refugiovistaserrana.com.br Open in urlscan Pro
186.202.153.226 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://refugiovistaserrana.com.br/
Effective URL:
https://refugiovistaserrana.com.br/
Submission: On February 22 via api (February 22nd 2022, 12:05:44 pm UTC) from US — Scanned from DE

Summary HTTP 119 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 23 domains to perform 119 HTTP transactions. The main IP is 186.202.153.226, located in Brazil and belongs to Locaweb Servicos de Internet SA, BR. The main domain is refugiovistaserrana.com.br.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on July 14th 2021. Valid for: a year.

This is the only time refugiovistaserrana.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 37	186.202.153.226 186.202.153.226	27715 (Locaweb S...) (Locaweb Servicos de Internet SA)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:7c6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:0:1:376:d400:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:1d97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	2606:4700:303... 2606:4700:3035::6815:18cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	78.46.57.120 78.46.57.120	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:231... 2600:9000:2315:7200:1b:84ac:d740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	3.239.232.212 3.239.232.212	14618 (AMAZON-AES) (AMAZON-AES)
5	52.216.250.190 52.216.250.190	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:254d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.226.91.122 34.226.91.122	14618 (AMAZON-AES) (AMAZON-AES)
1	52.20.78.240 52.20.78.240	14618 (AMAZON-AES) (AMAZON-AES)
1 2	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
18	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
119	30

37 186.202.153.226 (Brazil) 1 redirects

ASN27715 (Locaweb Servicos de Internet SA, BR)
PTR: hm8689.locaweb.com.br

refugiovistaserrana.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:7c6 (United States)

ASN13335 (CLOUDFLARENET, US)

themes.goodlayers2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:0:1:376:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.asksuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1d97 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.targeting.voxus.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.voxus.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:18cd (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

static.whatshelp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.57.120 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.120.57.46.78.clients.your-server.de

static.getbutton.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:7200:1b:84ac:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)

companies.asksuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.239.232.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-239-232-212.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.216.250.190 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:254d (United States)

ASN13335 (CLOUDFLARENET, US)

targeting.voxus.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

targeting.voxus.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.91.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-91-122.compute-1.amazonaws.com

api.voxus.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.78.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-78-240.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.50 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	refugiovistaserrana.com.br 1 redirects refugiovistaserrana.com.br	2 MB
18	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	1 MB
16	gstatic.com fonts.gstatic.com www.gstatic.com	275 KB
8	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 static.doubleclick.net — Cisco Umbrella Rank: 309	3 KB
6	amazonaws.com sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 4621 s3.amazonaws.com	89 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	429 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	221 KB
3	voxus.tv targeting.voxus.tv — Cisco Umbrella Rank: 273016 api.voxus.tv — Cisco Umbrella Rank: 265364	21 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	27 KB
3	voxus.com.br cdn.targeting.voxus.com.br — Cisco Umbrella Rank: 209641 targeting.voxus.com.br — Cisco Umbrella Rank: 191445	13 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	118 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 103	68 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 213	3 KB
2	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 350	2 KB
2	getbutton.io 1 redirects static.getbutton.io — Cisco Umbrella Rank: 33412	85 KB
2	asksuite.com cdn.asksuite.com — Cisco Umbrella Rank: 186856 companies.asksuite.com — Cisco Umbrella Rank: 205823	69 KB
2	goodlayers2.com themes.goodlayers2.com — Cisco Umbrella Rank: 978310
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 3219	281 B
1	google.de www.google.de — Cisco Umbrella Rank: 6342	548 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	whatshelp.io 1 redirects static.whatshelp.io — Cisco Umbrella Rank: 79981	578 B
119	23

