urlscan.io logo urlscan.io
SecurityTrails logo

rq1zcp.xyz Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Submission: On July 04 via automatic, source phishtank — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 52 IPs in 9 countries across 43 domains to perform 179 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is rq1zcp.xyz.
This is the only time rq1zcp.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lojas Americanas (Retail)

Domain & IP information

IP Address AS Autonomous System
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 142.250.186.98 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
85 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 3 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 52.95.163.15 16509 (AMAZON-02)
1 104.122.25.152 16625 (AKAMAI-AS)
1 2 2600:9000:223... 16509 (AMAZON-02)
5 35.186.220.184 15169 (GOOGLE)
1 45.60.153.158 19551 (INCAPSULA)
1 199.232.136.157 54113 (FASTLY)
1 2a02:2638::3 44788 (ASN-CRITE...)
4 23.36.163.249 20940 (AKAMAI-ASN1)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 4 2a02:2638:1::13 44788 (ASN-CRITE...)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
3 2001:4860:480... 15169 (GOOGLE)
1 178.250.0.157 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 178.250.2.151 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 4 185.33.220.242 29990 (ASN-APPNEX)
2 3 185.33.221.52 29990 (ASN-APPNEX)
1 3 18.197.223.14 16509 (AMAZON-02)
2 2 216.58.212.130 15169 (GOOGLE)
1 185.255.84.153 200271 (IGUANE-)
1 2 104.18.18.126 13335 (CLOUDFLAR...)
1 2 54.155.65.255 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 2.18.235.93 16625 (AKAMAI-AS)
1 35.156.175.32 16509 (AMAZON-02)
1 70.42.32.255 22075 (AS-OUTBRAIN)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 69.173.144.139 26667 (RUBICONPR...)
1 18.198.158.44 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 185.86.139.115 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 104.111.242.245 16625 (AKAMAI-AS)
1 13.248.245.213 16509 (AMAZON-02)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2 18.156.0.31 16509 (AMAZON-02)
2 96.16.132.239 16625 (AKAMAI-AS)
2 54.170.211.103 16509 (AMAZON-02)
2 2 3.223.102.125 14618 (AMAZON-AES)
1 2600:1f18:444... 14618 (AMAZON-AES)
1 2 34.249.106.217 16509 (AMAZON-02)
179 52
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
rq1zcp.xyz
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
85    2a02:26f0:6c00::210:bae1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
images-shoptime.b2w.io
statics-shoptime.b2w.io
catalogo-bff-v2-shoptime.b2w.io
mars-v1-shoptime-npf.b2w.io
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
youtube.com
9    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    52.95.163.15 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1-r-w.amazonaws.com
logs-referer.s3-sa-east-1.amazonaws.com
1    104.122.25.152 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-122-25-152.deploy.static.akamaitechnologies.com
client.perimeterx.net
2    2600:9000:223f:d600:0:ee2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
selo.siteblindado.com
5    35.186.220.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com
collector-pxxcro4kbp.px-cloud.net
1    45.60.153.158 (United States)

ASN19551 (INCAPSULA, US)
api.siteblindado.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    23.36.163.249 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-249.deploy.static.akamaitechnologies.com
analytics.tiktok.com
5    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
4    185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
3    18.197.223.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-223-14.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
cm.g.doubleclick.net
1    185.255.84.153 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
2    54.155.65.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-65-255.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
1    35.156.175.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-175-32.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    18.198.158.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-158-44.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2600:9000:223f:de00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
1    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com
ad.yieldlab.net
2    54.170.211.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-211-103.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
2    3.223.102.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-102-125.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:444a:4680:700d:3b5d:9173:685 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
2    34.249.106.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-106-217.eu-west-1.compute.amazonaws.com
dpm.demdex.net
Apex Domain
Subdomains		 Transfer
85 b2w.io
images-shoptime.b2w.io — Cisco Umbrella Rank: 179250
statics-shoptime.b2w.io — Cisco Umbrella Rank: 146800
catalogo-bff-v2-shoptime.b2w.io — Cisco Umbrella Rank: 170458
mars-v1-shoptime-npf.b2w.io — Cisco Umbrella Rank: 348820
2 MB
12 youtube.com
youtube.com — Cisco Umbrella Rank: 77
www.youtube.com — Cisco Umbrella Rank: 107
132 KB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 391
mug.criteo.com — Cisco Umbrella Rank: 2727
sslwidget.criteo.com — Cisco Umbrella Rank: 1530
widget.us.criteo.com — Cisco Umbrella Rank: 16628
dis.criteo.com — Cisco Umbrella Rank: 717
19 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
region1.google-analytics.com — Cisco Umbrella Rank: 2733
22 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
secure.adnxs.com — Cisco Umbrella Rank: 408
7 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
157 KB
5 px-cloud.net
collector-pxxcro4kbp.px-cloud.net — Cisco Umbrella Rank: 563946
2 KB
5 gstatic.com
fonts.gstatic.com
77 KB
4 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 1058
ups.analytics.yahoo.com — Cisco Umbrella Rank: 299
718 B
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 966
70 KB
3 liadm.com
i.liadm.com — Cisco Umbrella Rank: 543
i6.liadm.com — Cisco Umbrella Rank: 1491
1 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
1 KB
3 siteblindado.com
selo.siteblindado.com — Cisco Umbrella Rank: 93329
api.siteblindado.com — Cisco Umbrella Rank: 61751
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
204 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 192
2 KB
2 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1767
439 B
2 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 3088
720 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 642
851 B
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1528
2 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 8
1 KB
2 google.nl
adservice.google.nl — Cisco Umbrella Rank: 12272
www.google.nl — Cisco Umbrella Rank: 8162
1 KB
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 410
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 1626
172 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1188
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 653
163 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 659
239 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
35 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
239 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 611
225 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 694
476 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1333
40 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 529
785 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 321
448 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1529
235 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 516
355 B
1 t.co
t.co — Cisco Umbrella Rank: 455
337 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 606
14 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 632
15 KB
1 perimeterx.net
client.perimeterx.net — Cisco Umbrella Rank: 12079
135 KB
1 amazonaws.com
logs-referer.s3-sa-east-1.amazonaws.com — Cisco Umbrella Rank: 110450
642 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
1 KB
1 rq1zcp.xyz
rq1zcp.xyz
61 KB
0 ad5track.com Failed
apiadapter.ad5track.com Failed
179 43
Domain Requested by
58 images-shoptime.b2w.io rq1zcp.xyz
20 statics-shoptime.b2w.io rq1zcp.xyz
statics-shoptime.b2w.io
client.perimeterx.net
9 www.youtube.com rq1zcp.xyz
www.youtube.com
5 www.google-analytics.com client.perimeterx.net
www.google-analytics.com
5 collector-pxxcro4kbp.px-cloud.net client.perimeterx.net
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 ib.adnxs.com 4 redirects
4 gum.criteo.com 3 redirects client.perimeterx.net
4 analytics.tiktok.com client.perimeterx.net
analytics.tiktok.com
4 catalogo-bff-v2-shoptime.b2w.io statics-shoptime.b2w.io
3 x.bidswitch.net 1 redirects
3 secure.adnxs.com 2 redirects
3 dis.criteo.com
3 region1.google-analytics.com www.googletagmanager.com
3 mars-v1-shoptime-npf.b2w.io statics-shoptime.b2w.io
3 youtube.com 3 redirects
3 securepubads.g.doubleclick.net rq1zcp.xyz
securepubads.g.doubleclick.net
3 www.googletagmanager.com rq1zcp.xyz
client.perimeterx.net
2 dpm.demdex.net 1 redirects
2 i.liadm.com 2 redirects
2 sync-criteo.ads.yieldmo.com
2 ad.yieldlab.net
2 ups.analytics.yahoo.com 1 redirects
2 ads.yahoo.com
2 ad.360yield.com 1 redirects
2 r.casalemedia.com 1 redirects
2 cm.g.doubleclick.net 2 redirects
2 selo.siteblindado.com 1 redirects rq1zcp.xyz
1 i6.liadm.com
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 s.ad.smaato.net
1 match.sharethrough.com
1 pixel.rubiconproject.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 exchange.mediavine.com
1 contextual.media.net
1 idsync.rlcdn.com
1 visitor.omnitagjs.com
1 www.google.nl
1 www.google.com
1 widget.us.criteo.com
1 sslwidget.criteo.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 mug.criteo.com
1 analytics.twitter.com
1 t.co
1 adservice.google.com client.perimeterx.net
1 adservice.google.nl client.perimeterx.net
1 static.criteo.net client.perimeterx.net
1 static.ads-twitter.com client.perimeterx.net
1 api.siteblindado.com selo.siteblindado.com
1 client.perimeterx.net statics-shoptime.b2w.io
1 logs-referer.s3-sa-east-1.amazonaws.com rq1zcp.xyz
1 fonts.googleapis.com rq1zcp.xyz
1 rq1zcp.xyz
0 apiadapter.ad5track.com Failed statics-shoptime.b2w.io
179 60
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
b2wdigital.com
DigiCert SHA2 Secure Server CA		 2021-09-28 -
2022-09-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.s3-sa-east-1.amazonaws.com
Amazon		 2021-12-09 -
2022-12-02		 a year crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2021-09-01 -
2022-09-30		 a year crt.sh
*.siteblindado.com
SSL Blindado 2		 2021-08-26 -
2022-08-26		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.google.nl
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-13 -
2022-12-12		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-31 -
2022-10-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
exchange.mediavine.com
Amazon		 2021-08-05 -
2022-09-03		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2021-10-24 -
2022-11-24		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-18 -
2022-08-03		 2 months crt.sh
*.yieldlab.net
DigiCert SHA2 Secure Server CA		 2022-01-14 -
2023-01-13		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh

This page contains 6 frames:

Primary Page: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Frame ID: 222E156CB76338FD55F82225D2607F68
Requests: 128 HTTP requests in this frame

Frame: https://www.youtube.com/embed/iMk2Oy10FFw?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Frame ID: FB11F243D9915F64E0B8EE5011526D3B
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/embed/qc4KSBq65TA?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Frame ID: 1BEBD3B6F8BE749C2246847547F9E213
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/embed/vivNPF-3Pw4?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Frame ID: 9B3A700BCF86C7A12815DE9B3AFF72D0
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=rq1zcp.xyz&origin=onetag
Frame ID: F8A65E0150D10DEE67B69571D8770669
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=995689222878061918
Frame ID: A89AF113B38EDD085D974139063DA107
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shoptime, tudo pra você e pra sua casaicone de cesta de compras do header

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

179
Requests

85 %
HTTPS

36 %
IPv6

43
Domains

60
Subdomains

52
IPs

9
Countries

2994 kB
Transfer

6476 kB
Size

50
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://youtube.com/embed/iMk2Oy10FFw?autoplay=0&amp;rel=0&amp;showinfo=1&amp;controls=0 HTTP 301
  • https://www.youtube.com/embed/iMk2Oy10FFw?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Request Chain 6
  • https://youtube.com/embed/qc4KSBq65TA?autoplay=0&amp;rel=0&amp;showinfo=1&amp;controls=0 HTTP 301
  • https://www.youtube.com/embed/qc4KSBq65TA?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Request Chain 7
  • https://youtube.com/embed/vivNPF-3Pw4?autoplay=0&amp;rel=0&amp;showinfo=1&amp;controls=0 HTTP 301
  • https://www.youtube.com/embed/vivNPF-3Pw4?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Request Chain 53
  • http://selo.siteblindado.com/aw.js HTTP 301
  • https://selo.siteblindado.com/aw.js
Request Chain 126
  • https://gum.criteo.com/sid/json?origin=onetag&domain=rq1zcp.xyz&sn=ChromeSyncframe&so=0&topUrl=rq1zcp.xyz&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=KJqbsHx3RzVxYVBxeWx1bmZFRXA0U1lLazBZQ2NwR3dGTmM0T0ZsRk5pd1lSa2pySGpsRUFXUlNOVGJCeGVmREpmZDQxaVptQ0hnNWRiOFp2d3lGZGNxUnRObFRYMEtQdTlpSndkV0t2OG1QVllpWkdKNUUrRk5YWkZpd0RiTEpDeVlWVFVueU8rc1IraEI5VWJFWFAxY2tNc0x1a21SdjJJdEViMUNGdW1EYTgrNCtKS1lIdUpkbDI4VENsZTd5SCsyRVhZeFExN0lrRm9kQkpZUTZLZE5NR3l3aGVYK3NNOHFtZDhsU0VmUG12RURwdkF0USsydW9Ocm5va0pIN3dXcnowRzB0ZFY5S01sdE1UYXpXdzdsa0ZZUT09fA&cppv=2
Request Chain 142
  • https://sslwidget.criteo.com/event?a=8413&v=5.11.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd%26rvi%3D&p1=e%3Dvh%26pi%3DviewHome&p2=e%3Ddis&adce=1&bundle=CDaP4180QzQxc2hQM3pmQ3U5cWptZVhmMkhwZmtHJTJGNGhIUUpsdW01eWV6ZzdRejh5R0hnYW4wODdJY3JXd0h6JTJCemdkeTFPTFJRSzNESmJVb3k4dWFoVXdKJTJCM0puMzZFdDhIdCUyRnA0dkF5Z3o1bDQ1Mmxrak9xc3pFQXZ2WFhWa2tBUURxJTJGaiUyRmk5NjNNZWZKUVJjNTNzWE9KZ3clM0QlM0Q&tld=rq1zcp.xyz&fu=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou&dtycbr=7177 HTTP 302
  • https://widget.us.criteo.com/event?a=8413&v=5.11.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd%26rvi%3D&p1=e%3Dvh%26pi%3DviewHome&p2=e%3Ddis&adce=1&bundle=CDaP4180QzQxc2hQM3pmQ3U5cWptZVhmMkhwZmtHJTJGNGhIUUpsdW01eWV6ZzdRejh5R0hnYW4wODdJY3JXd0h6JTJCemdkeTFPTFJRSzNESmJVb3k4dWFoVXdKJTJCM0puMzZFdDhIdCUyRnA0dkF5Z3o1bDQ1Mmxrak9xc3pFQXZ2WFhWa2tBUURxJTJGaiUyRmk5NjNNZWZKUVJjNTNzWE9KZ3clM0QlM0Q&tld=rq1zcp.xyz&fu=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou&dtycbr=7177
Request Chain 146
  • https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=995689222878061918
Request Chain 147
  • https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D1005440%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2295302761289572641
Request Chain 148
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-HzEUnm2RSmOm7dt-EUS08pXc_uwnWNCSqwhFuQ&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HzEUnm2RSmOm7dt-EUS08pXc_uwnWNCSqwhFuQ&expires=30
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-EfHPqG2RSmOm7dt-EUS08pXc_uwTBVgMfOo_ZQ&google_cm&google_hm=ay1FZkhQcUcyUlNtT203ZHQtRVVTMDhwWGNfdXdUQlZnTWZPb19aUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-EfHPqG2RSmOm7dt-EUS08pXc_uwTBVgMfOo_ZQ&google_cm=&google_hm=ay1FZkhQcUcyUlNtT203ZHQtRVVTMDhwWGNfdXdUQlZnTWZPb19aUQ&google_tc= HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-EfHPqG2RSmOm7dt-EUS08pXc_uwTBVgMfOo_ZQ&google_gid=CAESEKFcsrpfps90Bkkf-z7At_4&google_cver=1&google_ula=913071,0
Request Chain 151
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ip3fhm2RSmOm7dt-EUS08pXc_uwfE3JN0tq0rg HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ip3fhm2RSmOm7dt-EUS08pXc_uwfE3JN0tq0rg&C=1
Request Chain 152
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Dr1_BG2RSmOm7dt-EUS08pXc_ux4WFGBrz03gA HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Dr1_BG2RSmOm7dt-EUS08pXc_ux4WFGBrz03gA
Request Chain 153
  • https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=wcYNbfKabx2t8u2VDD3Sz_IRYMWyB7Bj
Request Chain 166
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-nHuDdW2RSmOm7dt-EUS08pXc_uxHoxWRViXRGQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-nHuDdW2RSmOm7dt-EUS08pXc_uxHoxWRViXRGQ&verify=true
Request Chain 169
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-a_Jnum2RSmOm7dt-EUS08pXc_uyyLzPCpaasKw HTTP 303
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-a_Jnum2RSmOm7dt-EUS08pXc_uyyLzPCpaasKw&_li_chk=true&previous_uuid=030de5565e0442caafdaa558319c1d21 HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-a_Jnum2RSmOm7dt-EUS08pXc_uyyLzPCpaasKw
Request Chain 171
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=3lZqGahBbXcpp-SLheRq-qoLsH9hYh0y HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3lZqGahBbXcpp-SLheRq-qoLsH9hYh0y

