 GMT
truncated
/ 		393 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		447 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbff77a83a31dea8639a147fd79cad4fd3dbfda07977788c2d6b3f6bf9a88e1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
agent_message.mp3
code.jivosite.com/sounds/ 		4 KB
4 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/agent_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer
https://oncorretor.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc15
date
Tue, 21 Mar 2023 04:18:08 GMT
via
1.1 sharxy
x-cached-since
2023-03-21T04:08:54+00:00
Content-Range
bytes 0-3759/3760
x-geo-shard
ya
Content-Length
3760
last-modified
Tue, 14 Mar 2023 10:40:19 GMT
server
nginx
etag
"64104f13-eb0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Thu, 20 Apr 2023 04:08:54 GMT
notification.mp3
code.jivosite.com/sounds/ 		6 KB
6 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/notification.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer
https://oncorretor.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc15
date
Tue, 21 Mar 2023 04:18:08 GMT
via
1.1 sharxy
x-cached-since
2023-03-21T04:08:32+00:00
Content-Range
bytes 0-5807/5808
x-geo-shard
ya
Content-Length
5808
last-modified
Tue, 14 Mar 2023 10:40:19 GMT
server
nginx
etag
"64104f13-16b0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Thu, 20 Apr 2023 04:08:32 GMT
outgoing_message.mp3
code.jivosite.com/sounds/ 		5 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://code.jivosite.com/sounds/outgoing_message.mp3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer
https://oncorretor.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc15
date
Tue, 21 Mar 2023 04:18:08 GMT
via
1.1 sharxy
x-cached-since
2023-03-21T04:08:53+00:00
Content-Range
bytes 0-5013/5014
x-geo-shard
ya
Content-Length
5014
last-modified
Tue, 14 Mar 2023 10:40:19 GMT
server
nginx
etag
"64104f13-1396"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
max-age=2592000
cache
HIT
expires
Thu, 20 Apr 2023 04:08:53 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| OneTrustStub function| OptanonWrapper string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData string| GoogleAnalyticsObject function| ga function| RemoverClasseImgLoadDataEcho object| _arrMaps object| html5 object| Modernizr function| yepnope function| $ function| jQuery function| ShowLayoutEmpty function| ValidateCpf function| ValidateCnpj object| tao function| isMobile function| NodeInfo object| jQuery171036243281067984845 function| $DNA_Web function| $DNA_Page function| $DNA_FUC_InstallPKG function| $DNA_Application object| echo string| ip boolean| allowCookie function| aceitarCookie boolean| existeMensagemAviso function| fecharModalMensagemAviso function| setCookie function| getCookie function| checkCookie undefined| jQuery171036243281067984845_1679372282721 object| Video string| css boolean| first boolean| chatNaBarra function| mostraChat object| barraMulti number| alturaBarra object| divChat function| jivo_onLoadCallback function| jivo_onOpen string| eventType string| eventTypeTel object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Optanon object| OneTrust number| webId boolean| fullScreen boolean| aparenciaComFundoImagemTopo function| requireWidgetScript function| countClickVendaOnline function| contaBarra function| bindVideoFullScreen function| onVideoFullScreen function| AtualizarImagemFundoTopo function| abrirModalLoginCorretor function| redirecionarParaLoginCorretor function| validarModalLoginCorretor object| app object| $T function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| jivo_config string| jivo_version object| jivo_api