	Domain	Requested by
37	refugiovistaserrana.com.br	1 redirects refugiovistaserrana.com.br
18	www.youtube.com	refugiovistaserrana.com.br www.youtube.com
12	fonts.gstatic.com	refugiovistaserrana.com.br fonts.googleapis.com s3.amazonaws.com www.youtube.com
5	s3.amazonaws.com	refugiovistaserrana.com.br s3.amazonaws.com
5	googleads.g.doubleclick.net	2 redirects refugiovistaserrana.com.br www.youtube.com
4	www.gstatic.com	www.youtube.com www.gstatic.com
4	www.facebook.com	refugiovistaserrana.com.br
4	connect.facebook.net	refugiovistaserrana.com.br
3	www.google.com	refugiovistaserrana.com.br www.youtube.com
3	www.googletagmanager.com	refugiovistaserrana.com.br
3	www.google-analytics.com	refugiovistaserrana.com.br www.google-analytics.com
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	secure.adnxs.com	1 redirects refugiovistaserrana.com.br
2	targeting.voxus.tv	refugiovistaserrana.com.br targeting.voxus.tv
2	targeting.voxus.com.br	cdn.targeting.voxus.com.br refugiovistaserrana.com.br
2	static.getbutton.io	1 redirects refugiovistaserrana.com.br
2	themes.goodlayers2.com	refugiovistaserrana.com.br
1	api.ipify.org	targeting.voxus.com.br
1	api.voxus.tv	targeting.voxus.com.br
1	sqs.us-east-1.amazonaws.com	cdn.asksuite.com
1	www.google.de	refugiovistaserrana.com.br
1	www.googleadservices.com	refugiovistaserrana.com.br
1	companies.asksuite.com	cdn.asksuite.com
1	fonts.googleapis.com	refugiovistaserrana.com.br
1	static.whatshelp.io	1 redirects
1	cdn.targeting.voxus.com.br	refugiovistaserrana.com.br
1	cdn.asksuite.com	refugiovistaserrana.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
119	30

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
myreservations.omnibees.com
casamentos.refugiovistaserrana.com.br
passeiovirtual.com.br
wa.me
instagram.com
www.google.com
hatcom.com.br
getbutton.io

Subject Issuer	Validity	Valid
www.refugiovistaserrana.com.br AlphaSSL CA - SHA256 - G2	`2021-07-14` - `2022-08-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.asksuite.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-03` - `2022-12-09`	a year	crt.sh
voxus.com.br Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-01` - `2022-03-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
queue.amazonaws.com Amazon	`2021-10-15` - `2022-10-07`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
api.voxus.tv Amazon	`2021-04-11` - `2022-05-10`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://refugiovistaserrana.com.br/
Frame ID: 5178AFE47C0019D8DE4A8DC6E0BE0923
Requests: 79 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F5235D1A537387C291C6252C0CB45BEC
Requests: 1 HTTP requests in this frame

Frame: https://s3.amazonaws.com/cdn.asksuite.com/inner-botchatframe.html?v=1644434997293
Frame ID: D0D8DB19E5FC31B9EA851B1AB6ABB50F
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 794F85DFEFA31CBEA25F363A3267AAF7
Requests: 1 HTTP requests in this frame

Frame: https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DRefugio%20Vista%20Serrana%26website_id%3D1909%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview
Frame ID: 4A24B9860B4B4B54DEE48B2F824245F9
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent
Frame ID: 940DCF7D82C958A2E4DDA1DDC5F8ECE2
Requests: 18 HTTP requests in this frame

Frame: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent
Frame ID: 35B3C7433A2E386064FB2A74BD13BA10
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hotel para eventos perto de São Paulo - Vista Serrana

Page URL History Show full URLs

http://refugiovistaserrana.com.br/ HTTP 301
https://refugiovistaserrana.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

119
Requests

97 %
HTTPS

73 %
IPv6

23
Domains

30
Subdomains

30
IPs

5
Countries

4111 kB
Transfer

10811 kB
Size

16
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/hotelrefugiovistaserrana/

Search URL Search Domain Scan URL

URL: https://myreservations.omnibees.com/default.aspx?q=6889
Title: Faça sua Reserva

Search URL Search Domain Scan URL

URL: http://casamentos.refugiovistaserrana.com.br/
Title: RVS Casamentos

Search URL Search Domain Scan URL

URL: http://passeiovirtual.com.br/tour360/hotel_recanto_vista_serrana/index.html
Title: Clique e faça um Tour Virtual

Search URL Search Domain Scan URL

URL: https://wa.me/5511996693007
Title: WhatsApp: (11) 99669-3007

Search URL Search Domain Scan URL

URL: http://instagram.com/vistaserrana/

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Hotel+Ref%C3%BAgio+Vista+Serrana/@-23.2826396,-46.5887689,17z/data=!3m1!4b1!4m5!3m4!1s0x94ceedf2378de847:0x45aacd49160eb658!8m2!3d-23.2826445!4d-46.5865802
Title: Clique e veja no Google Maps

Search URL Search Domain Scan URL

URL: http://hatcom.com.br/
Title: Desenvolvido por Hat.