179 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rq1zcp.xyz/ 		249 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b89f4fdab3af003cc0bb4ddf2fdbffbabdab3c98a2d6b3fa1442a0e3a464df4d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
72581cf82c8eb8ae-AMS
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Mon, 04 Jul 2022 13:12:34 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ow%2Bojqc4xy3JNFlIZhucW4bc%2BLnhx%2Fwobf8qu%2BuZB%2BLH%2FQkMdZV8n%2BYisl%2FOYlqKcsJhXninXmXBqGAYwDiIhA1VKsCkHPgN%2BMG0vjwy4qdS%2FJqFkuFY6aax9vVyX96JKA%2BoyK4%2FV1Cq"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Jul 2022 12:04:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Jul 2022 13:12:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Jul 2022 13:12:34 GMT
gtm.js
www.googletagmanager.com/ 		261 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5CT9G4M
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
61cc20923acf14a4782e62a1776c24532171ad33a93416ef2b634b14430dcf43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81046
x-xss-protection
0
last-modified
Mon, 04 Jul 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Jul 2022 13:12:34 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
d81bc2da6ee8afa6d5d1aaa1440da030ad2b43c167802f7e014f07ebb79cba01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28045
x-xss-protection
0
server
sffe
etag
"1263 / 501 of 1000 / last-modified: 1656713159"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Jul 2022 13:12:34 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://rq1zcp.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 19:07:55 GMT
x-content-type-options
nosniff
age
583479
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Jun 2023 19:07:55 GMT
Topinho-recebahoje-37d56aeba09c.png
images-shoptime.b2w.io/spacey/shop/2022/06/24/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/24/Topinho-recebahoje-37d56aeba09c.png
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
22744ecfa15c9f8877de869d99522530373b63a381b1592a0aa75e870bcb45bd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
last-modified
Fri, 24 Jun 2022 21:45:41 GMT
server
BIS
etag
699ca67a9677f0afbfaab63bc0bac861f04907ed2405ad36cbc083d8c8e9520b
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
48196
content-disposition
inline; filename="Topinho-recebahoje-37d56aeba09c.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
10624
x-request-id
P_h7323ai3Pz08X6bz00d
expires
Tue, 05 Jul 2022 13:12:34 GMT
iMk2Oy10FFw
www.youtube.com/embed/ Frame FB11
Redirect Chain
  • https://youtube.com/embed/iMk2Oy10FFw?autoplay=0&amp;rel=0&amp;showinfo=1&amp;controls=0
  • https://www.youtube.com/embed/iMk2Oy10FFw?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
63 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/iMk2Oy10FFw?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aa3d6891540420a854a7db06ab8c2e6dc55d031165808ba8e0c3f79935eebdb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rq1zcp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Mon, 04 Jul 2022 13:12:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=31536000
content-length
0
content-type
application/binary
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Mon, 04 Jul 2022 13:12:34 GMT
expires
Mon, 04 Jul 2022 13:12:34 GMT
location
https://www.youtube.com/embed/iMk2Oy10FFw?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
qc4KSBq65TA
www.youtube.com/embed/ Frame 1BEB
Redirect Chain
  • https://youtube.com/embed/qc4KSBq65TA?autoplay=0&amp;rel=0&amp;showinfo=1&amp;controls=0
  • https://www.youtube.com/embed/qc4KSBq65TA?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
63 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/qc4KSBq65TA?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1194c840568bf9d2482c021edd67494d10e6c1127391b883e17e8fc0563b0c91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rq1zcp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Mon, 04 Jul 2022 13:12:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=31536000
content-length
0
content-type
application/binary
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Mon, 04 Jul 2022 13:12:34 GMT
expires
Mon, 04 Jul 2022 13:12:34 GMT
location
https://www.youtube.com/embed/qc4KSBq65TA?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
vivNPF-3Pw4
www.youtube.com/embed/ Frame 9B3A
Redirect Chain
  • https://youtube.com/embed/vivNPF-3Pw4?autoplay=0&amp;rel=0&amp;showinfo=1&amp;controls=0
  • https://www.youtube.com/embed/vivNPF-3Pw4?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
63 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/vivNPF-3Pw4?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d87bce70420254a962d8bed39b860d26589fd8230d01c92a64bc1f5b2d077c60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://rq1zcp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Mon, 04 Jul 2022 13:12:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=31536000
content-length
0
content-type
application/binary
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Mon, 04 Jul 2022 13:12:34 GMT
expires
Mon, 04 Jul 2022 13:12:34 GMT
location
https://www.youtube.com/embed/vivNPF-3Pw4?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://rq1zcp.xyz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:45:42 GMT
x-content-type-options
nosniff
age
534412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 08:45:42 GMT
1250X140_DESTAQUEDESKTOP-2_inverno_002-48012b1519b9.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/1250X140_DESTAQUEDESKTOP-2_inverno_002-48012b1519b9.png
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
871356132d8dfef020b0a40fe0d9f2f318e944f6d8291d90ecea7189c00a8739

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
last-modified
Fri, 01 Jul 2022 20:32:22 GMT
server
BIS
etag
c579db769960d05c2bdfb097e83dbe01682bb21a28851dd16cca729607b8ebcc
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="1250X140_DESTAQUEDESKTOP-2_inverno_002-48012b1519b9.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
122906
x-request-id
8K_DdGE_rCNZPVdZBk-uK
expires
Tue, 05 Jul 2022 13:12:34 GMT
Header-Desktop-2ee6de2788e2.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/Header-Desktop-2ee6de2788e2.png
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
2b0bcdc289f66fca1f6111e430c7dee38f5cd041cd4304262d240a88dd47b8d9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
last-modified
Fri, 01 Jul 2022 21:31:44 GMT
server
BIS
etag
5d8bd900b2cd81b60b29d11b92f5d12f89dc54fa65db9e70a2f0b90257105365
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="Header-Desktop-2ee6de2788e2.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
22928
x-request-id
YZ0sSfgQCH5WhgbZg-VJ1
expires
Tue, 05 Jul 2022 13:12:34 GMT
BANNER_DESCONTO_40_PORCENTO-0500880077c0.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/BANNER_DESCONTO_40_PORCENTO-0500880077c0.png
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
de3c6277727f25ae62b2de2e9bb9262355a85e2c0d23aca942dd24cd9a655594

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
last-modified
Fri, 01 Jul 2022 21:32:02 GMT
server
BIS
etag
eabdad1a09fb7953686dd4cce9c55fce6d5a834234cace8dbd19e7fd8435e11c
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="BANNER_DESCONTO_40_PORCENTO-0500880077c0.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
81528
x-request-id
EQizs9OjIbkvq421xW5-S
expires
Tue, 05 Jul 2022 13:12:34 GMT
Facebook_kvinverno-513a1f01c761.png
images-shoptime.b2w.io/spacey/shop/2022/06/21/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/21/Facebook_kvinverno-513a1f01c761.png
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
96a6b8f39f89645db62625c94919df127418bf4429226dbce17c164ed33ea5e3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
last-modified
Tue, 21 Jun 2022 17:51:56 GMT
server
BIS
etag
0b2678cd6d18c1828f3f666bfe22db10b7cfaa92747b49bb438fe515f425f2fd
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="Facebook_kvinverno-513a1f01c761.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
1660
x-request-id
NUtCYFeU9Tkml__6aQ_3N
expires
Tue, 05 Jul 2022 13:12:34 GMT
Instagram_kvinverno-c3c45f5f2e15.png
images-shoptime.b2w.io/spacey/shop/2022/06/21/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/21/Instagram_kvinverno-c3c45f5f2e15.png
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
aa78fd44e057b9e9e31cd6078264192559cf618e06266dfd1f53d4cdf958875b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
last-modified
Tue, 21 Jun 2022 17:51:57 GMT
server
BIS
etag
918df179152a5fa16a5caa0db18722d7241a90c133dcd08c5d7bc071fca80604
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="Instagram_kvinverno-c3c45f5f2e15.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
2050
x-request-id
ScCSyW80Fm73GAxXHwaTc
expires
Tue, 05 Jul 2022 13:12:34 GMT
Youtube_kvinverno-1b3484b825f1.png
images-shoptime.b2w.io/spacey/shop/2022/06/21/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/21/Youtube_kvinverno-1b3484b825f1.png
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
888a9ec81e9b77dbb827c8a9b1ee1715bc19508901d280bdc1660fbb65091934

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:35 GMT
last-modified
Wed, 29 Jun 2022 13:52:28 GMT
server
BIS
etag
8df6dde59d99f80b40233b66dda23d2251496e49d2817d24e32963dd72611046
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="Youtube_kvinverno-1b3484b825f1.png"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
2666
x-request-id
J5K01ykehxFE-p6rP9GvN
expires
Tue, 05 Jul 2022 13:12:35 GMT
Twitter_kvinverno-ffb665852624.png
images-shoptime.b2w.io/spacey/shop/2022/06/21/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/21/Twitter_kvinverno-ffb665852624.png
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
4e33f2a7f6caf3498bf3fd5d5d431a628f46a6aa97a82a2fea12e62ca2287be3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
last-modified
Tue, 21 Jun 2022 17:51:57 GMT
server
BIS
etag
ad45f772ed8429b87d01b00d924629ea3429fa9e40b11050c0392ade1d6ea72d
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="Twitter_kvinverno-ffb665852624.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
1976
x-request-id
v1T4AXoCmHKKhgSu45dc0
expires
Tue, 05 Jul 2022 13:12:34 GMT
Tiktok_kvinverno-fa22240150ac.png
images-shoptime.b2w.io/spacey/shop/2022/06/21/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/21/Tiktok_kvinverno-fa22240150ac.png
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
70cf7cbc9db4871f2e34720d793b68477adb167f432bcd928e2edb2d2e82f5d1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
last-modified
Tue, 21 Jun 2022 17:51:58 GMT
server
BIS
etag
51bcad1c7702fdbf02cec6484d9e96ffcaed9f030b881c06c6bb17bb92a563e7
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="Tiktok_kvinverno-fa22240150ac.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
1888
x-request-id
_h5PJmQzUsjFNDpykU-Aj
expires
Tue, 05 Jul 2022 13:12:34 GMT
Telegram_kvinverno-d5a43f463ee7.png
images-shoptime.b2w.io/spacey/shop/2022/06/21/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/21/Telegram_kvinverno-d5a43f463ee7.png
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
abd1b92d11867358811abe9165333e36d91b95ad73803c5c507621d32b73606c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
last-modified
Tue, 21 Jun 2022 17:51:58 GMT
server
BIS
etag
fd0cf0d6eac111ab6c44630cde6426a24b24153648e3bd692c9de13cbefac9c9
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="Telegram_kvinverno-d5a43f463ee7.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
1938
x-request-id
gcwPGLGJzhFcVtEPv6-5n
expires
Tue, 05 Jul 2022 13:12:34 GMT
truncated
/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf91fe8cbc4f2d9ef41e522b3d4917a4d2dad4cbb1f133be1119fb3ea1bb6221

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
img/png
main.f1bba368bd239d5a58a3.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/main.f1bba368bd239d5a58a3.js
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
da2b07040681b126077e6efdedbb4f8bcac666839e35cca7707551dd139fa68e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
9257
last-modified
Tue, 28 Jun 2022 20:43:08 GMT
server
B2W-CDN
etag
"2705d20a54c9a3fc0d79634a20b3b0e9"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
49036
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:34 GMT
catalogo-ui-shoptime-desktop-theme-provider.35358b43f2cac343cf37.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-shoptime-desktop-theme-provider.35358b43f2cac343cf37.js
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
3a4740c7a128058d299507440a7b32e2963705704e8db9e9c6dea2a389a8d409

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
1139
last-modified
Tue, 19 Apr 2022 14:02:06 GMT
server
B2W-CDN
etag
"b802d96c61f2b793bee9dbfcb3e475cd"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
52742
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:34 GMT
catalogo-ui-shoptime-desktop-global-style.d1266d1158431051baec.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		526 B
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-shoptime-desktop-global-style.d1266d1158431051baec.js
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
49d0f73063c2a21ef4d63e0a98d1de22a68cadc4d105c4c3d74a533b8825fb6f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
384
last-modified
Wed, 26 Jan 2022 22:49:33 GMT
server
B2W-CDN
etag
"c4a6f5a5a0e2881bbc223e8a8c664fe7"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
55172
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:34 GMT
catalogo-ui-shoptime-desktop-header.28b81badad14b1f8fd0e.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		145 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-shoptime-desktop-header.28b81badad14b1f8fd0e.js
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
7cc57650e31ca356fa6f029648d12f8b350a16576bc6d6598670e629dd35c155

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
35919
last-modified
Wed, 22 Jun 2022 16:17:55 GMT
server
B2W-CDN
etag
"cc2990e2a0f6b3d4bba59b9c00e8204d"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
42824
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:34 GMT
catalogo-ui-shoptime-desktop-footer.b44b08a843688a366f85.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		69 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-shoptime-desktop-footer.b44b08a843688a366f85.js
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
3c0c13488571b96abfa67469f01cf6dc44aa2273f1c33a510babb47099f45bda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
37649
last-modified
Wed, 22 Jun 2022 16:17:55 GMT
server
B2W-CDN
etag
"3c67a930795367621964e393fa81da78"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
42824
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:34 GMT
catalogo-ui-shoptime-desktop-zion-banner.21e36494f216018ec80a.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-shoptime-desktop-zion-banner.21e36494f216018ec80a.js
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
c371c95e24b27bfb099903cccc1777b0f1f328606ddd46e9d92535f3358b84be

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
148, 148
date
Mon, 04 Jul 2022 13:12:34 GMT
content-encoding
gzip
vary
Accept-Encoding
x-edgeconnect-midmile-rtt
0, 0
content-length
957
last-modified
Tue, 19 Apr 2022 14:02:06 GMT
server
B2W-CDN
etag
"bc853eab9b7eef08e1ba288b53a498d3"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
19250
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:34 GMT
catalogo-ui-shoptime-mobile-zion-image.2142c03ef8b7163af7d6.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-shoptime-mobile-zion-image.2142c03ef8b7163af7d6.js
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
ee7c5431faf488f443187de07949bd5a1ec428311564fa1954d859abbe5f2de6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:35 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
7250
last-modified
Wed, 22 Jun 2022 16:17:59 GMT
server
B2W-CDN
etag
"529149857e830bf643f2a0a84fc88201"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
42824
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:35 GMT
catalogo-template-americanas-desktop-hotsite.edd63da19299827eb7d4.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		129 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-template-americanas-desktop-hotsite.edd63da19299827eb7d4.js
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
57537a24308ba82c9f39135258eda99e3db993e6544d1aa3f476239d175e21ac

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:35 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
35313
last-modified
Mon, 27 Jun 2022 20:09:10 GMT
server
B2W-CDN
etag
"46e2fb1a06b579f6ebe60e4a968fa4af"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
40912
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:35 GMT
catalogo-ui-americanas-desktop-zion-grid.ca2c2ab299bf61492d88.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-americanas-desktop-zion-grid.ca2c2ab299bf61492d88.js
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
6819e520d97df882e216b06ed17e871b33b93b8f13aa14a841c3270340af4454

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:35 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
1165
last-modified
Fri, 04 Feb 2022 15:05:04 GMT
server
B2W-CDN
etag
"2718ba11ea8e2a93190e218506c47484"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
37416
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:35 GMT
catalogo-ui-shoptime-mobile-carousel.2edecf2022777b360fac.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-shoptime-mobile-carousel.2edecf2022777b360fac.js
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
e569dfdc4f0751e875356399e9b98e3b7342e77d9b13491ecba00583d78da8e2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:35 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
22572
last-modified
Wed, 22 Jun 2022 16:17:57 GMT
server
B2W-CDN
etag
"90f20f2af4419ce815952a61e755b3ef"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
42824
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:35 GMT
catalogo-ui-shoptime-desktop-zion-content.52236ef4760e8f69f3ca.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		406 B
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-shoptime-desktop-zion-content.52236ef4760e8f69f3ca.js
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
57f2c68abd0062712c91387b9c85ce8acec069afb7c478333825bc726718fe44

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:35 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
322
last-modified
Wed, 26 Jan 2022 22:49:34 GMT
server
B2W-CDN
etag
"bcbbb4952b193c2dc3a3d691ff73b8be"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
47774
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:35 GMT
catalogo-ui-shoptime-desktop-zion-title.4317d54b0829c0a1b89f.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		902 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-shoptime-desktop-zion-title.4317d54b0829c0a1b89f.js
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
7f71132d45d6a3e5e743b693d517b001477a543d9c97ec95643976416ee4eb5b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
327, 327
date
Mon, 04 Jul 2022 13:12:35 GMT
content-encoding
gzip
vary
Accept-Encoding
x-edgeconnect-midmile-rtt
8, 8
content-length
584
last-modified
Mon, 02 May 2022 22:20:59 GMT
server
B2W-CDN
etag
"c5badcfcfaf1a8378ec05b43e79d3fd9"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
7081
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:35 GMT
catalogo-ui-americanas-desktop-zion-video.087143f25c8bd2f2429d.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		977 B
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-americanas-desktop-zion-video.087143f25c8bd2f2429d.js
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
da723b261743d289890cabd4fff26f28dfc9fe31d4fe2c172fd0c74890880964