11 Cookies

Domain/Path Name / Value
badonna.com.br/ Name: .ASPXANONYMOUS
Value: 94wS7WlA4AD1lc5cn0plFxQ3jq8l4sxk9V8NxuaJcb-UJwCN30tUihmDkRvoC5w9GYF4rs7m1WnxuQX_58kRDyxOxarHyyiJxmC6BVnPjehRu77BY4yflOGH9RN_oY32JV38UDBHmWU8P5g7KhYWRA2
.badonna.com.br/ Name: OnCorretorAffinity
Value: 79df80744d23799ed90d56191c3ef493022f074b9b4f1d1d4d46c94b65d04224
oncorretor.com.br/ Name: .ASPXANONYMOUS
Value: Nky8iN_IczpoHmzT3TO9vaTvoX-W7XkXMbEmDOCSRVESAJ6CdBgSFWF68oQackzkZaxJNgGE4xadYv_Y2B81xgNoQbDY3AjvXAI3rSjsZ9IaXBAnKiGw3X7OweBqkq6PHn6NE0BARbv1Xd1xD_C3_A2
.oncorretor.com.br/ Name: OnCorretorAffinity
Value: fae369e8ce465de06df08f55c28c30eecfea040bb20efc3d0c23b9c253d35db1
oncorretor.com.br/ Name: popup-mensagemAviso-aberto
Value: 0
.oncorretor.com.br/ Name: _ga
Value: GA1.3.865295460.1679372283
.oncorretor.com.br/ Name: _gid
Value: GA1.3.1134434466.1679372283
.oncorretor.com.br/ Name: _gat_newTracker
Value: 1
.youtube.com/ Name: YSC
Value: 58n_qIYUdX0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 0FisN2NgO3A
.oncorretor.com.br/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Tue+Mar+21+2023+04%3A18%3A03+GMT%2B0000+(GMT)&version=6.6.0&hosts=&consentId=45d67b0a-de28-4bf3-9ae8-6e7883bbfe7d&interactionCount=0&landingPath=https%3A%2F%2Foncorretor.com.br%2F&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options AllowAll

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
badonna.com.br
cdn-ukwest.onetrust.com
code.jivosite.com
construtor.oncorretor.com.br
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
node-ya-4.jivosite.com
oncorretor.com.br
static.doubleclick.net
stats.g.doubleclick.net
t-construtor.mstech.com.br
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
www.youtube.com
yt3.ggpht.com
158.160.54.153
173.231.16.76
201.90.114.102
2606:4700:3037::6815:1be7
2606:4700:3037::ac43:a841
2606:4700:4400::6812:2b9e
2a00:1450:4001:801::2003
2a00:1450:4001:808::2016
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2006
2a00:1450:4001:812::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c07::9a
2a13:1ec0:1000::1073
055740ee6c82f82a64354b7916b547e6946ba467dbbf6bf0c1c4eae0eaaedbaf
0786c93417ede2a0a5d482288da45887ce070d846d7c1e5f7c882a3268f17c85
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
157cef6e4bf8b2f6648030cec38d547ae654e35bca30baa4201dfc12031a6ab8
19c8e4a779d69e8a000b558766466ef9d732f554170eae795bf2570b7be02f90
1c08d75229d36229f9db2aac485b2fd3d0a48c787afecbbbb8058d3fa0cda8d2
1e3e738cbaa772a437bd8bd392009a42523e6016fcc8cbd526c57c8f57be3142
21466243c4482fa9843b9b7bb460076520cab54532c018a86c9151db666bac40
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
21bcdb45a9da93f60db773abfc0660347b15f2f363baacf2b2be56747befc3d8
228e5724f42da8822bb4c023aa371dd929c43657c76a7a0cb6b13f555a29f79a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26e3c64b00ad8007a54332911a6c5a67c1a7d6303e51d7f24b90ee6fa91f1297
29a33a79af48c8ad7d48d1a3855b17c954160b7c68a2b0213236330b61e8149e
2f00a55ead5f3a0e71d787e3abe319f80fb2c7fa396462e0e564224152ebcad3
34a693cbdc7707515a18d4a070c9422d9ffa212148ffc19407e7da937e0bffc4
34c8bc1435bcbfd0ca94bb4f57baa0dcb02e81f6ae57006f822eb44ea4a754fd
37f117fe797c82efbddf3dc26f13fa2a5e95897ea8d9b695de7caf206dd27565
395543abf9061f0d5234b6bb63dea8d3aad8567ab4d0fda577f60102447f1ecb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40f23f7fb2798d8febd60d5c42ea1694370b18e5fe91fbe7783df98358d7973b