Search URL Search Domain Scan URL

URL: http://getbutton.io/?utm_campaign=multy_widget&utm_medium=widget&utm_source=refugiovistaserrana.com.br
Title: GetButton

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://refugiovistaserrana.com.br/ HTTP 301
https://refugiovistaserrana.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://static.whatshelp.io/widget-send-button/js/init.js HTTP 301
https://static.getbutton.io/widget-send-button/js/init.js HTTP 302
https://static.getbutton.io/widget/bundle.js

Request Chain 82

https://secure.adnxs.com/seg?add=28903153&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D28903153%26t%3D2

Request Chain 96

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 101

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

119 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
refugiovistaserrana.com.br/
Redirect Chain

http://refugiovistaserrana.com.br/
https://refugiovistaserrana.com.br/

226 KB
226 KB

4062ms
3397ms

Document
text/html

186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://refugiovistaserrana.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: hm8689.locaweb.com.br
Software: Apache / PHP/7.3.28
Resource Hash: 9eeb6a5144f558b25f3b1c2dd97e4a6202a298966db49d59637294b93decc6ee

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 22 Feb 2022 12:05:27 GMT
Server: Apache
X-Powered-By: PHP/7.3.28
X-Pingback: https://refugiovistaserrana.com.br/xmlrpc.php
Link: <https://refugiovistaserrana.com.br/wp-json/>; rel="https://api.w.org/", <https://refugiovistaserrana.com.br/wp-json/wp/v2/pages/3720>; rel="alternate"; type="application/json", <https://refugiovistaserrana.com.br/>; rel=shortlink
Content-Length: 231202
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 22 Feb 2022 12:05:26 GMT
Server: Apache
Location: https://refugiovistaserrana.com.br/
Content-Length: 243
Connection: close
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 75ms
17ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 39
date: Tue, 22 Feb 2022 12:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Feb 2022 14:04:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 76 KB
30 KB 109ms
54ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPXB9TK

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57fc4930173a480fe561da419cdb22b54c64ffc5889ebc75238a18315d280b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30564
x-xss-protection: 0
expires: Tue, 22 Feb 2022 12:05:31 GMT

GET
H2 526 bg-pattern.png
themes.goodlayers2.com/hotelmaster/wp-content/uploads/2015/03/ 0
0 329ms
257ms Image
text/html 2606:4700:3035::6815:7c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://themes.goodlayers2.com/hotelmaster/wp-content/uploads/2015/03/bg-pattern.png
Requested by: Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:7c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v28/ 20 KB
20 KB 103ms
48ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refugiovistaserrana.com.br/
Origin: https://refugiovistaserrana.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 21:28:42 GMT
x-content-type-options: nosniff
age: 484609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 21:28:42 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGcnZzJTJGaW1hZ2VzJTJGZGFyayUyRnNvY2lhbC1pY29uJTJGZW1haWwucG5nJmNhY2hlTWFya2VyPTE2MDg3M...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 3 KB
4 KB 1011ms
537ms Image
image/png 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGcnZzJTJGaW1hZ2VzJTJGZGFyayUyRnNvY2lhbC1pY29uJTJGZW1haWwucG5nJmNhY2hlTWFya2VyPTE2MDg3MTU4MzYtMzI1MCZ0b2tlbj04MThkYWQwNjUzOGE3ZjM3.q.png

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

5488de84b2d27c56d586eeac4cf90cd822ac8f457aaed9a5e3050e3c81900c25

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:32 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 3250
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:32 GMT
Server: Apache
ETag: "59f8fe8204d8591dfa863c1f10c76975"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/themes/rvs/images/dark/social-icon/email.png>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:32 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGcnZzJTJGaW1hZ2VzJTJGZGFyayUyRnNvY2lhbC1pY29uJTJGZmFjZWJvb2sucG5nJmNhY2hlTWFya2VyPTE2M...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 3 KB
3 KB 1387ms
837ms Image
image/png 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGcnZzJTJGaW1hZ2VzJTJGZGFyayUyRnNvY2lhbC1pY29uJTJGZmFjZWJvb2sucG5nJmNhY2hlTWFya2VyPTE2MDg3MTU4MzYtMjk3NSZ0b2tlbj02OTE4ZjI1Yzc0ZDRiMmY0.q.png