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:35 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
667
last-modified
Thu, 14 Apr 2022 21:35:18 GMT
server
B2W-CDN
etag
"e6770fcc1f0a1942c3853335cd7ba153"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
40912
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:35 GMT
image.jpeg
logs-referer.s3-sa-east-1.amazonaws.com/ 		285 B
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logs-referer.s3-sa-east-1.amazonaws.com/image.jpeg?x-cm=lasa&x-ref=
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.163.15 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3b8bfa505fc51242d5b2452e3bce6c89da12923fb0ad61f00ee72100c9cb3cd0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 13:12:36 GMT
Last-Modified
Mon, 10 May 2021 15:23:45 GMT
Server
AmazonS3
x-amz-request-id
H7YDFS9VQ88MGR53
ETag
"2e85899818427b96f57db55dd05d06a7"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
285
x-amz-id-2
Dv97cKXtLTS/HwIJPqcdE8dR6JxXqRP4ciO0uw026/MKHtOCzfOq5/NMane7bNQU2rdOIpO2AQI=
pubads_impl_2022062701.js
securepubads.g.doubleclick.net/gpt/ 		373 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
01fb24629611503ba4ea42ea9d94c1b82449d62985a6087c5e22e9e38b9b0ff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 09:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14007
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130259
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:39:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Jul 2023 09:19:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		32 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rq1zcp.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
72933a01e0eb9d260d2dfe11a7ffce9a939aed8efeff976ba30d1f6aa7fdf954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 13:12:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
x-xss-protection
0
expires
Mon, 04 Jul 2022 13:12:34 GMT
www-player.css
www.youtube.com/s/player/0e7373c2/ Frame 1BEB 		240 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e7373c2/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qc4KSBq65TA?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/qc4KSBq65TA?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 19:43:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
62935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47687
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 00:22:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 03 Jul 2023 19:43:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1BEB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qc4KSBq65TA?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
504354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Jun 2023 17:06:41 GMT
www-embed-player.js
www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/ Frame 1BEB 		0
0
base.js
www.youtube.com/s/player/0e7373c2/player_ias.vflset/nl_NL/ Frame 1BEB 		0
0
fetch-polyfill.js
www.youtube.com/s/player/0e7373c2/fetch-polyfill.vflset/ Frame 1BEB 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e7373c2/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/qc4KSBq65TA?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/qc4KSBq65TA?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:25:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
298010
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 00:22:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 01 Jul 2023 02:25:45 GMT
www-player.css
www.youtube.com/s/player/0e7373c2/ Frame FB11 		339 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e7373c2/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iMk2Oy10FFw?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11148ace6157cd94751922d3c17557609a94b6c2a56ebbf7efcfe1eefba2f27a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/iMk2Oy10FFw?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 19:43:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
62935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47687
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 00:22:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 03 Jul 2023 19:43:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FB11 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iMk2Oy10FFw?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
504354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Jun 2023 17:06:41 GMT
www-player.css
www.youtube.com/s/player/0e7373c2/ Frame 9B3A 		306 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e7373c2/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vivNPF-3Pw4?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/vivNPF-3Pw4?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 19:43:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
62935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47687
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 00:22:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 03 Jul 2023 19:43:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9B3A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vivNPF-3Pw4?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
504354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Jun 2023 17:06:41 GMT
www-embed-player.js
www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/ Frame FB11 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iMk2Oy10FFw?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/iMk2Oy10FFw?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 15:54:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
76658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95369
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 00:22:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 03 Jul 2023 15:54:57 GMT
base.js
www.youtube.com/s/player/0e7373c2/player_ias.vflset/nl_NL/ Frame FB11 		0
0
fetch-polyfill.js
www.youtube.com/s/player/0e7373c2/fetch-polyfill.vflset/ Frame FB11 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0e7373c2/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/iMk2Oy10FFw?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.youtube.com/embed/iMk2Oy10FFw?autoplay=0&amp%3Brel=0&amp%3Bshowinfo=1&amp%3Bcontrols=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:25:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
298010
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 30 Jun 2022 00:22:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 01 Jul 2023 02:25:45 GMT
2595.7881eedab0d241a3bdea.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		1017 KB
239 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/2595.7881eedab0d241a3bdea.js
Requested by
Host: statics-shoptime.b2w.io
URL: https://statics-shoptime.b2w.io/catalog-statics/shop/js/main.f1bba368bd239d5a58a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
a667cb9c96bddef52efa8819536f795ae97c341fd2e399d51939791882f76d2f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:35 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
243915
last-modified
Tue, 28 Jun 2022 20:42:52 GMT
server
B2W-CDN
etag
"ace1a53bbb2e72e2fd64103f82d5c051"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
49036
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:35 GMT
www-embed-player.js
www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/ Frame 9B3A 		0
0
base.js
www.youtube.com/s/player/0e7373c2/player_ias.vflset/nl_NL/ Frame 9B3A 		0
0
fetch-polyfill.js
www.youtube.com/s/player/0e7373c2/fetch-polyfill.vflset/ Frame 9B3A 		0
0
main.min.js
client.perimeterx.net/PXxcro4kBp/ 		287 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://client.perimeterx.net/PXxcro4kBp/main.min.js
Requested by
Host: statics-shoptime.b2w.io
URL: https://statics-shoptime.b2w.io/catalog-statics/shop/js/2595.7881eedab0d241a3bdea.js
Protocol
HTTP/1.1
Server
104.122.25.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-122-25-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5dbe4248e7bb72c2067d5f06a8472a8ae24cc882e510d2363d8ef020d2af5d6c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 13:12:35 GMT
Content-Encoding
gzip
ETag
"47ae2-tS4C3elWjfwKXn2abyAJmsqSAOA"
active-cdn
Akamai
x-px-hash
ZmM3YjI2MDQxYjU1YTMzYmE3NjQ3MmI5NTM2NzlmZDQ0ODUwZDNjMDExYTk1ZmYwNzE5NjE1N2UxZDhkZTg3Mw==
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
active-cdn,x-served-by
Cache-Control
max-age=900,stale-while-revalidate=86400,stale-if-error=3600
Connection
keep-alive
Content-Length
137943
catalogo-template-shoptime-mobile-home.beac6b82c5312401d7bc.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-template-shoptime-mobile-home.beac6b82c5312401d7bc.js
Requested by
Host: statics-shoptime.b2w.io
URL: https://statics-shoptime.b2w.io/catalog-statics/shop/js/main.f1bba368bd239d5a58a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
8e7445ad5cfd70beacfff90d87df1bcfa742f9d7173e7ebb891bb19dff65576e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:35 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
4613
last-modified
Tue, 10 May 2022 14:01:44 GMT
server
B2W-CDN
etag
"9e4b7068bcdd92fc1e88c9fb3a57a1a0"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
40162
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:35 GMT
aw.js
selo.siteblindado.com/
Redirect Chain
  • http://selo.siteblindado.com/aw.js
  • https://selo.siteblindado.com/aw.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://selo.siteblindado.com/aw.js
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
HTTP/1.1
Server
2600:9000:223f:d600:0:ee2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
081b26433bd1ca389f3dca19b907a78a7c66075f9bd920e42d707bfcbc0bc976

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 09:20:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 14:30:37 GMT
Server
AmazonS3
Age
13937
ETag
W/"e038fbe38f630f9ab40b1177a5cad5cb"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P5
X-Amz-Cf-Id
15mNfwhkgNgkIXO6NS-Z-GuNYwFqBdur7OQ9zn2neuLmU_q_Vq7klw==

Redirect headers

Date
Mon, 04 Jul 2022 13:12:35 GMT
Via
1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P5
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://selo.siteblindado.com/aw.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
C80gK3DtM5lQ5Kbgj5PvakkKeBqtNxi9uDDn_mY5xBEyavR_Arjo9A==
ad66586b-11d1-4a03-842e-7f03fac2c269
http://rq1zcp.xyz/ 		186 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://rq1zcp.xyz/ad66586b-11d1-4a03-842e-7f03fac2c269
Requested by
Host: rq1zcp.xyz
URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa3dcd7a5e762b34850ff793858e62ef185e504cf53b1dd43453d5eb6e258252

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length
186
graphql
catalogo-bff-v2-shoptime.b2w.io/ 		52 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://catalogo-bff-v2-shoptime.b2w.io/graphql?operationName=pageHomeService&variables=%7B%22path%22%3A%22%2F%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a82929c4d81caf4d2823ff88eeb50197dc25c90ead2b82264f2f47a6e46d9db0%22%7D%7D
Requested by
Host: statics-shoptime.b2w.io
URL: https://statics-shoptime.b2w.io/catalog-statics/shop/js/2595.7881eedab0d241a3bdea.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
39ca5a44a28087644185aa8aeeec0d55c1266b615c194a425c0136a71926f00b

Request headers

hotjar
old
accept-language
nl-NL,nl;q=0.9
tiktok
new
x-tid
1656940353914.0.6915458110809469
userid
va_1656940353910.0.9059810211902692
device
desktop
promocional-test-ab
test
apollographql-client-name
catalogo-v3
pagetype
home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json
buybox-test-ab
treatment1-abexperiment20210622
accept
*/*
Referer
http://rq1zcp.xyz/
onedaydeliveryfiltered
false
sessionid
1656940353910.0.6730526501682943
header-test-ab
new

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
gzip
server
openresty
x-cache-status
BYPASS
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1800, public
x-backend
backend
access-control-allow-headers
*
content-length
7270
x-request-id
a7c6ea37-49c1-4c97-bdbe-9c9e84036a01
access-control-expose-headers
*
graphql
catalogo-bff-v2-shoptime.b2w.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://catalogo-bff-v2-shoptime.b2w.io/graphql?operationName=pageHomeService&variables=%7B%22path%22%3A%22%2F%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%22a82929c4d81caf4d2823ff88eeb50197dc25c90ead2b82264f2f47a6e46d9db0%22%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
apollographql-client-name,buybox-test-ab,content-type,device,header-test-ab,hotjar,onedaydeliveryfiltered,pagetype,promocional-test-ab,sessionid,tiktok,userid,x-tid
Access-Control-Request-Method
GET
Origin
http://rq1zcp.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
*
access-control-max-age
86400
date
Mon, 04 Jul 2022 13:12:35 GMT
server
openresty
x-backend
backend
x-cache-status
BYPASS
x-request-id
8cc6ea37-49c1-4c97-bdbe-9c9e84036a01
collector
collector-pxxcro4kbp.px-cloud.net/api/v2/ 		353 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxcro4kbp.px-cloud.net/api/v2/collector
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
14308de43f4aee627ffa86c602b0972e8b175d0e08280508d08aeb03bd067415

Request headers

Referer
http://rq1zcp.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 04 Jul 2022 13:12:35 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://rq1zcp.xyz
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
353
info
api.siteblindado.com/rq1zcp.xyz/ 		0
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.siteblindado.com/rq1zcp.xyz/info
Requested by
Host: selo.siteblindado.com
URL: http://selo.siteblindado.com/aw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.153.158 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:35 GMT
x-cdn
Imperva
age
1276
content-type
application/json
access-control-allow-origin
*
x-iinfo
12-64517674-64517333 2CNN RT(1656940355173 54) q(0 0 0 4) r(0 0) U18
cache-control
max-age=3600, public
content-length
0
catalogo-ui-shoptime-mobile-zion-slideshow.1a02d3330df871fd85ff.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-shoptime-mobile-zion-slideshow.1a02d3330df871fd85ff.js
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
47fec4d54946b3078bf6590827bce78ebd5a35fbdd8620c01b2b867668110271

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
4129
last-modified
Wed, 22 Jun 2022 16:17:59 GMT
server
B2W-CDN
etag
"3e753031e504bd77254cf44a36765824"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
47180
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:36 GMT
catalogo-ui-shoptime-mobile-zion-hot-offer.b99219c3d8387d779fd2.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-shoptime-mobile-zion-hot-offer.b99219c3d8387d779fd2.js
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
36b95cc8fe7ef83f58251e95188198ca17c795cfd46c83377478e85f3d3b0d1a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
12446
last-modified
Wed, 22 Jun 2022 16:17:59 GMT
server
B2W-CDN
etag
"df9a40a9cd9f6c955d04f58376854dc2"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
47180
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:36 GMT
catalogo-ui-shoptime-mobile-login.dd3e63e71ce630a00338.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-shoptime-mobile-login.dd3e63e71ce630a00338.js
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
305adb6ae2ae7a7e29d37baf2fa6e0c303cda4adf859cd38f659a073332a1131

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
9506
last-modified
Fri, 10 Jun 2022 11:15:24 GMT
server
B2W-CDN
etag
"bcf1b9027617688a72cfc025304e4df1"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
42140
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:36 GMT
catalogo-ui-shoptime-mobile-zion-cr.fd0b3476fddebbe9580c.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-shoptime-mobile-zion-cr.fd0b3476fddebbe9580c.js
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
febbbdc435f912974f0733c3d72590020bc88946536b4d87da61b32838ce7483

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
5667
last-modified
Wed, 22 Jun 2022 16:17:59 GMT
server
B2W-CDN
etag
"7714cbdd6401b13f9799b1d4823d3b9c"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
47180
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:36 GMT
catalogo-ui-americanas-mobile-b2wads-google.15c8d22bda59a18d056b.js
statics-shoptime.b2w.io/catalog-statics/shop/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics-shoptime.b2w.io/catalog-statics/shop/js/catalogo-ui-americanas-mobile-b2wads-google.15c8d22bda59a18d056b.js
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
B2W-CDN /
Resource Hash
27e5e6f03d1878f7cb27d6f39ff4d4982af2ecde75bf664d95f69b2007967fb0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
gzip
vary
Accept-Encoding
content-length
3688
last-modified
Tue, 19 Apr 2022 14:02:02 GMT
server
B2W-CDN
etag
"8e36adcf5fd4d2708caa62483858cfb0"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400
access-control-allow-credentials
false
warning
53346
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 05 Jul 2022 13:12:36 GMT
recsForPlacements
mars-v1-shoptime-npf.b2w.io/rrserver/api/rrPlatform/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mars-v1-shoptime-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements?limit=12&includeMVTData=true&includeStrategyData=true&returnMinimalRecItemData=true&sessionId=1656940353910.0.6730526501682943&userId=va_1656940353910.0.9059810211902692&placements=home_page.rr1%7Chome_page.rr2%7Chome_page.rr3&userAttribute=device%3Adesktop&categoryId=virtual-home
Requested by
Host: statics-shoptime.b2w.io
URL: https://statics-shoptime.b2w.io/catalog-statics/shop/js/2595.7881eedab0d241a3bdea.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e35922657bd3c47eda563ab0dc482eb2bc9cfe584bd146769428ab8794ec049f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
gzip
content-length
744
vary
Accept-Encoding
content-type
application/json
shoptime
apiadapter.ad5track.com/v3/ads/ 		0
0
recsForPlacements
mars-v1-shoptime-npf.b2w.io/rrserver/api/rrPlatform/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mars-v1-shoptime-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements?limit=12&includeMVTData=true&includeStrategyData=true&returnMinimalRecItemData=true&sessionId=1656940353910.0.6730526501682943&userId=va_1656940353910.0.9059810211902692&placements=home_page.rr1%7Chome_page.rr2%7Chome_page.rr3&userAttribute=device%3Adesktop&categoryId=virtual-home
Requested by
Host: statics-shoptime.b2w.io
URL: https://statics-shoptime.b2w.io/catalog-statics/shop/js/2595.7881eedab0d241a3bdea.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f4e8a00582db67977fe4757fd85e51cdce1a236b874eaef7d9c59f4806dd3873

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
gzip
content-length
742
vary
Accept-Encoding
content-type
application/json
shoptime
apiadapter.ad5track.com/v3/ads/ 		0
0
Header-Desktop-c078d5369eb9.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/Header-Desktop-c078d5369eb9.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
5af0a440451f706ed81e33af27932311127a43d1e98c5bf4775dca7b09a3842a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Fri, 01 Jul 2022 21:56:18 GMT
server
BIS
etag
c2eef847b60a58492889f820e7f457f84245d4ed33272351a3a9eff7a5c23a8c
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
46172
content-disposition
inline; filename="Header-Desktop-c078d5369eb9.png"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
8097
x-request-id
igxgjFO6QToIsaxtzt9US
expires
Tue, 05 Jul 2022 13:12:36 GMT
Banner-Condicional-5-54fc62f1c451.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/Banner-Condicional-5-54fc62f1c451.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
69446645a655918885453ec3bdc097cbef5f07f32c66942d5d778ffbd0ea7a03

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Mon, 04 Jul 2022 13:00:09 GMT
server
BIS
etag
9dc148933c998a40c8cee2705ad43cd045a314b40fd2d48e9628fe4220c3cdd6
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="Banner-Condicional-5-54fc62f1c451.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
18580
x-request-id
ZQRSsend6nGQpzhrPxR8k
expires
Tue, 05 Jul 2022 13:12:36 GMT
Banner-Condicional-6-69e5d026977d.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/Banner-Condicional-6-69e5d026977d.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
054358f30930d3e0cf2da7a97f202edca0dd2d987a975560beb9f2fdd64bc778