41bba2536c7561e281809703bf9437582bfa1ce4862a9fbd80a5778d773e9f60
41dfba8c597663a81aa3b5685cbfeb86ec2eb49ac5663bd3232f0aa42862ffcb
431e73f0f10470220883e4ad55bbadbb13dc800f372c759c1118e9d594edb856
4668c1865157dba21d7a7e72a1007e3513a59c16eee8a1740f6c2faa69ff83e9
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4fbe0518411a4427a60e5e7baf7c1b2d11731efd024cb239333ac0d530506456
546cd586e691a114a7dd6a258b7c1e07561b3232226375dc54d80133d687a1f8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
602e6102a9d386bf6321e43dc289605c5c3d413f98a84abcf9addae89633e1cc
614c2c16836adff497003759038d70809d2413f3e54da26e0400625cea2804d0
627b65348371145aaabe55e47cd88f930ac1deceee9035c225e2599620b31809
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b624474cafaf891480d3b946b92e5e5181a58b85a452f86458fd7985b273a66
6e6d16fdbd323a6e1f9f5de2832e0e104b4f96c08522617706df1625e556e135
7a134cf49d569b70d71fd4ded736dac832ab8853e8a989dfbfd155d3531c1a88
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87204c552226b471bc69da0b2e6b5e8c0c2a9f37f9832a055a202b9a019e6b06
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8ce2e0617f95c297d9cdb2ac5a31e520d929122c73a8ab2c22abf17d049cde74
8da30421af9bdda9d9ffa1e2a02f91c4b8b4e6983cb3c9e559627d96ab710d2c
955139a6a1bde39ba8e112a8b38f7c215573155230749bb62748ea5b91f55f47
972f8dcafd87eb0a4cfa2493076f13767981421a7e35a363fdf3e0eefa8d7c13
9adddb8d65cfea9d2189de270e589738fc487c8e493eaf596516138e11b7f24a
9b1b48d6309b7674d767c4fa6cfaf21bd6ac5bef48c123e109eced7e1d198c6e
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
a31dd135b233457652c1f5373c3eb05202bf106bef31f0a6a46654e5235f7719
a51ca013231b3360068bc838d193060713ae363841cdd30f8743248b6ce710fb
abff1010af6774dbb9d1c68772e63a66f95b2aeb273af6b272ddc6cc6f9b6cf8
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b066753f3606986bd434c7f8ae15c294905729d0a9e76f563986d191e2a659a4
b2921cdf4de2dc6ade3d36eeb95dce7cd56bfdac50c346fcfe50cbf7d799b1f9
b358f4f1b82337ae331f2870998701fa008ecba4291fe8b999602a679d1d789a
bbff77a83a31dea8639a147fd79cad4fd3dbfda07977788c2d6b3f6bf9a88e1a
c3b0b9c27918fc81b2e8ebcc325faa67560b7dc9a1f0437d9fbc72ecedc039ab
c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5
c79f1d4b1143b7b00fc82fbc8d80557525d7d127e0203a90ba23fbd8578fedee
cc55d50d5533ee1a4fd2e6e51987ea8f876adc06b48f94f26ba759047ee7b6ba
cd21558475c8a56e2b38af04d85c7d27d0bfec6b38c9c5f0d6216d4341da481a
cd6fe8e7ae1c62891cb5eddccffd0e4fe658520f3c086c32d6c2efbd3c1e47af
ce6187956822e965a48b8f8d5af506c9308282cea73c424c3573013c09c87adb
cfbb7d3aee4af4a0846149bd38dd50b4d12c624a20952150cc60159176a977fb
d0668f33995f935ba82833d444f697f83d9bc10829895199f30aed5eb63ee4c5
d36bf5cd9297a7fceb45510c912556bce0f00977be215b9617da5a9cccb7ff0f
d3ca7c93e7081f8c75b63c797e61736d4e4939fce38c0b0e54c25efb8747a55f
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d69055c0bb25f88931abe7a5483ed1a66744a3b2960586c2d93891015a1d3b94
d79d5e44ce71d3a8da5b3b51d0652338b7c4bb90974e1b4913bc45fd368245b3
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb
dc91aba1c20d01aeba865b192be8f66177a3f04a7d77f06dfc7763369a0941f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c408ae38a005bd07ee5354fe2e349e6578ed9d28ac65af523486e4873df4ea
e60853622a54f85bfb4bab4c133c54e3a304386dfb19c23c8512d10e50d56bf4
ebfd38a16291aa6acd56699f5839b9c6adc54be515d77bc8b25ac0d044e029ad
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdb409788f6e7f06297d50fdc6f9dcf2b50682e8d9aeb61890d490fe21203b5d
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43