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

7f7cb7375ee61179924161c6e2477d6cc7e131a8206343b2e479f6acdc45df44

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:32 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 2975
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:32 GMT
Server: Apache
ETag: "c837e317feec010e043cd100dd1e37f7"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/themes/rvs/images/dark/social-icon/facebook.png>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:32 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwNSUyRmxvZ29fcmVmdWdpb3Zpc3Rhc2VycmFuYS5wbmcmY2FjaGVNYXJrZXI9MTYwODcxNjUwO...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 33 KB
34 KB 1246ms
570ms Image
image/png 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwNSUyRmxvZ29fcmVmdWdpb3Zpc3Rhc2VycmFuYS5wbmcmY2FjaGVNYXJrZXI9MTYwODcxNjUwOC0zNDIxMyZ0b2tlbj1lNzIwZTU0NjZjZWZlMDI4.q.png

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

b913617ecb157e52dbc59ad7a242471949b0833ba37a6e743a68843dce69469c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:32 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 34213
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:32 GMT
Server: Apache
ETag: "8898660b73102eb1c73116b564856aed"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2017/05/logo_refugiovistaserrana.png>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:32 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 16 KB
17 KB 49ms
17ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refugiovistaserrana.com.br/
Origin: https://refugiovistaserrana.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 579943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 18:59:48 GMT

GET
H2 200 u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
20 KB 59ms
27ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refugiovistaserrana.com.br/
Origin: https://refugiovistaserrana.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 18:59:59 GMT
x-content-type-options: nosniff
age: 579932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19900
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:23:05 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 18:59:59 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
refugiovistaserrana.com.br/wp-content/themes/rvs/plugins/font-awesome-new/fonts/ 70 KB
70 KB 662ms
249ms Font
application/octet-stream 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL: https://refugiovistaserrana.com.br/wp-content/themes/rvs/plugins/font-awesome-new/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS: hm8689.locaweb.com.br
Software: Apache /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://refugiovistaserrana.com.br/
Origin: https://refugiovistaserrana.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:32 GMT
Last-Modified: Tue, 05 Nov 2019 00:20:42 GMT
Server: Apache
ETag: "40a642-118d8-5968e670d4a80"
Content-Type: text/plain
Connection: close
Accept-Ranges: bytes
Content-Length: 71896

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 16 KB
16 KB 116ms
84ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refugiovistaserrana.com.br/
Origin: https://refugiovistaserrana.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:54:44 GMT
x-content-type-options: nosniff
age: 504647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16408
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 15:54:44 GMT

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
19 KB 107ms
75ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refugiovistaserrana.com.br/
Origin: https://refugiovistaserrana.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 21:28:46 GMT
x-content-type-options: nosniff
age: 484605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19780
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 21:28:46 GMT

GET
H2 200 tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v18/ 22 KB
22 KB 118ms
87ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v18/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refugiovistaserrana.com.br/
Origin: https://refugiovistaserrana.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 19:31:01 GMT
x-content-type-options: nosniff
age: 491670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22476
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:10:34 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 19:31:01 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTUlMkYwMyUyRnBhcmFsbGF4X2NvbG9yaWRvLTEuanBnJmNhY2hlTWFya2VyPTE2MDg3MTU5NzItNjc4M...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 66 KB
67 KB 1977ms
494ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTUlMkYwMyUyRnBhcmFsbGF4X2NvbG9yaWRvLTEuanBnJmNhY2hlTWFya2VyPTE2MDg3MTU5NzItNjc4MzEmdG9rZW49MGRlYWVkNzlhYjRlMDZkOQ.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