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Mon, 04 Jul 2022 13:00:09 GMT
server
BIS
etag
f545e7647d5ca803f4c0cb32e7983a0417eb70d81d146f705daf06ae1f97b010
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="Banner-Condicional-6-69e5d026977d.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
19842
x-request-id
us9HrTxpGj0fUjK1haNKH
expires
Tue, 05 Jul 2022 13:12:36 GMT
Banner-Condicional-81-33ebed58e7c8.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/Banner-Condicional-81-33ebed58e7c8.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
02dc20acd1174e5aae7126893e26e1c43a99f174b744c04dbd8d5250a2aa789f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Fri, 01 Jul 2022 20:00:18 GMT
server
BIS
etag
f78c49fd8e38dbe69fa426f01d662de0e7b063cedb51e876f8080efd1d6e4e85
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
46172
content-disposition
inline; filename="Banner-Condicional-81-33ebed58e7c8.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
24072
x-request-id
gT53NeBsf_ovCYP2-DKrr
expires
Tue, 05 Jul 2022 13:12:36 GMT
Banner-Condicional-1-ce6e54bd0726.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/Banner-Condicional-1-ce6e54bd0726.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
7330f6053bf4da6fb0ad65fa222a2b03a1dfdea11b0e21c344abc773b8eefe97

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Fri, 01 Jul 2022 18:45:15 GMT
server
BIS
etag
6030d852c902d8c7e819488b3ad2dfdc63813cb32af60eb62b46da356c896bcb
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
46172
content-disposition
inline; filename="Banner-Condicional-1-ce6e54bd0726.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
19930
x-request-id
BuebkCYCdWdyKKeBK-TP_
expires
Tue, 05 Jul 2022 13:12:36 GMT
BannerFaixa-CantinhoDoBeb-Desktop-4-1e3e49270150.png
images-shoptime.b2w.io/spacey/shop/2022/06/30/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/30/BannerFaixa-CantinhoDoBeb-Desktop-4-1e3e49270150.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
5c3cf36341ec8d1360f65bde0077a14dc65cb27f812e4e174c1791d5f21b6699

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Thu, 30 Jun 2022 13:09:09 GMT
server
BIS
etag
32bb6a00a42bd16bc402d6daacd4c915adeb597d13b6088f1d09438730460f8f
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
39844
content-disposition
inline; filename="BannerFaixa-CantinhoDoBeb-Desktop-4-1e3e49270150.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
35630
x-request-id
p5FYGSEw_uezHypKF_qKl
expires
Tue, 05 Jul 2022 13:12:36 GMT
Oferta_Promocional-9-c2428db06937.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/Oferta_Promocional-9-c2428db06937.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
600a840381f63faad0c0f1cc243adbd269a33e0a43de96eeecface7597cbb33c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Fri, 01 Jul 2022 20:00:33 GMT
server
BIS
etag
2d904bd709e73c30af2124a7f013a1c829f95f949f9c9b30fe0e0a8a783cd2ae
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
46172
content-disposition
inline; filename="Oferta_Promocional-9-c2428db06937.png"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
38291
x-request-id
4ED50YbdyKJkJFOJ5RHc4
expires
Tue, 05 Jul 2022 13:12:36 GMT
OfertaPromocional-2-4353359f4dd9.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/OfertaPromocional-2-4353359f4dd9.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
bb2558c9c4b3e88755478c6537eae4dc00e541f2cf09ee31d21768b18302636f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Fri, 01 Jul 2022 19:36:37 GMT
server
BIS
etag
09b33f5cc5818347b095da3e133cb6fef57e838a36ab273fc03d9c646849ce60
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
46172
content-disposition
inline; filename="OfertaPromocional-2-4353359f4dd9.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
22680
x-request-id
rSsIyxqXEcUwXHzpFi2ta
expires
Tue, 05 Jul 2022 13:12:36 GMT
OfertaPromocional-5-5ac8a6240581.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/OfertaPromocional-5-5ac8a6240581.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
3655796f4d2e8e80af60bf05bfe12b997eae81fca92fa1dc82a048162b347477

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Fri, 01 Jul 2022 19:37:08 GMT
server
BIS
etag
fd2c39c1c3282460633f076dad1cf9bc28dd1410d301e885e39da21883838b68
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
46172
content-disposition
inline; filename="OfertaPromocional-5-5ac8a6240581.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
21404
x-request-id
96Uh7tdQ8uwwR1u-AEdrI
expires
Tue, 05 Jul 2022 13:12:36 GMT
Oferta_Promocional-8-6715e271ea02.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/Oferta_Promocional-8-6715e271ea02.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
fb680c1c9b662106168796b5a537d6badae295900dd050730f68954a8ce2bf14

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Fri, 01 Jul 2022 19:51:25 GMT
server
BIS
etag
3e5b409446de688c56ada14fae2dc6aa31d4f76fac73cd8c96e0dbc35934b1e1
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
46172
content-disposition
inline; filename="Oferta_Promocional-8-6715e271ea02.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
18022
x-request-id
yZm6-d1zK81R9WevoOYgJ
expires
Tue, 05 Jul 2022 13:12:36 GMT
OfertaPromocional-6-5e1ec60d3c19.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/OfertaPromocional-6-5e1ec60d3c19.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
fee79ef8d1475723f50752472cc028c6b4adc01dc7a26de66a6ffe20496c58dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Fri, 01 Jul 2022 19:51:52 GMT
server
BIS
etag
64f5919aa86be56f71fae6be21ef984ded8d396474c955a51a075d6c9fb5ea03
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
46172
content-disposition
inline; filename="OfertaPromocional-6-5e1ec60d3c19.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
23862
x-request-id
q-gZheujHWW5_ZbOtMGHB
expires
Tue, 05 Jul 2022 13:12:36 GMT
OfertaPromocional-3-04fb26c1be43.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/OfertaPromocional-3-04fb26c1be43.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
eb8c82d1ab1ce8007808a9bd1d5711ed1f293b67d56c3e04dbff050d61c8eb2c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Fri, 01 Jul 2022 19:52:27 GMT
server
BIS
etag
87082f0f80aa6956712f79068d88df191e3752d84342f8ae9196d0ac050ee65f
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
46172
content-disposition
inline; filename="OfertaPromocional-3-04fb26c1be43.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
17008
x-request-id
yTF4yw5TxTHM3lI8zDu5l
expires
Tue, 05 Jul 2022 13:12:36 GMT
OfertaPromocional-4-50ae03a3f241.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/OfertaPromocional-4-50ae03a3f241.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
eed3e01d17a251924c451dd567a00dfbf2abbe1716205ad54d6c0cd59de515de

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Fri, 01 Jul 2022 20:30:16 GMT
server
BIS
etag
5b4d4526248d55e04d4387e8afde4f738cd71261e38e52feac6537e437538730
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
46172
content-disposition
inline; filename="OfertaPromocional-4-50ae03a3f241.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
24146
x-request-id
bHN68M731sSXGtalsXCR9
expires
Tue, 05 Jul 2022 13:12:36 GMT
OfertaPromocional-1-a7e255186799.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/OfertaPromocional-1-a7e255186799.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
3481c042434c4057c3d279a0a135423e56e4f80e7b17501c8ff8ebc3d289a486

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Fri, 01 Jul 2022 20:45:51 GMT
server
BIS
etag
60667880eb385240495b23354e935a940cc13dda21d58d9b9a4083324f346b0d
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
46172
content-disposition
inline; filename="OfertaPromocional-1-a7e255186799.png"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
23844
x-request-id
3fxhDO7DXbhZG0MXJwF7x
expires
Tue, 05 Jul 2022 13:12:36 GMT
Faixinha-Desktop-ame-63bce9e9c0a8-3b53317562a0.webp
images-shoptime.b2w.io/spacey/shop/2022/06/27/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/27/Faixinha-Desktop-ame-63bce9e9c0a8-3b53317562a0.webp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
e19a702c388ca86e622560526ee8c9c9a95dc5b4f06fbe926ad829d66ab61e45

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Tue, 28 Jun 2022 06:57:47 GMT
server
BIS
etag
c66f8f2fa7ab99abc9d97f7e461f627e192a9ed85e7cf98874b5022c53c2bfe7
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
49036
content-disposition
inline; filename="Faixinha-Desktop-ame-63bce9e9c0a8-3b53317562a0.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
17020
x-request-id
_Vlc-9lzLAdUSR8WqUghe
expires
Tue, 05 Jul 2022 13:12:36 GMT
bannerbrandingcartaoame-d978178564f9.png
images-shoptime.b2w.io/spacey/shop/2022/06/17/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/17/bannerbrandingcartaoame-d978178564f9.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
1763fb081768cfe29df287bec22cf9910cd3d119c423e2193f22ecc16956b42b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Sat, 18 Jun 2022 03:04:12 GMT
server
BIS
etag
f812cbafc50e9d88b58e4a09bcbb917ef71edd3ea850a96498e7c002854b2c3e
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
60038
content-disposition
inline; filename="bannerbrandingcartaoame-d978178564f9.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
24908
x-request-id
DwNNHs7KL0iXQFUt7hRo5
expires
Tue, 05 Jul 2022 13:12:36 GMT
banner_branding_inverno_shoptime_002-42132e6b2bec.png
images-shoptime.b2w.io/spacey/shop/2022/06/22/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/22/banner_branding_inverno_shoptime_002-42132e6b2bec.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
e41f3cbe0c9ad687bf50fcb5593a389206c89f0cff13a6d532add492d92994a6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Wed, 22 Jun 2022 20:12:24 GMT
server
BIS
etag
34fc4f1ff01177d398336f9237158c009319957fd7214a94fca94363d5441774
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
60038
content-disposition
inline; filename="banner_branding_inverno_shoptime_002-42132e6b2bec.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
54222
x-request-id
yFiafT2pfqgzwxl6kdIsR
expires
Tue, 05 Jul 2022 13:12:36 GMT
Banner-Branding-2-2c0f3c7f2b44.png
images-shoptime.b2w.io/spacey/shop/2022/06/15/ 		147 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/15/Banner-Branding-2-2c0f3c7f2b44.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
3573837acb09aab10fb864a33534320a08972a0c5a723f4b30323531af2f33ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Wed, 15 Jun 2022 21:55:31 GMT
server
BIS
etag
0ddceaefb9052e7b3ac8ff358a94daba7345d7f3f02c9cdb66eaf2dc70fa8c8c
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
48782
content-disposition
inline; filename="Banner-Branding-2-2c0f3c7f2b44.png"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
150808
x-request-id
bk7jZXiz-5xBPqGDZ2c03
expires
Tue, 05 Jul 2022 13:12:36 GMT
Banner-Branding-1-c87edf79c747.png
images-shoptime.b2w.io/spacey/shop/2022/06/28/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/28/Banner-Branding-1-c87edf79c747.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
bbad71e510f17c182161dc4489df2cae60120bd66c06ac83e88912922831a5ba

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Tue, 28 Jun 2022 20:33:42 GMT
server
BIS
etag
2a73f1cb0fbeeb1cd897ff1877978d9e402024f91b778785751e7ce4fb28f58f
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
46172
content-disposition
inline; filename="Banner-Branding-1-c87edf79c747.png"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
41296
x-request-id
Z0fQL-E9tGiZyQObHHWnT
expires
Tue, 05 Jul 2022 13:12:36 GMT
ComponenteBlog-FaixaDeTtulo-Desktop.png
images-shoptime.b2w.io/spacey/shop/2021/03/16/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2021/03/16/ComponenteBlog-FaixaDeTtulo-Desktop.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
ed95decbdc96850f87bc41e25e45861cfbc1648dd81ddea80a49b3ce7c66b3f0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Fri, 25 Feb 2022 12:49:17 GMT
server
BIS
etag
1b02577e3df908a5a7b6808dc66aacf3e5f4642710a282e3ebf28500b92b7ffa
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
52362
content-disposition
inline; filename="ComponenteBlog-FaixaDeTtulo-Desktop.png"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
8746
x-request-id
s3agqTY-ZFtO3cth2ag1M
expires
Tue, 05 Jul 2022 13:12:36 GMT
uwt.js
static.ads-twitter.com/ 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.ads-twitter.com/uwt.js
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
HTTP/1.1
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 13:12:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Jun 2022 16:20:35 GMT
Etag
"f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
Vary
Accept-Encoding,Host
x-tw-cdn
FT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache
X-Cache
HIT, HIT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
15166
X-Served-By
cache-iad-kcgs7200048-IAD, cache-hhn11577-HHN
ld.js
static.criteo.net/js/ld/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.criteo.net/js/ld/ld.js
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
HTTP/1.1
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
gzip
last-modified
Tue, 31 May 2022 05:07:22 GMT
server
nginx
etag
W/"6295a28a-a708"
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
expires
Tue, 05 Jul 2022 13:12:36 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C54F4VG00UN7QUNFBBJG&lib=ttq
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6b752dcc0e1a7704e2512964abc8c22e43f5ca960cf246545d228dbb42f51348

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-akamai-request-id
d541f82c.40db6187
date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-19.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time
95,23.36.161.221
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=9, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
2022070413123601000400300773500206303813C92
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,23.220.104.19
x-tt-trace-host
011cedac0bc11569987ff0e8ccb8853c6f9d87706419bea1605723e14eb454981187ee7a7faf7b388d33272c4e089c83c0a52e1a03ca1c85a22d74bf38638c94ddcaeed29b8b6d12d33188336c93bc517545fed22ccf59b90245ff2d3f2a62bc7e596c9ce075345d8c280ac25291c160ae
expires
Mon, 04 Jul 2022 13:12:36 GMT
Destaque-Desktop-922dca1a5384.png
images-shoptime.b2w.io/spacey/shop/2022/07/01/ 		285 KB
287 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/07/01/Destaque-Desktop-922dca1a5384.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
edfa4f0881911e4dc9b37a41391ceaa08f7c7ba566e0f7ffbaac54a89717b1e0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Mon, 04 Jul 2022 13:00:45 GMT
server
BIS
etag
dfa92085d9f11ab38bed20458ae8cb0f093bedc5de7132162aeeed4d0e87c542
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="Destaque-Desktop-922dca1a5384.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
292226
x-request-id
8qRjvUWEPfQ5p69GwiKcM
expires
Tue, 05 Jul 2022 13:12:36 GMT
Atalho42-a9748c289c72.png
images-shoptime.b2w.io/spacey/shop/2022/06/22/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/22/Atalho42-a9748c289c72.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
7e761de52b64667304d9563f88f6d006da3d7dc72085a2cafd0cd55e3671fa37

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Wed, 22 Jun 2022 20:22:51 GMT
server
BIS
etag
638694f6ba52b303a68b0a0dba238b17e260f75d0a4ee64aa8f165e98222e3ae
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
60038
content-disposition
inline; filename="Atalho42-a9748c289c72.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
3970
x-request-id
qBh8Ees3H39StjRNMQMyh
expires
Tue, 05 Jul 2022 13:12:36 GMT
Atalho47-9b3dc3afefa5.png
images-shoptime.b2w.io/spacey/shop/2022/06/22/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/22/Atalho47-9b3dc3afefa5.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
432f73ef7cddfc4b3527dc9a0d9109175b2777d2d869dec008d498e54b27c625

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Wed, 22 Jun 2022 20:22:51 GMT
server
BIS
etag
a539a78046743d0bf04c7e4e9a9fc6cf63d888fa3dbe0a89adf4ce3519e954bc
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
60038
content-disposition
inline; filename="Atalho47-9b3dc3afefa5.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
7984
x-request-id
slgbQVSuRD3oxIzgT1uHK
expires
Tue, 05 Jul 2022 13:12:36 GMT
Atalho46-d1b16a47e155.png
images-shoptime.b2w.io/spacey/shop/2022/06/22/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/22/Atalho46-d1b16a47e155.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
bb36e7c0c3496742829ec3b5035a5220fdcd4cc73c18d655c8f6cef3c90de99c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Wed, 22 Jun 2022 20:22:52 GMT
server
BIS
etag
6e38dc64380ef69294b022c114805703e513e1e65d2a70ce50a35bd95c9902f8
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
60038
content-disposition
inline; filename="Atalho46-d1b16a47e155.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
6172
x-request-id
iVTO0P6FmBIf4iaVbAxon
expires
Tue, 05 Jul 2022 13:12:36 GMT
Atalho43-48ade01144d4.png
images-shoptime.b2w.io/spacey/shop/2022/06/22/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/22/Atalho43-48ade01144d4.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
f469ed6aface62dfedc44e3a3fba6ba8d885a0299ff0fcad79d4bd94413f0270

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Wed, 22 Jun 2022 20:22:52 GMT
server
BIS
etag
038fa3b5bad085e6b2bc35c07f97ee97c87091e5fcfb804b92932dce9c0b07b2
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
60038
content-disposition
inline; filename="Atalho43-48ade01144d4.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
4292
x-request-id
m0snBhN6lrQe69XzCEKf6
expires
Tue, 05 Jul 2022 13:12:36 GMT
Atalho48-0ceb232d291c.png
images-shoptime.b2w.io/spacey/shop/2022/06/22/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/22/Atalho48-0ceb232d291c.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
1d833b6f76d672b633d8e9d55f261f5d53d128282af1756d3951b0522818edec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Wed, 22 Jun 2022 20:22:52 GMT
server
BIS
etag
065b136392f4275ac8de4f5942af0945eb89e459db710f8a5613c6def1b0c23a
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
60038
content-disposition
inline; filename="Atalho48-0ceb232d291c.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
9786
x-request-id
uaCDoM7q3q85p4ssn2O2J
expires
Tue, 05 Jul 2022 13:12:36 GMT
Atalho49-7dfb310563f1.png
images-shoptime.b2w.io/spacey/shop/2022/06/22/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/06/22/Atalho49-7dfb310563f1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
e9bbef5ac74c3b2a18b93dbdfc23a5bff55ecb90801d6b0c23dc826c15aac831

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Wed, 22 Jun 2022 20:22:52 GMT
server
BIS
etag
60215bce3d56d2d6b883e6c7dc3bbfba9c33bba29f03edcda52a04c44c1f137c
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
60038
content-disposition
inline; filename="Atalho49-7dfb310563f1.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
5942
x-request-id
xRbTzQFppMCOm7Yq7dvgg
expires
Tue, 05 Jul 2022 13:12:36 GMT
17425d6693fe-Blog11.png
images-shoptime.b2w.io/spacey/shop/2021/10/04/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2021/10/04/17425d6693fe-Blog11.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
312f6205cd9726642aa6420095bd8e5f7f4ab777d313335395529884b9b0950c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Tue, 15 Mar 2022 00:43:40 GMT
server
BIS
etag
f3a3f7a04bb8a6a50074f7570c36a93e48a9baf6b6690349650f23e8b292957a
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
52362
content-disposition
inline; filename="17425d6693fe-Blog11.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
21898
x-request-id
i5vMir6Qu6ViP-WUOV6fQ
expires
Tue, 05 Jul 2022 13:12:36 GMT
7b4489bcc154-Blog13.png
images-shoptime.b2w.io/spacey/shop/2021/10/04/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2021/10/04/7b4489bcc154-Blog13.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
9ecf3469a65e4a204e8c4ce275225fabf18a3823155218ed3eaa116daa1357b6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Fri, 25 Feb 2022 06:12:30 GMT
server
BIS
etag
78c21bad75c633e991a937f785eb3c7cc1ac934a3861f3facd6417f599d0cb55
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
52362
content-disposition
inline; filename="7b4489bcc154-Blog13.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
11570
x-request-id
a95kDk0Nm9PKlWs-iFErR
expires
Tue, 05 Jul 2022 13:12:36 GMT
f809cdb51bfb-Blog15.png
images-shoptime.b2w.io/spacey/shop/2021/10/04/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2021/10/04/f809cdb51bfb-Blog15.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
fb18cc27e7d71c2f5627d4fd78d6aa67f64f60e5e1b8e2f0e881c769c80abeec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Fri, 07 Jan 2022 20:01:18 GMT
server
BIS
etag
1aea3c84ee95193810a19afd74e1ff3680323e5bf8c58eba4a763c5c6221d58e
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
52362
content-disposition
inline; filename="f809cdb51bfb-Blog15.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
16412
x-request-id
OtpuW9fcQ3gRFBIFb0b4o
expires
Tue, 05 Jul 2022 13:12:36 GMT
377d813e9403-Blog14.png
images-shoptime.b2w.io/spacey/shop/2021/10/04/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2021/10/04/377d813e9403-Blog14.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
790a7f0d67ca1012527a613969640e706b6f0cfa64a8e52436b65280f27f9aaa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Mon, 14 Feb 2022 22:38:34 GMT
server
BIS
etag
15eab735022800398f66c9530d79edca4c5eacc1bf881d3fa1a5aab9ef756749
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
52362
content-disposition
inline; filename="377d813e9403-Blog14.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
21112
x-request-id
0kSVAuN_Hgtsp_iVkUmgX
expires
Tue, 05 Jul 2022 13:12:36 GMT
5024ce34e708-Blog12.png
images-shoptime.b2w.io/spacey/shop/2021/10/04/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2021/10/04/5024ce34e708-Blog12.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
8f9ab9e702cf4842e3af3367a41637d393eb793e0f029de9f2b5b53967b21980

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Mon, 14 Feb 2022 22:38:35 GMT
server
BIS
etag
323ef562a7579fa80a7d9182c585353178ffc707c84a0f7dc99ded503703631b
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
52362
content-disposition
inline; filename="5024ce34e708-Blog12.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
18926
x-request-id
pN6g6v-YgsifJcbPEvJxp
expires
Tue, 05 Jul 2022 13:12:36 GMT
d7964865dbd1-Blog16.png
images-shoptime.b2w.io/spacey/shop/2021/10/04/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2021/10/04/d7964865dbd1-Blog16.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
c7d06c344038ad18027b760f17c81147076557d4e6587043bf48f216dc362bd8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
173
date
Mon, 04 Jul 2022 13:12:36 GMT
x-edgeconnect-midmile-rtt
0
content-disposition
inline; filename="d7964865dbd1-Blog16.webp"
content-length
26200
x-request-id
jlP0FrrttIRBVgVdO3Gj8
last-modified
Sat, 16 Apr 2022 00:04:29 GMT
server
BIS
etag
db619972245d6151d9786dbe37bf425bbc928174601c245d94c5d1a08f9cebf0
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
52362
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
expires
Tue, 05 Jul 2022 13:12:36 GMT
electrolux-65b1fc6579a2.png
images-shoptime.b2w.io/spacey/shop/2022/03/09/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/03/09/electrolux-65b1fc6579a2.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
9829e72da9b68ab2f8a837b21509d2b240f1b99a726ad68d972290086e6998e4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Thu, 17 Mar 2022 13:19:00 GMT
server
BIS
etag
8e3a3fbcd8a73eb7dd248d55df7bd67ccfa888d89eadafb691abb8bc4363c7e6
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
52362
content-disposition
inline; filename="electrolux-65b1fc6579a2.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
28322
x-request-id
WszNWCr8_RBxaobPJ5VQ8
expires
Tue, 05 Jul 2022 13:12:36 GMT
89706506_2262760170700464_4167957330576539648_n.png
images-shoptime.b2w.io/spacey/shop/2020/09/08/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2020/09/08/89706506_2262760170700464_4167957330576539648_n.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
24bc2b7164d14fbc9bbb365cbea2f725356c4f0755ac71a87b7a41c59196192b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
328, 328
date
Mon, 04 Jul 2022 13:12:36 GMT
x-edgeconnect-midmile-rtt
8, 8
content-disposition
inline; filename="89706506_2262760170700464_4167957330576539648_n.webp"
content-length
29320
x-request-id
e_Ft3ZQ8BNZIdysJrzPZX
last-modified
Sat, 05 Mar 2022 18:43:57 GMT
server
BIS
etag
321cae04694f5a81a1a5f834ca6b71a8ca4c88aa102ed3dfc0568e908f5bb195
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
52362
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
expires
Tue, 05 Jul 2022 13:12:36 GMT
Banner_Parceirosssssss.png
images-shoptime.b2w.io/spacey/shop/2021/03/29/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2021/03/29/Banner_Parceirosssssss.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
2c6a983c582427264aad850153160dd16b05255b52e7b8dd44088672b923ae00

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Sun, 17 Oct 2021 22:30:56 GMT
server
BIS
etag
972712c36614dc694285a2c3779548341fde4a91ea9d9935a554c84411f0490a
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
42566
content-disposition
inline; filename="Banner_Parceirosssssss.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
24342
x-request-id
lyhzqf4bgCfET0XGV9Uwt
expires
Tue, 05 Jul 2022 13:12:36 GMT
banner_lojas_parceiras_orb1.png
images-shoptime.b2w.io/spacey/shop/2020/09/08/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2020/09/08/banner_lojas_parceiras_orb1.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
945dad3ce8fb522b671c0487740e46956c931710a3df0653a91c5cd314feb8e5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
264
date
Mon, 04 Jul 2022 13:12:36 GMT
x-edgeconnect-midmile-rtt
8
content-disposition
inline; filename="banner_lojas_parceiras_orb1.webp"
content-length
23778
x-request-id
NXdJKy9ri61xHtEXUrey8
last-modified
Mon, 28 Feb 2022 20:09:19 GMT
server
BIS
etag
724880bc50e0cf238d5623bcea74c043bc8e2c2fec1e0ce6a58da20158bd1bb8
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
52362
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
expires
Tue, 05 Jul 2022 13:12:36 GMT
camicado-4dc26c0e919f.png
images-shoptime.b2w.io/spacey/shop/2022/03/09/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2022/03/09/camicado-4dc26c0e919f.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
ad63f43f8d0a344aef9048c37bb1f97b6a789a7cbbe43aafc19e635364324018

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Thu, 17 Mar 2022 13:19:00 GMT
server
BIS
etag
e25a99a1ceacb7c34b52f23c1fdc9cf3f2dd6fa4d7e04e5b9165755b972d038a
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
52362
content-disposition
inline; filename="camicado-4dc26c0e919f.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
28946
x-request-id
UsUIJEtPq0MPiTIpFzocd
expires
Tue, 05 Jul 2022 13:12:36 GMT
Banner_Parceiros.png
images-shoptime.b2w.io/spacey/shop/2021/03/02/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2021/03/02/Banner_Parceiros.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
8d9a23d73c943ed850dc8fcb1ce422871fb21b1111cc0d4a163a3854e190514c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
last-modified
Thu, 17 Mar 2022 13:34:18 GMT
server
BIS
etag
7004545c85b8cac286e9d264310005b178589dbb73ed7a5ac583212f09d901b4
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
52362
content-disposition
inline; filename="Banner_Parceiros.png"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
45519
x-request-id
-BRyOgvqiFR3hEYuPElrs
expires
Tue, 05 Jul 2022 13:12:36 GMT
js
www.googletagmanager.com/gtag/ 		172 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YE0G1D4FLG&l=dataLayer&cx=c
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7411d7bbfcab0bd4c10643652a1aa3262e28fc8b56f4e93189ada3435952a0ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63840
x-xss-protection
0
expires
Mon, 04 Jul 2022 13:12:36 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
467
date
Mon, 04 Jul 2022 13:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 04 Jul 2022 15:04:49 GMT
destination
www.googletagmanager.com/gtag/ 		172 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-YE0G1D4FLG&l=dataLayer&cx=c
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ad7c2b0be1652327ad982ee83f857e8f6a4f73b626fe558c4cad3a596c8284cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63842
x-xss-protection
0
expires
Mon, 04 Jul 2022 13:12:36 GMT
graphql
catalogo-bff-v2-shoptime.b2w.io/ 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://catalogo-bff-v2-shoptime.b2w.io/graphql?operationName=getCuratedList&variables=%7B%22id%22%3A%2262c2dec4c9464a2b11c35d35%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%222013cbb37a2d674186c34f2b7396149c68d0fa4e57db6458bbff53e0bc8645d4%22%7D%7D
Requested by
Host: statics-shoptime.b2w.io
URL: https://statics-shoptime.b2w.io/catalog-statics/shop/js/2595.7881eedab0d241a3bdea.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
412c3661eefeca716dcb45ccf3b924abadb3896cf173f76c77bca67638508676

Request headers

hotjar
old
accept-language
nl-NL,nl;q=0.9
tiktok
new
x-tid
1656940353914.0.6915458110809469
userid
va_1656940353910.0.9059810211902692
device
desktop
promocional-test-ab
test
apollographql-client-name
catalogo-v3
pagetype
home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/json
buybox-test-ab
treatment1-abexperiment20210622
accept
*/*
Referer
http://rq1zcp.xyz/
onedaydeliveryfiltered
false
sessionid
1656940353910.0.6730526501682943
header-test-ab
new

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
gzip
server
openresty
x-cache-status
BYPASS
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1800, public
x-backend
backend
access-control-allow-headers
*
content-length
1999
x-request-id
eec6ea37-49c1-4c97-bdbe-9c9e84036a01
access-control-expose-headers
*
graphql
catalogo-bff-v2-shoptime.b2w.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://catalogo-bff-v2-shoptime.b2w.io/graphql?operationName=getCuratedList&variables=%7B%22id%22%3A%2262c2dec4c9464a2b11c35d35%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%222013cbb37a2d674186c34f2b7396149c68d0fa4e57db6458bbff53e0bc8645d4%22%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
apollographql-client-name,buybox-test-ab,content-type,device,header-test-ab,hotjar,onedaydeliveryfiltered,pagetype,promocional-test-ab,sessionid,tiktok,userid,x-tid
Access-Control-Request-Method
GET
Origin
http://rq1zcp.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
*
access-control-max-age
86400
date
Mon, 04 Jul 2022 13:12:36 GMT
server
openresty
x-backend
backend
x-cache-status
BYPASS
x-request-id
31c652bd-d1ea-44e0-89ba-5c3fe0d07dd7
recsForPlacements
mars-v1-shoptime-npf.b2w.io/rrserver/api/rrPlatform/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mars-v1-shoptime-npf.b2w.io/rrserver/api/rrPlatform/recsForPlacements?limit=12&includeMVTData=true&includeStrategyData=true&returnMinimalRecItemData=true&sessionId=1656940353910.0.6730526501682943&userId=va_1656940353910.0.9059810211902692&placements=home_page.personalizacao1%7Chome_page.personalizacao2%7Chome_page.personalizacao3&userAttribute=device%3Adesktop&categoryId=virtual-home
Requested by
Host: statics-shoptime.b2w.io
URL: https://statics-shoptime.b2w.io/catalog-statics/shop/js/2595.7881eedab0d241a3bdea.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3abb437fe2602892c2c3ee1d7a783a063bc004e27f57aef5553a3016882e5ab

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Jul 2022 13:12:37 GMT
content-encoding
gzip
content-length
808
vary
Accept-Encoding
content-type
application/json
DESK_imagem_shop.png
images-shoptime.b2w.io/spacey/shop/2021/06/21/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/spacey/shop/2021/06/21/DESK_imagem_shop.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
9d507c4e73b0e016bae77cb892bebe10f40b9a5435f8fc80e7ad1f39de8ffbb6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
600, 600
date
Mon, 04 Jul 2022 13:12:36 GMT
x-edgeconnect-midmile-rtt
0, 0
content-disposition
inline; filename="DESK_imagem_shop.webp"
content-length
32728
x-request-id
eJ6lBcIYc3krSqP55vkQe
last-modified
Thu, 03 Mar 2022 17:41:12 GMT
server
BIS
etag
89333c50977fa7887de052463bd4d3233b75cc4f4bc0de0afe1d33dc038bcb12
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
52362
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
expires
Tue, 05 Jul 2022 13:12:36 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=rq1zcp.xyz
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rq1zcp.xyz
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
syncframe
gum.criteo.com/ Frame F8A6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=rq1zcp.xyz&origin=onetag
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
http://rq1zcp.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 13:12:36 GMT
server-processing-duration-in-ticks
1927
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adsct
t.co/i/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=947fc4d2-f586-4d62-9d93-1cdabfbcc88f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=38f9081d-9d96-4bd3-955d-ddf1755003e4&tw_document_href=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ehn&type=javascript&version=2.4.12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time
104
date
Mon, 04 Jul 2022 13:12:36 GMT
server
tsa_f
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
26b07672627c901f8224834ae67913caea8a4306ab63e1423a3ce44c964984c3
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=947fc4d2-f586-4d62-9d93-1cdabfbcc88f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=38f9081d-9d96-4bd3-955d-ddf1755003e4&tw_document_href=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ehn&type=javascript&version=2.4.12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time
104
date
Mon, 04 Jul 2022 13:12:36 GMT
server
tsa_f
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
fc276e71c1b51c10c356748de1d4796185f53193b4dd965e3bc121ccbc05009c
content-length
43
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8e53ff1ed1e86e6e55ce41ddd909d8802b08b66ca24171ecae21c65b3da77c75

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-akamai-request-id
b8332fdb.40db66f6
date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time
120,23.36.161.221
server-timing
cdn-cache; desc=MISS, edge; dur=122, origin; dur=12, inner; dur=2
content-length
30649
pragma
no-cache
server
nginx
x-tt-logid
20220704131236010004003005006003007127069E6
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,23.220.104.7
x-tt-trace-host
011cedac0bc11569987ff0e8ccb8853c6f9d87706419bea1605723e14eb4549811fb1512116e548732bf0e4d78d5bce1e6b8ca0bd5e7446e80bcf631d4e52c317e1430e862a6ddcd92b363343a197422a44fefe887c738c8f24dbff795bc26964707e8f73388291c28e598645f77c98d7e
expires
Mon, 04 Jul 2022 13:12:36 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		878 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C54F4VG00UN7QUNFBBJG&hostname=rq1zcp.xyz
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e813bf481ff5b06df765643de3bd06b67984439e4ba88dba0bd015b5e139db5e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-akamai-request-id
7917cb.40db67ae
date
Mon, 04 Jul 2022 13:12:37 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-220-104-5.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time
107,23.36.161.221
server-timing
cdn-cache; desc=MISS, edge; dur=101, origin; dur=10, inner; dur=4
content-length
359
pragma
no-cache
server
nginx
x-tt-logid
2022070413123601000400500600302712B3F1BA
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
10,23.220.104.5
x-tt-trace-host
011cedac0bc11569987ff0e8ccb8853c6f9d87706419bea1605723e14eb4549811c3950ea0ec5d9eb79ae88d998a7a462a96d79610c4ea241be4a464be3aeac1f7c956878d9481f127fe988e1b96d28358b050d317a72f0d42540aea18fb53bfe22423c9bddcab25f6f0a560b95aba3f26
expires
Mon, 04 Jul 2022 13:12:37 GMT
collect
region1.google-analytics.com/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YE0G1D4FLG&gtm=2oe6t0&_p=443983574&_z=ccd.v9B&cid=675683029.1656940357&ul=en-us&sr=1600x1200&_s=1&sid=1656940356&sct=1&seg=0&dl=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou&dt=Shoptime%2C%20tudo%20pra%20voc%C3%AA%20e%20pra%20sua%20casa&en=page_view&_fv=1&_nsi=1&_ss=2&ep.transport=beacon&up.epar=&up.epar_midia=&up.epar_campanha=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YE0G1D4FLG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://rq1zcp.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collector
collector-pxxcro4kbp.px-cloud.net/api/v2/ 		18 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxcro4kbp.px-cloud.net/api/v2/collector
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
1066c86165eb47cacbc55a34aa66bae28955f7deed5926249030f98b70af8031

Request headers

Referer
http://rq1zcp.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://rq1zcp.xyz
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18
sid
mug.criteo.com/ Frame F8A6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=rq1zcp.xyz&sn=ChromeSyncframe&so=0&topUrl=rq1zcp.xyz&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=KJqbsHx3RzVxYVBxeWx1bmZFRXA0U1lLazBZQ2NwR3dGTmM0T0ZsRk5pd1lSa2pySGpsRUFXUlNOVGJCeGVmREpmZDQxaVptQ0hnNWRiOFp2d3lGZGNxUnRObFRYMEtQdTlpSndkV0t2OG1QVllpWkdKNUUrRk5YWkZpd0...
433 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=KJqbsHx3RzVxYVBxeWx1bmZFRXA0U1lLazBZQ2NwR3dGTmM0T0ZsRk5pd1lSa2pySGpsRUFXUlNOVGJCeGVmREpmZDQxaVptQ0hnNWRiOFp2d3lGZGNxUnRObFRYMEtQdTlpSndkV0t2OG1QVllpWkdKNUUrRk5YWkZpd0RiTEpDeVlWVFVueU8rc1IraEI5VWJFWFAxY2tNc0x1a21SdjJJdEViMUNGdW1EYTgrNCtKS1lIdUpkbDI4VENsZTd5SCsyRVhZeFExN0lrRm9kQkpZUTZLZE5NR3l3aGVYK3NNOHFtZDhsU0VmUG12RURwdkF0USsydW9Ocm5va0pIN3dXcnowRzB0ZFY5S01sdE1UYXpXdzdsa0ZZUT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
efbca8921a38c617c8311a1e8566a02d97432c8637ab17e82a1675b459d72e39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:37 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5577
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:36 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=KJqbsHx3RzVxYVBxeWx1bmZFRXA0U1lLazBZQ2NwR3dGTmM0T0ZsRk5pd1lSa2pySGpsRUFXUlNOVGJCeGVmREpmZDQxaVptQ0hnNWRiOFp2d3lGZGNxUnRObFRYMEtQdTlpSndkV0t2OG1QVllpWkdKNUUrRk5YWkZpd0RiTEpDeVlWVFVueU8rc1IraEI5VWJFWFAxY2tNc0x1a21SdjJJdEViMUNGdW1EYTgrNCtKS1lIdUpkbDI4VENsZTd5SCsyRVhZeFExN0lrRm9kQkpZUTZLZE5NR3l3aGVYK3NNOHFtZDhsU0VmUG12RURwdkF0USsydW9Ocm5va0pIN3dXcnowRzB0ZFY5S01sdE1UYXpXdzdsa0ZZUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1563
content-length
541
expires
0
pixel
analytics.tiktok.com/api/v2/ 		0
714 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C54F4VG00UN7QUNFBBJG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-249.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://rq1zcp.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
2ec9b841.40db6bc6
date
Mon, 04 Jul 2022 13:12:37 GMT
x-cache-remote
TCP_MISS from a23-45-180-189.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/10.8.3-42393607) (-)
x-parent-response-time
124,23.36.161.221
server-timing
cdn-cache; desc=MISS, edge; dur=98, origin; dur=28, inner; dur=14
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20220704131237010004005006003020131767A0
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
28,23.45.180.189
x-tt-trace-host
011cedac0bc11569987ff0e8ccb8853c6f9d87706419bea1605723e14eb454981117996e76a170c55b0a4362d32d1b90133859542329e7c56b656d1baa317d38678e2d2d96f132f4b0e3dfd87a6415f7ec0e9362c6577b32ac9cf39161d074e06e164514f2319de367b36e29f67e4ba0d6
expires
Mon, 04 Jul 2022 13:12:37 GMT
2945610060_1_medium.jpg
images-shoptime.b2w.io/produtos/2945610060/imagens/adaptador-para-esmerilhadeira-corta-galhos/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/produtos/2945610060/imagens/adaptador-para-esmerilhadeira-corta-galhos/2945610060_1_medium.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
c4546e890472f4e22f2c86b5427682ab2211121ab2843c59460b9451267c4f6e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:37 GMT
server
BIS
etag
5a092a9d512f7a7cd91b76f36146ad8b0ac7c15cd5bb262a031eeb7a7f8866ad
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="2945610060_1.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
6068
x-request-id
BNAiI6NhB6SvSbmBXE5Gb
expires
Tue, 05 Jul 2022 13:12:37 GMT
103042789_1_medium.jpg
images-shoptime.b2w.io/produtos/103042789/imagens/guarda-roupa-casal-3-portas-2-gavetas-istambul-espresso-moveis/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/produtos/103042789/imagens/guarda-roupa-casal-3-portas-2-gavetas-istambul-espresso-moveis/103042789_1_medium.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
97c91487f7abe937cd2685d4fdc7fae7046e1d862eff13fd353c0e0779e5e593

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:37 GMT
server
BIS
etag
8b008ef66220829c745b271333f9d7e5834eb2c7aa91018518b1322b97848502
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="103042789_1.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
5524
x-request-id
Lcp4V0dLToqVf9hWel_em
expires
Tue, 05 Jul 2022 13:12:37 GMT
3904614902_1_medium.jpg
images-shoptime.b2w.io/produtos/3904614902/imagens/edredom-casal-queen-coberdrom-de-sherpa-manta-felpuda-macia/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/produtos/3904614902/imagens/edredom-casal-queen-coberdrom-de-sherpa-manta-felpuda-macia/3904614902_1_medium.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
414e2dc70aa82096965c62276aebf4bf12de0e210e4e4c8cb2cb58e6fd1311b8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:37 GMT
server
BIS
etag
716036cd3a0684a43f791b3fe2241cd966f9d4e2e93de65d9023352af9626102
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
33632
content-disposition
inline; filename="3904614902_1.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
11722
x-request-id
vPKiqcbzus-qcrhOo2B0l
expires
Tue, 05 Jul 2022 13:12:37 GMT
2833431121P1.jpg
images-shoptime.b2w.io/produtos/01/00/img/2833431/1/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/produtos/01/00/img/2833431/1/2833431121P1.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
907b4ff1f8584a3203a602ff9fe2db71bebc4d55537f9b4d8e5e14250c4ebf7d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:37 GMT
last-modified
Mon, 04 Jul 2022 13:02:40 GMT
server
BIS
etag
1788346b4a2ea72c143ab473c85dfffed6de00b950aeb3e8dac7571e8c301c27
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="2833431121P1.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
6302
x-request-id
vuigVZbykIs2QQCvjU9F7
expires
Tue, 05 Jul 2022 13:12:37 GMT
1520737145P1.jpg
images-shoptime.b2w.io/produtos/01/00/img/1520737/1/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/produtos/01/00/img/1520737/1/1520737145P1.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
384dc8187634c396596392357e533e2b29afbd446ac7e1e8ff981dff4fe357db

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:37 GMT
last-modified
Sun, 05 Jun 2022 03:18:33 GMT
server
BIS
etag
4f1a1fded34b84b6f6685e5b9aa2c651b81b7c8963c8736944be0dcbabec3ebf
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="1520737145P1.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
7078
x-request-id
eKA8GvZ_tOVN86SkU3xpN
expires
Tue, 05 Jul 2022 13:12:37 GMT
3420720338P1.jpg
images-shoptime.b2w.io/produtos/01/00/img/3420720/3/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/produtos/01/00/img/3420720/3/3420720338P1.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
996c3049cf6ef78f2efec4c4bd3b28a8f937863381aad033034723378966bf2b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:37 GMT
last-modified
Tue, 07 Jun 2022 17:59:12 GMT
server
BIS
etag
d6d3c978cd73113a8b579f614e987c37ccc72664a6c7beb91f57228e3c6bdd03
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="3420720338P1.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
6800
x-request-id
jdcOjQ4Onjlr3dbsgz0qq
expires
Tue, 05 Jul 2022 13:12:37 GMT
133850842P1.jpg
images-shoptime.b2w.io/produtos/01/00/img/133850/8/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/produtos/01/00/img/133850/8/133850842P1.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
7573b2c5f1c4431a12b89ed832c52800c8fb1de390e3946a374c8c535226e2d9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:37 GMT
last-modified
Mon, 04 Jul 2022 04:30:18 GMT
server
BIS
etag
93df19845228b033c88c54065d90dc1ad570c47153fe2170a9cd6db6a0c6d6b5
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="133850842P1.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
10946
x-request-id
lwUE0VCK_iC0DGQgxs_Pp
expires
Tue, 05 Jul 2022 13:12:37 GMT
3591024142P1.jpg
images-shoptime.b2w.io/produtos/01/00/img/3591024/1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-shoptime.b2w.io/produtos/01/00/img/3591024/1/3591024142P1.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bae1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
BIS /
Resource Hash
977e7cd4579faebfe71fd6fcf8df76987cd5f918f7859f8fed6ccf295de0748b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:37 GMT
last-modified
Sat, 02 Jul 2022 01:47:47 GMT
server
BIS
etag
0749f473cd61ce735790733ad7d5f0d36a75d4323412f5601428a5ddf1f4b833
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
cache-control
public, max-age=86400
warning
47774
content-disposition
inline; filename="3591024142P1.webp"
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Authorization, charset, Content-Encoding, Location, Allow, X-TID, WWW-Authenticate, X-Access-Control-Realm, internalId, Accept-Encoding, Accept-Language, Access-Control-Request-Headers, Access-Control-Request-Method, Connection, Host, Origin, Pragma, Referer, X-Preview, log
content-length
5650
x-request-id
fZPOr_y83XrMtc7i_68k9
expires
Tue, 05 Jul 2022 13:12:37 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=443983574&t=pageview&_s=1&dl=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou&dp=%2F&ul=en-us&de=UTF-8&dt=Shoptime%2C%20tudo%20pra%20voc%C3%AA%20e%20pra%20sua%20casa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=898991781&gjid=906559359&cid=675683029.1656940357&tid=UA-97626372-2&_gid=850160216.1656940357&_r=1&gtm=2wg6t05CT9G4M&cg1=Home&cd2=1656940354590&cd3=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou&cd4=NAOMOBILE&cd8=&cd15=Home&cd16=&cd17=&cd21=&cd26=SHOP&cd44=Responsivo&cd104=SHOP%3AHome&cd129=undefined%2C%20undefined%2C%20undefined&z=1915950489
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://rq1zcp.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://rq1zcp.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=443983574&t=event&ni=1&_s=1&dl=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou&dp=%2F&ul=en-us&de=UTF-8&dt=Shoptime%2C%20tudo%20pra%20voc%C3%AA%20e%20pra%20sua%20casa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=teste-ab&ea=experiment_exposure&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=675683029.1656940357&tid=UA-97626372-2&_gid=850160216.1656940357&gtm=2wg6t05CT9G4M&cg1=Home&cd2=1656940354590&cd3=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou&cd4=NAOMOBILE&cd8=&cd15=Home&cd16=&cd17=&cd21=&cd26=SHOP&cd44=Responsivo&cd76=header-test-ab%3Anew%7Cheader-test-ab%3Anew%7Cbuybox-test-ab%3Atreatment1-abexperiment20210622%7Cpromocional-test-ab%3Atest&cd104=SHOP%3AHome&cd129=undefined%2C%20undefined%2C%20undefined&z=727427124
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 04:17:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32127
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-97626372-2&cid=675683029.1656940357&jid=898991781&gjid=906559359&_gid=850160216.1656940357&_u=YADAAEAAAAAAAC~&z=1198403465
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://rq1zcp.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 04 Jul 2022 13:12:37 GMT
content-type
text/plain
access-control-allow-origin
http://rq1zcp.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
557
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 04 Jul 2022 14:03:20 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YE0G1D4FLG&gtm=2oe6t0&_p=443983574&_z=ccd.v9B&cid=675683029.1656940357&ul=en-us&sr=1600x1200&sid=1656940356&sct=1&seg=0&dl=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou&dt=Shoptime%2C%20tudo%20pra%20voc%C3%AA%20e%20pra%20sua%20casa&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YE0G1D4FLG&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://rq1zcp.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://rq1zcp.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YE0G1D4FLG&gtm=2oe6t0&_p=443983574&_z=ccd.v9B&cid=675683029.1656940357&ul=en-us&sr=1600x1200&_s=3&sid=1656940356&sct=1&seg=0&dl=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou&dt=Shoptime%2C%20tudo%20pra%20voc%C3%AA%20e%20pra%20sua%20casa
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YE0G1D4FLG&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://rq1zcp.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://rq1zcp.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=8413&v=5.11.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd%26rvi%3D&p1=e%3Dvh%26pi%3DviewHome&p2=e%3Ddis&adce=1&bundle=CDaP4180QzQxc2hQM3pmQ3U5cWptZVhmMkhwZmtHJTJGNGhIUUp...
  • https://widget.us.criteo.com/event?a=8413&v=5.11.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd%26rvi%3D&p1=e%3Dvh%26pi%3DviewHome&p2=e%3Ddis&adce=1&bundle=CDaP4180QzQxc2hQM3pmQ3U5cWptZVhmMkhwZmtHJTJGNGhIUUp...
9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=8413&v=5.11.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd%26rvi%3D&p1=e%3Dvh%26pi%3DviewHome&p2=e%3Ddis&adce=1&bundle=CDaP4180QzQxc2hQM3pmQ3U5cWptZVhmMkhwZmtHJTJGNGhIUUpsdW01eWV6ZzdRejh5R0hnYW4wODdJY3JXd0h6JTJCemdkeTFPTFJRSzNESmJVb3k4dWFoVXdKJTJCM0puMzZFdDhIdCUyRnA0dkF5Z3o1bDQ1Mmxrak9xc3pFQXZ2WFhWa2tBUURxJTJGaiUyRmk5NjNNZWZKUVJjNTNzWE9KZ3clM0QlM0Q&tld=rq1zcp.xyz&fu=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou&dtycbr=7177
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c23f05e2d22ef44869e40ad31e83229938bfecdf83213077e7f9ac8fce8b591f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:37 GMT
server
Kestrel
timing-allow-origin
*
strict-transport-security
max-age=31536000; preload;
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
17189763
content-type
application/x-javascript
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:36 GMT
server
Kestrel
location
https://widget.us.criteo.com/event?a=8413&v=5.11.0&p0=e%3Dexd%26ci%3D%26site_type%3Dd%26rvi%3D&p1=e%3Dvh%26pi%3DviewHome&p2=e%3Ddis&adce=1&bundle=CDaP4180QzQxc2hQM3pmQ3U5cWptZVhmMkhwZmtHJTJGNGhIUUpsdW01eWV6ZzdRejh5R0hnYW4wODdJY3JXd0h6JTJCemdkeTFPTFJRSzNESmJVb3k4dWFoVXdKJTJCM0puMzZFdDhIdCUyRnA0dkF5Z3o1bDQ1Mmxrak9xc3pFQXZ2WFhWa2tBUURxJTJGaiUyRmk5NjNNZWZKUVJjNTNzWE9KZ3clM0QlM0Q&tld=rq1zcp.xyz&fu=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou&dtycbr=7177
strict-transport-security
max-age=31536000; preload;
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
18786580
timing-allow-origin
*
content-length
0
expires
0
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://rq1zcp.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
http://rq1zcp.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97626372-2&cid=675683029.1656940357&jid=898991781&_u=YADAAEAAAAAAAC~&z=1514807638
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-97626372-2&cid=675683029.1656940357&jid=898991781&_u=YADAAEAAAAAAAC~&z=1514807638
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
http://rq1zcp.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame A89A
Redirect Chain
  • https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fa...
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=995689222878061918
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=995689222878061918
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:37 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4175717
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 13:12:38 GMT
X-Proxy-Origin
31.204.152.220; 31.204.152.220; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8a9280a7-1ddc-4ad2-bf93-2ef3d7687f57
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=995689222878061918
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame A89A
Redirect Chain
  • https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D1005440%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx...
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2295302761289572641
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2295302761289572641
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:37 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2137264
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 13:12:38 GMT
X-Proxy-Origin
31.204.152.220; 31.204.152.220; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c5528b96-d3e7-4f8a-99a6-415940b455b4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2295302761289572641
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ul_cb/ Frame A89A
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-HzEUnm2RSmOm7dt-EUS08pXc_uwnWNCSqwhFuQ&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HzEUnm2RSmOm7dt-EUS08pXc_uwnWNCSqwhFuQ&expires=30
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HzEUnm2RSmOm7dt-EUS08pXc_uwnWNCSqwhFuQ&expires=30
Protocol
HTTP/1.1
Server
18.197.223.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-223-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 13:12:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-HzEUnm2RSmOm7dt-EUS08pXc_uwnWNCSqwhFuQ&expires=30
Date
Mon, 04 Jul 2022 13:12:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame A89A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-EfHPqG2RSmOm7dt-EUS08pXc_uwTBVgMfOo_ZQ&google_cm&google_hm=ay1FZkhQcUcyUlNtT203ZHQtRVVTMDhwWGNfdXdUQlZnT...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-EfHPqG2RSmOm7dt-EUS08pXc_uwTBVgMfOo_ZQ&google_cm=&google_hm=ay1FZkhQcUcyUlNtT203ZHQtRVVTMDhwWGNfdXdUQlZ...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-EfHPqG2RSmOm7dt-EUS08pXc_uwTBVgMfOo_ZQ&google_gid=CAESEKFcsrpfps90Bkkf-z7At_4&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-EfHPqG2RSmOm7dt-EUS08pXc_uwTBVgMfOo_ZQ&google_gid=CAESEKFcsrpfps90Bkkf-z7At_4&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:37 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1193276
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-EfHPqG2RSmOm7dt-EUS08pXc_uwTBVgMfOo_ZQ&google_gid=CAESEKFcsrpfps90Bkkf-z7At_4&google_cver=1&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame A89A 		49 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-tr4P5G2RSmOm7dt-EUS08pXc_uyt2q1s6of1vw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:37 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
content-length
49
expires
0
rum
r.casalemedia.com/ Frame A89A
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ip3fhm2RSmOm7dt-EUS08pXc_uwfE3JN0tq0rg
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ip3fhm2RSmOm7dt-EUS08pXc_uwfE3JN0tq0rg&C=1
43 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ip3fhm2RSmOm7dt-EUS08pXc_uwfE3JN0tq0rg&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72581d164b34b7a9-AMS
pragma
no-cache
date
Mon, 04 Jul 2022 13:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2F4Juck2gpP4DP0b%2Bm9BphmpFC9%2FfA6P3m9aIiPzKe9nBQczJRLHlzHcZ%2BZqjBYwSqMWpgB4DJe6JdPfMX9xvU%2BOGYuw8sQXsL0CMjcEKNV40FKpkYlqgT77mugewrqpLC6G"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9I%2Bj1WD6BzODfz%2Bh9JH6zIAkPC4UW4qCEDP4z7ivszXQn64cCh%2BN11ZBDweM6LdjigiwNr1R1PGgW%2FDNO9ad73Rl5Wn5aV8RveoYBtWdKoJ0gXqh8lYEnrDX%2BfXPHKztrPnK"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-ip3fhm2RSmOm7dt-EUS08pXc_uwfE3JN0tq0rg&C=1
cache-control
no-cache
cf-ray
72581d159a3ab83d-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
match
ad.360yield.com/ul_cb/ Frame A89A
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Dr1_BG2RSmOm7dt-EUS08pXc_ux4WFGBrz03gA
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Dr1_BG2RSmOm7dt-EUS08pXc_ux4WFGBrz03gA
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Dr1_BG2RSmOm7dt-EUS08pXc_ux4WFGBrz03gA
Protocol
H2
Server
54.155.65.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-65-255.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Jul 2022 13:12:38 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-Dr1_BG2RSmOm7dt-EUS08pXc_ux4WFGBrz03gA
date
Mon, 04 Jul 2022 13:12:38 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
397596.gif
idsync.rlcdn.com/ Frame A89A
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=wcYNbfKabx2t8u2VDD3Sz_IRYMWyB7Bj
42 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=wcYNbfKabx2t8u2VDD3Sz_IRYMWyB7Bj
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 13:12:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=wcYNbfKabx2t8u2VDD3Sz_IRYMWyB7Bj
date
Mon, 04 Jul 2022 13:12:37 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2495
content-length
197
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
cksync.php
contextual.media.net/ Frame A89A 		45 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-gjJdem2RSmOm7dt-EUS08pXc_uyI3aXw5a2CdQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 04 Jul 2022 13:12:38 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 04 Jul 2022 13:12:38 GMT
push
exchange.mediavine.com/usersync/ Frame A89A 		40 B
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-Xa0M0G2RSmOm7dt-EUS08pXc_uxKKVFPflD7xg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.175.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-175-32.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:37 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame A89A 		0
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-uD4KU22RSmOm7dt-EUS08pXc_ux6_c8wem9P-w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 13:12:38 GMT
Cache-Control
no-cache
X-TraceId
bb39603cadefce7c8692dddb92bc4129
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame A89A 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-fY-19W2RSmOm7dt-EUS08pXc_uxaf0DAqY6Itg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:36 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame A89A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-WFIwTG2RSmOm7dt-EUS08pXc_uzUP484Tv-axA&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
v1
match.sharethrough.com/sync/ Frame A89A 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-WnuSGG2RSmOm7dt-EUS08pXc_uylCu5EZeatug
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.158.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-158-44.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:38 GMT
/
s.ad.smaato.net/c/ Frame A89A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-dmOG3W2RSmOm7dt-EUS08pXc_uyo_SNsvFglLA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:de00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:38 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
7RQD1PHq3Fygupk0SO_GEMaVi8U2SAbVUbylcOctG0m1odJf_TmnkQ==
x-cache
FunctionGeneratedResponse from cloudfront
/
rtb-csync.smartadserver.com/redir/ Frame A89A 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-uhfe8W2RSmOm7dt-EUS08pXc_uxQtOjV4kMfrg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:38 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame A89A 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-BmrbFG2RSmOm7dt-EUS08pXc_uwUel-gM_7qnQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:38 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
39697
um
criteo-sync.teads.tv/ Frame A89A 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-o6vWeW2RSmOm7dt-EUS08pXc_uxVeHf-kkNaaw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 13:12:38 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 04 Jul 2022 13:12:38 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame A89A 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k--vSZMm2RSmOm7dt-EUS08pXc_uy934GhbMqZnA&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
v1
ads.yahoo.com/cms/ Frame A89A 		0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:38 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
sync
ups.analytics.yahoo.com/ups/58301/ Frame A89A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-nHuDdW2RSmOm7dt-EUS08pXc_uxHoxWRViXRGQ
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-nHuDdW2RSmOm7dt-EUS08pXc_uxHoxWRViXRGQ&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-nHuDdW2RSmOm7dt-EUS08pXc_uxHoxWRViXRGQ&verify=true
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:38 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-nHuDdW2RSmOm7dt-EUS08pXc_uxHoxWRViXRGQ&verify=true
date
Mon, 04 Jul 2022 13:12:38 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
m
ad.yieldlab.net/ Frame A89A 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-csiXJG2RSmOm7dt-EUS08pXc_uzXotNxGWmXtw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-132-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 13:12:38 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sun, 03 Jul 2022 13:12:38 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame A89A 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-XkSGhG2RSmOm7dt-EUS08pXc_uyFezxFX3b-fw&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.211.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-211-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 04 Jul 2022 13:12:38 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
28292
i6.liadm.com/s/ Frame A89A
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-a_Jnum2RSmOm7dt-EUS08pXc_uyyLzPCpaasKw
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-a_Jnum2RSmOm7dt-EUS08pXc_uyyLzPCpaasKw&_li_chk=true&previous_uuid=030de5565e0442caafdaa558319c1d21
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-a_Jnum2RSmOm7dt-EUS08pXc_uyyLzPCpaasKw
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-a_Jnum2RSmOm7dt-EUS08pXc_uyyLzPCpaasKw
Protocol
HTTP/1.1
Server
2600:1f18:444a:4680:700d:3b5d:9173:685 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 13:12:39 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-a_Jnum2RSmOm7dt-EUS08pXc_uyyLzPCpaasKw
Date
Mon, 04 Jul 2022 13:12:38 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
collector
collector-pxxcro4kbp.px-cloud.net/api/v2/ 		419 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxcro4kbp.px-cloud.net/api/v2/collector
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
63e97867d7406528142cc63eccd7902fe941d43709cfad21614d77785ef83315

Request headers

Referer
http://rq1zcp.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 04 Jul 2022 13:12:37 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://rq1zcp.xyz
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
419
demconf.jpg
dpm.demdex.net/ Frame A89A
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=3lZqGahBbXcpp-SLheRq-qoLsH9hYh0y
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3lZqGahBbXcpp-SLheRq-qoLsH9hYh0y
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3lZqGahBbXcpp-SLheRq-qoLsH9hYh0y
Protocol
HTTP/1.1
Server
34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-106-217.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v036-038f795ef.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Bilg4GbrTW4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v036-048bb44ec.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
RiwxrSBwS5Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=3lZqGahBbXcpp-SLheRq-qoLsH9hYh0y
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
x.bidswitch.net/ Frame A89A 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=117&user_id=k-HzEUnm2RSmOm7dt-EUS08pXc_uwnWNCSqwhFuQ&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.223.14 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-223-14.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 13:12:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
setuid
secure.adnxs.com/ Frame A89A 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k--KUMR22RSmOm7dt-EUS08pXc_ux3DloQ44vAdg&seg=1005440
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 13:12:38 GMT
X-Proxy-Origin
31.204.152.220; 31.204.152.220; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2d914a28-d582-4bfa-b190-97d441406e12
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
ads.yahoo.com/cms/ Frame A89A 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 13:12:38 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
m
ad.yieldlab.net/ Frame A89A 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-csiXJG2RSmOm7dt-EUS08pXc_uzXotNxGWmXtw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-132-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 13:12:38 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sun, 03 Jul 2022 13:12:38 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame A89A 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=%3Ccriteo%20user%20id%3E&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.211.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-211-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 04 Jul 2022 13:12:38 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
collector
collector-pxxcro4kbp.px-cloud.net/api/v2/ 		419 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxcro4kbp.px-cloud.net/api/v2/collector
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
71ea54f16a4dc0749cd9e23546cd166b7229fa9db90b0729f22b69b7e656c565

Request headers

Referer
http://rq1zcp.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 04 Jul 2022 13:12:38 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://rq1zcp.xyz
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
419
collector
collector-pxxcro4kbp.px-cloud.net/api/v2/ 		419 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-pxxcro4kbp.px-cloud.net/api/v2/collector
Requested by
Host: client.perimeterx.net
URL: http://client.perimeterx.net/PXxcro4kBp/main.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.220.186.35.bc.googleusercontent.com
Software
/
Resource Hash
1d68f12859ccf2aa2b984b1a6db2dda820f68172dd28a134f668768d6e2db053

Request headers

Referer
http://rq1zcp.xyz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 04 Jul 2022 13:12:39 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://rq1zcp.xyz
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
419

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/www-embed-player.js
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/nl_NL/base.js
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/nl_NL/base.js
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/www-embed-player.js
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/nl_NL/base.js
Domain
www.youtube.com
URL
https://www.youtube.com/s/player/0e7373c2/fetch-polyfill.vflset/fetch-polyfill.js
Domain
apiadapter.ad5track.com
URL
https://apiadapter.ad5track.com/v3/ads/shoptime?size=20&uid=va_1656940353910.0.9059810211902692&context=home&term=&placements=%7B%22home.2%22%3A%7B%7D%7D&referrer=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou
Domain
apiadapter.ad5track.com
URL
https://apiadapter.ad5track.com/v3/ads/shoptime?size=20&uid=va_1656940353910.0.9059810211902692&context=home&term=&placements=%7B%22home.2%22%3A%7B%7D%7D&referrer=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Lojas Americanas (Retail)

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| V_PATH object| dataLayer object| __APOLLO_STATE__ string| u object| googletag object| ggeac object| google_js_reporting_queue object| google_tag_manager object| google_tag_data undefined| script object| value undefined| google_measure_js_timing object| __LOADABLE_LOADED_CHUNKS__ object| client object| DD_RUM object| regeneratorRuntime string| _pxAppId object| onwebfileborderanimationend object| PXxcro4kBp object| PX undefined| _xcro4kBphandler string| hostname string| app_path string| urlAw object| languagesAw function| insertSealAw function| sealConditionAw function| xmlGetAw function| twq object| criteo_q string| TiktokAnalyticsObject object| ttq string| GoogleAnalyticsObject function| ga object| googleToken object| googleIMState function| processGoogleToken object| twttr object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| gaGlobal object| gaplugins object| gaData

50 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: MgkI_____wcQ1xI
rq1zcp.xyz/ Name: PHPSESSID
Value: i88dntlk02gms0c5bfekqumb35
.youtube.com/ Name: YSC
Value: 6PhBi3pUg7Q
.rq1zcp.xyz/ Name: _gcl_au
Value: 1.1.707712493.1656940355
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: Usf0OC4MO1A
.rq1zcp.xyz/ Name: _px_uAB
Value: NzY1NzZ8dHJ1ZQ==
.rq1zcp.xyz/ Name: _px_f394gi7Fvmc43dfg_user_id
Value: ZjhkMTYyZDAtZmI5YS0xMWVjLTg3ZGMtZTEwZTMzYjM1ODc1
.rq1zcp.xyz/ Name: pxcts
Value: f8e9e615-fb9a-11ec-9cc8-77676f626970
.rq1zcp.xyz/ Name: _pxvid
Value: f8e9cbcd-fb9a-11ec-9cc8-77676f626970
.twitter.com/ Name: personalization_id
Value: "v1_FCrD45BXXuPawjr/ZvS9Ww=="
.t.co/ Name: muc_ads
Value: 33545d40-22c7-435d-94c0-c690f5a5cdbe
.tiktok.com/ Name: _ttp
Value: 2BTqKI10ojosV8KexzI6dP9hzP4
.criteo.com/ Name: uid
Value: 393cdd84-d952-49a5-9731-93fc7cff2157
.rq1zcp.xyz/ Name: _tt_enable_cookie
Value: 1
.rq1zcp.xyz/ Name: _ttp
Value: 520d2b87-9ed1-4b88-91ea-6904acde217c
.rq1zcp.xyz/ Name: _ga
Value: GA1.2.675683029.1656940357
.rq1zcp.xyz/ Name: _gid
Value: GA1.2.850160216.1656940357
.rq1zcp.xyz/ Name: _gat_UA-97626372-2
Value: 1
.rq1zcp.xyz/ Name: _ga_YE0G1D4FLG
Value: GS1.1.1656940356.1.0.1656940357.0
.rq1zcp.xyz/ Name: cto_bundle
Value: CDaP4180QzQxc2hQM3pmQ3U5cWptZVhmMkhwZmtHJTJGNGhIUUpsdW01eWV6ZzdRejh5R0hnYW4wODdJY3JXd0h6JTJCemdkeTFPTFJRSzNESmJVb3k4dWFoVXdKJTJCM0puMzZFdDhIdCUyRnA0dkF5Z3o1bDQ1Mmxrak9xc3pFQXZ2WFhWa2tBUURxJTJGaiUyRmk5NjNNZWZKUVJjNTNzWE9KZ3clM0QlM0Q
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22fa0527e0-fb9a-11ec-a7af-0387ec74bd01%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22fa0527e0-fb9a-11ec-a7af-0387ec74bd01%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-Xa0M0G2RSmOm7dt-EUS08pXc_uxKKVFPflD7xg%22%2C%22version%22%3A%22criteo%22%7D
.media.net/ Name: visitor-id
Value: 2999419570217236000V10
.media.net/ Name: data-c-ts
Value: 1656940358
.media.net/ Name: data-c
Value: k-gjJdem2RSmOm7dt-EUS08pXc_uyI3aXw5a2CdQ~~3
.casalemedia.com/ Name: CMID
Value: YsLnRpt0-9Tv0bpneqKj0QAA
.casalemedia.com/ Name: CMPS
Value: 2227
.casalemedia.com/ Name: CMPRO
Value: 2227
.rlcdn.com/ Name: rlas3
Value: RqhdsAn4ZvPtEbVsE1gp97hj5Crobc0yplgVrPHeVbk=
.rlcdn.com/ Name: pxrc
Value: CAA=
.360yield.com/ Name: tuuid
Value: b1726465-3a25-4ad4-b204-caaba5f451f7
.360yield.com/ Name: tuuid_lu
Value: 1656940358
.bidswitch.net/ Name: tuuid
Value: 75989b02-3368-4ee6-884a-dc50bcc138d9
.bidswitch.net/ Name: c
Value: 1656940358
.bidswitch.net/ Name: tuuid_lu
Value: 1656940358
.360yield.com/ Name: um
Value: !38,q6LKsCNcj5ZFE3dWWG3Q2pdflJxMiRg8ushVVniQmlmOgP80hG9hpN6uV21HZoMFcfPfRdF3,1664716358
.360yield.com/ Name: umeh
Value: !38,0,1719148358,-1
.doubleclick.net/ Name: IDE
Value: AHWqTUk1WMZOBZF9z6JH2VsaGX2O8OrsXftWznpQ7FloJgXXJPjdMjXtsRpJiCeK60k
.adnxs.com/ Name: uuid2
Value: 2295302761289572641
.casalemedia.com/ Name: CMTS
Value: 5149
.demdex.net/ Name: demdex
Value: 82266531446983401930169762218979386327
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2H`eKT[7!!@wnfH1YdP.dEXlSkgaQ-Y7WWE2$eNqcvxf?TRMv+Nnj^(@VwBB'0haT=7MM?[fD32tc2cuKAh:P(hw9P-HC_#ttQY*zy^x
.dpm.demdex.net/ Name: dpm
Value: 82266531446983401930169762218979386327
.yahoo.com/ Name: A3
Value: d=AQABBEbnwmICEFmULGy8XwkZX3Wd80gCB4wFEgEBAQE4xGLMYgAAAAAA_eMAAA&S=AQAAArZa-oDqSPNPtbksHcxnJDo
.outbrain.com/ Name: obuid
Value: 00618566-231a-4f40-b80c-adfa4c9fc9ef
.outbrain.com/ Name: criteo
Value: k-uD4KU22RSmOm7dt-EUS08pXc_ux6_c8wem9P-w
.analytics.yahoo.com/ Name: IDSYNC
Value: 18zh~25tp
.liadm.com/ Name: lidid
Value: 030de556-5e04-42ca-afda-a558319c1d21
.rq1zcp.xyz/ Name: _px3
Value: 1a947b898c7c2a57eba183f8042f76b77e9b03e53878178b6ba4cdb7b3deee96:dQlVUWJd+AHj7F/bspGRpUsZuWlJ3JXymay/dIJzxdxXlU7tCfhLmBC1UVccV+BnJZ8Iyuo+fVNtipYGkrrKYg==:1000:kohPUFwBLB0gX3CA2NpnEJS+Dl/UbbNUBfEBWufrtDuw5Zy7/0fZ8Xy22//lVd6gqYrK1DnMUvcjnwIjso9jF9Q2FPbdAZ+NH1i2Y9jvc/QdWGstdDjzlTZxEtqxj8ZtT6qPbqK3W9L7Hqc2zByCBxGETy5T3Ox4pf6KL0Jf5ZJ9Tg3vbg4nsV+XbofwouteVkbY9wjJVCf2krKUwiHYdA==

6 Console Messages

Source Level URL
Text
network error URL: https://api.siteblindado.com/rq1zcp.xyz/info
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Message:
Access to XMLHttpRequest at 'https://apiadapter.ad5track.com/v3/ads/shoptime?size=20&uid=va_1656940353910.0.9059810211902692&context=home&term=&placements=%7B%22home.2%22%3A%7B%7D%7D&referrer=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou' from origin 'http://rq1zcp.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://apiadapter.ad5track.com/v3/ads/shoptime?size=20&uid=va_1656940353910.0.9059810211902692&context=home&term=&placements=%7B%22home.2%22%3A%7B%7D%7D&referrer=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://rq1zcp.xyz/?landingpage/sua-casa-precisou?chave=prf_hm_tt_0_1_suacasaprecisou
Message:
Access to XMLHttpRequest at 'https://apiadapter.ad5track.com/v3/ads/shoptime?size=20&uid=va_1656940353910.0.9059810211902692&context=home&term=&placements=%7B%22home.2%22%3A%7B%7D%7D&referrer=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou' from origin 'http://rq1zcp.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://apiadapter.ad5track.com/v3/ads/shoptime?size=20&uid=va_1656940353910.0.9059810211902692&context=home&term=&placements=%7B%22home.2%22%3A%7B%7D%7D&referrer=http%3A%2F%2Frq1zcp.xyz%2F%3Flandingpage%2Fsua-casa-precisou%3Fchave%3Dprf_hm_tt_0_1_suacasaprecisou
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: http://static.criteo.net/js/ld/ld.js
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
ads.yahoo.com
adservice.google.com
adservice.google.nl
analytics.tiktok.com
analytics.twitter.com
api.siteblindado.com
apiadapter.ad5track.com
catalogo-bff-v2-shoptime.b2w.io
client.perimeterx.net
cm.g.doubleclick.net
collector-pxxcro4kbp.px-cloud.net
contextual.media.net
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
images-shoptime.b2w.io
logs-referer.s3-sa-east-1.amazonaws.com
mars-v1-shoptime-npf.b2w.io
match.sharethrough.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
region1.google-analytics.com
rq1zcp.xyz
rtb-csync.smartadserver.com
s.ad.smaato.net
secure.adnxs.com
securepubads.g.doubleclick.net
selo.siteblindado.com
simage2.pubmatic.com
sslwidget.criteo.com
static.ads-twitter.com
static.criteo.net
statics-shoptime.b2w.io
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.co
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
youtube.com
apiadapter.ad5track.com
www.youtube.com
104.111.242.245
104.122.25.152
104.18.18.126
104.244.42.3
104.244.42.5
13.248.245.213
141.226.228.48
142.250.186.98
178.250.0.157
178.250.2.151
18.156.0.31
18.197.223.14
18.198.158.44
185.255.84.153
185.33.220.242
185.33.221.52
185.64.189.110
185.86.139.115
199.232.136.157
2.18.235.93
2001:4860:4802:34::36
216.58.212.130
23.36.163.249
2600:1f18:444a:4680:700d:3b5d:9173:685
2600:9000:223f:d600:0:ee2:240:93a1
2600:9000:223f:de00:1b:5138:8a40:93a1
2a00:1288:80:807::2
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9c
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00::210:bae1
2a06:98c1:3120::3
3.223.102.125
34.249.106.217
35.156.175.32
35.186.220.184
35.244.174.68
45.60.153.158
52.95.163.15
54.155.65.255
54.170.211.103
69.173.144.139
70.42.32.255
74.119.119.150
96.16.132.239
01fb24629611503ba4ea42ea9d94c1b82449d62985a6087c5e22e9e38b9b0ff6
02dc20acd1174e5aae7126893e26e1c43a99f174b744c04dbd8d5250a2aa789f
054358f30930d3e0cf2da7a97f202edca0dd2d987a975560beb9f2fdd64bc778
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
081b26433bd1ca389f3dca19b907a78a7c66075f9bd920e42d707bfcbc0bc976
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
1066c86165eb47cacbc55a34aa66bae28955f7deed5926249030f98b70af8031
11148ace6157cd94751922d3c17557609a94b6c2a56ebbf7efcfe1eefba2f27a
1194c840568bf9d2482c021edd67494d10e6c1127391b883e17e8fc0563b0c91
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
14308de43f4aee627ffa86c602b0972e8b175d0e08280508d08aeb03bd067415
1763fb081768cfe29df287bec22cf9910cd3d119c423e2193f22ecc16956b42b
1d68f12859ccf2aa2b984b1a6db2dda820f68172dd28a134f668768d6e2db053
1d833b6f76d672b633d8e9d55f261f5d53d128282af1756d3951b0522818edec
22744ecfa15c9f8877de869d99522530373b63a381b1592a0aa75e870bcb45bd
24bc2b7164d14fbc9bbb365cbea2f725356c4f0755ac71a87b7a41c59196192b
27e5e6f03d1878f7cb27d6f39ff4d4982af2ecde75bf664d95f69b2007967fb0
2b0bcdc289f66fca1f6111e430c7dee38f5cd041cd4304262d240a88dd47b8d9
2c6a983c582427264aad850153160dd16b05255b52e7b8dd44088672b923ae00
305adb6ae2ae7a7e29d37baf2fa6e0c303cda4adf859cd38f659a073332a1131
312f6205cd9726642aa6420095bd8e5f7f4ab777d313335395529884b9b0950c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3481c042434c4057c3d279a0a135423e56e4f80e7b17501c8ff8ebc3d289a486
3573837acb09aab10fb864a33534320a08972a0c5a723f4b30323531af2f33ef
3655796f4d2e8e80af60bf05bfe12b997eae81fca92fa1dc82a048162b347477
36b95cc8fe7ef83f58251e95188198ca17c795cfd46c83377478e85f3d3b0d1a
384dc8187634c396596392357e533e2b29afbd446ac7e1e8ff981dff4fe357db
39ca5a44a28087644185aa8aeeec0d55c1266b615c194a425c0136a71926f00b
3a4740c7a128058d299507440a7b32e2963705704e8db9e9c6dea2a389a8d409
3b8bfa505fc51242d5b2452e3bce6c89da12923fb0ad61f00ee72100c9cb3cd0
3c0c13488571b96abfa67469f01cf6dc44aa2273f1c33a510babb47099f45bda
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
412c3661eefeca716dcb45ccf3b924abadb3896cf173f76c77bca67638508676
414e2dc70aa82096965c62276aebf4bf12de0e210e4e4c8cb2cb58e6fd1311b8
432f73ef7cddfc4b3527dc9a0d9109175b2777d2d869dec008d498e54b27c625
47fec4d54946b3078bf6590827bce78ebd5a35fbdd8620c01b2b867668110271
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49d0f73063c2a21ef4d63e0a98d1de22a68cadc4d105c4c3d74a533b8825fb6f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e33f2a7f6caf3498bf3fd5d5d431a628f46a6aa97a82a2fea12e62ca2287be3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57537a24308ba82c9f39135258eda99e3db993e6544d1aa3f476239d175e21ac
57f2c68abd0062712c91387b9c85ce8acec069afb7c478333825bc726718fe44
5af0a440451f706ed81e33af27932311127a43d1e98c5bf4775dca7b09a3842a
5c3cf36341ec8d1360f65bde0077a14dc65cb27f812e4e174c1791d5f21b6699
5dbe4248e7bb72c2067d5f06a8472a8ae24cc882e510d2363d8ef020d2af5d6c
600a840381f63faad0c0f1cc243adbd269a33e0a43de96eeecface7597cbb33c
61cc20923acf14a4782e62a1776c24532171ad33a93416ef2b634b14430dcf43
63e97867d7406528142cc63eccd7902fe941d43709cfad21614d77785ef83315
6819e520d97df882e216b06ed17e871b33b93b8f13aa14a841c3270340af4454
69446645a655918885453ec3bdc097cbef5f07f32c66942d5d778ffbd0ea7a03
6b752dcc0e1a7704e2512964abc8c22e43f5ca960cf246545d228dbb42f51348
6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba
70cf7cbc9db4871f2e34720d793b68477adb167f432bcd928e2edb2d2e82f5d1
71ea54f16a4dc0749cd9e23546cd166b7229fa9db90b0729f22b69b7e656c565
72933a01e0eb9d260d2dfe11a7ffce9a939aed8efeff976ba30d1f6aa7fdf954
7330f6053bf4da6fb0ad65fa222a2b03a1dfdea11b0e21c344abc773b8eefe97
7411d7bbfcab0bd4c10643652a1aa3262e28fc8b56f4e93189ada3435952a0ba
7573b2c5f1c4431a12b89ed832c52800c8fb1de390e3946a374c8c535226e2d9
790a7f0d67ca1012527a613969640e706b6f0cfa64a8e52436b65280f27f9aaa
7cc57650e31ca356fa6f029648d12f8b350a16576bc6d6598670e629dd35c155
7e761de52b64667304d9563f88f6d006da3d7dc72085a2cafd0cd55e3671fa37
7f71132d45d6a3e5e743b693d517b001477a543d9c97ec95643976416ee4eb5b
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
871356132d8dfef020b0a40fe0d9f2f318e944f6d8291d90ecea7189c00a8739
888a9ec81e9b77dbb827c8a9b1ee1715bc19508901d280bdc1660fbb65091934
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d9a23d73c943ed850dc8fcb1ce422871fb21b1111cc0d4a163a3854e190514c
8e53ff1ed1e86e6e55ce41ddd909d8802b08b66ca24171ecae21c65b3da77c75
8e7445ad5cfd70beacfff90d87df1bcfa742f9d7173e7ebb891bb19dff65576e
8f9ab9e702cf4842e3af3367a41637d393eb793e0f029de9f2b5b53967b21980
907b4ff1f8584a3203a602ff9fe2db71bebc4d55537f9b4d8e5e14250c4ebf7d
945dad3ce8fb522b671c0487740e46956c931710a3df0653a91c5cd314feb8e5
96a6b8f39f89645db62625c94919df127418bf4429226dbce17c164ed33ea5e3
977e7cd4579faebfe71fd6fcf8df76987cd5f918f7859f8fed6ccf295de0748b
97c91487f7abe937cd2685d4fdc7fae7046e1d862eff13fd353c0e0779e5e593
9829e72da9b68ab2f8a837b21509d2b240f1b99a726ad68d972290086e6998e4
996c3049cf6ef78f2efec4c4bd3b28a8f937863381aad033034723378966bf2b
9d507c4e73b0e016bae77cb892bebe10f40b9a5435f8fc80e7ad1f39de8ffbb6
9ecf3469a65e4a204e8c4ce275225fabf18a3823155218ed3eaa116daa1357b6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a667cb9c96bddef52efa8819536f795ae97c341fd2e399d51939791882f76d2f
aa3d6891540420a854a7db06ab8c2e6dc55d031165808ba8e0c3f79935eebdb1
aa3dcd7a5e762b34850ff793858e62ef185e504cf53b1dd43453d5eb6e258252
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
aa78fd44e057b9e9e31cd6078264192559cf618e06266dfd1f53d4cdf958875b
abd1b92d11867358811abe9165333e36d91b95ad73803c5c507621d32b73606c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad63f43f8d0a344aef9048c37bb1f97b6a789a7cbbe43aafc19e635364324018
ad7c2b0be1652327ad982ee83f857e8f6a4f73b626fe558c4cad3a596c8284cf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b89f4fdab3af003cc0bb4ddf2fdbffbabdab3c98a2d6b3fa1442a0e3a464df4d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2558c9c4b3e88755478c6537eae4dc00e541f2cf09ee31d21768b18302636f
bb36e7c0c3496742829ec3b5035a5220fdcd4cc73c18d655c8f6cef3c90de99c
bbad71e510f17c182161dc4489df2cae60120bd66c06ac83e88912922831a5ba
bf91fe8cbc4f2d9ef41e522b3d4917a4d2dad4cbb1f133be1119fb3ea1bb6221
c23f05e2d22ef44869e40ad31e83229938bfecdf83213077e7f9ac8fce8b591f
c371c95e24b27bfb099903cccc1777b0f1f328606ddd46e9d92535f3358b84be
c4546e890472f4e22f2c86b5427682ab2211121ab2843c59460b9451267c4f6e
c7d06c344038ad18027b760f17c81147076557d4e6587043bf48f216dc362bd8
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d81bc2da6ee8afa6d5d1aaa1440da030ad2b43c167802f7e014f07ebb79cba01
d87bce70420254a962d8bed39b860d26589fd8230d01c92a64bc1f5b2d077c60
da2b07040681b126077e6efdedbb4f8bcac666839e35cca7707551dd139fa68e
da723b261743d289890cabd4fff26f28dfc9fe31d4fe2c172fd0c74890880964
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de3c6277727f25ae62b2de2e9bb9262355a85e2c0d23aca942dd24cd9a655594
dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463
e19a702c388ca86e622560526ee8c9c9a95dc5b4f06fbe926ad829d66ab61e45
e35922657bd3c47eda563ab0dc482eb2bc9cfe584bd146769428ab8794ec049f
e3abb437fe2602892c2c3ee1d7a783a063bc004e27f57aef5553a3016882e5ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41f3cbe0c9ad687bf50fcb5593a389206c89f0cff13a6d532add492d92994a6
e569dfdc4f0751e875356399e9b98e3b7342e77d9b13491ecba00583d78da8e2
e813bf481ff5b06df765643de3bd06b67984439e4ba88dba0bd015b5e139db5e
e9bbef5ac74c3b2a18b93dbdfc23a5bff55ecb90801d6b0c23dc826c15aac831
eb8c82d1ab1ce8007808a9bd1d5711ed1f293b67d56c3e04dbff050d61c8eb2c
ed95decbdc96850f87bc41e25e45861cfbc1648dd81ddea80a49b3ce7c66b3f0
edfa4f0881911e4dc9b37a41391ceaa08f7c7ba566e0f7ffbaac54a89717b1e0
ee7c5431faf488f443187de07949bd5a1ec428311564fa1954d859abbe5f2de6
eed3e01d17a251924c451dd567a00dfbf2abbe1716205ad54d6c0cd59de515de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbca8921a38c617c8311a1e8566a02d97432c8637ab17e82a1675b459d72e39
f469ed6aface62dfedc44e3a3fba6ba8d885a0299ff0fcad79d4bd94413f0270
f4e8a00582db67977fe4757fd85e51cdce1a236b874eaef7d9c59f4806dd3873
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb18cc27e7d71c2f5627d4fd78d6aa67f64f60e5e1b8e2f0e881c769c80abeec
fb680c1c9b662106168796b5a537d6badae295900dd050730f68954a8ce2bf14
febbbdc435f912974f0733c3d72590020bc88946536b4d87da61b32838ce7483
fee79ef8d1475723f50752472cc028c6b4adc01dc7a26de66a6ffe20496c58dc