7ed00c2de56b846a0a52c345cf7f88fd2432c595e31d92762bfc06447185c14b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:33 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 67831
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:33 GMT
Server: Apache
ETag: "f1c3276efae80d31774e7b831ff48b83"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2015/03/parallax_colorido-1.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:33 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
19 KB 114ms
114ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refugiovistaserrana.com.br/
Origin: https://refugiovistaserrana.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 21:28:42 GMT
x-content-type-options: nosniff
age: 484609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19740
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 21:28:42 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwOSUyRnJ2c181LTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTY1MTQtMjg3NjYmdG9rZ...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 28 KB
29 KB 2129ms
514ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwOSUyRnJ2c181LTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTY1MTQtMjg3NjYmdG9rZW49ZmI3MmU0NDRkMmY4OGVhZA.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

e426ccf4afd99cfa4b6e9c61ab4d0010ff3d0f527794caf3110532cc4884382b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:33 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 28766
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:33 GMT
Server: Apache
ETag: "ec10d507e339bb9a931c0a141b86ef43"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2017/09/rvs_5-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:33 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwOSUyRnJ2c18zLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTY1MTMtNDQyOTgmdG9rZ...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 43 KB
44 KB 1076ms
581ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwOSUyRnJ2c18zLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTY1MTMtNDQyOTgmdG9rZW49MjdlNmQ5NTBkNGU3N2FiZQ.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

17da644f9913dcea2c97ee66aef5d3ff4d9a17818472f6e48abf3934331524df

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:33 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 44298
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:33 GMT
Server: Apache
ETag: "9df2cf9c2f9ea48a01310bcda8699374"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2017/09/rvs_3-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:33 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTYlMkYxMCUyRlZTLTE5LTEtNDAweDMwMC5qcGcmY2FjaGVNYXJrZXI9MTYwODcxNjE5Ny0yMTQwMCZ0b...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 21 KB
21 KB 1081ms
492ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTYlMkYxMCUyRlZTLTE5LTEtNDAweDMwMC5qcGcmY2FjaGVNYXJrZXI9MTYwODcxNjE5Ny0yMTQwMCZ0b2tlbj00MTU5OWIxMDVkMDE2NmQ5.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

6078cc38fbc1a3ffe563802df8198a9cf4d8e40b26c57b2c91bca0e203fffb1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:33 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 21400
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:33 GMT
Server: Apache
ETag: "d8d7655cab75d0a90ea9bcb638f32680"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2016/10/VS-19-1-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:33 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwOSUyRnJ2c18yLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTY1MTItMzMzMjMmdG9rZ...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 33 KB
33 KB 932ms
509ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwOSUyRnJ2c18yLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTY1MTItMzMzMjMmdG9rZW49NWJiNjE2Y2JkMTA2OGE2Zg.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

16a9a096e753745409226c0a410096abf554939852aaa587f5a26cc8ea1414e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:33 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 33323
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:33 GMT
Server: Apache
ETag: "14af4db4480e99c76bb3727ab726857b"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2017/09/rvs_2-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:33 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTMlMkYxMiUyRlZTLTgtNDAweDMwMC5qcGcmY2FjaGVNYXJrZXI9MTYwODcxNTg5NC0zMDAwMiZ0b2tlb...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 29 KB
30 KB 912ms
496ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTMlMkYxMiUyRlZTLTgtNDAweDMwMC5qcGcmY2FjaGVNYXJrZXI9MTYwODcxNTg5NC0zMDAwMiZ0b2tlbj02MmFiMzk4MDU0NGJkYmFh.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

7325aaefa9a40162a03624cc4c3885d2f99bf618c9bd726bf172290f878b8d76

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:34 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 30002
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:34 GMT
Server: Apache
ETag: "f154b0cb7a38f89470305d079ce94662"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2013/12/VS-8-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:34 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTUlMkYwMyUyRmJhbmhlaXJhLTEtNDAweDMwMC5qcGcmY2FjaGVNYXJrZXI9MTYwODcxNTk1OC0zMTE5N...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 30 KB
31 KB 974ms
486ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTUlMkYwMyUyRmJhbmhlaXJhLTEtNDAweDMwMC5qcGcmY2FjaGVNYXJrZXI9MTYwODcxNTk1OC0zMTE5NCZ0b2tlbj02ZmQ4MWY2ZmZkY2IyOGM2.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

146e50cd89f6e3aa21adc75a28a801e9e603bfae674b8aa984385e0d32f4798a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:34 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 31194
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:34 GMT
Server: Apache
ETag: "416f9992ec73e8ab83791e6c999fead1"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2015/03/banheira-1-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:34 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTYlMkYxMCUyRkhSUy00NjExLTgwMHg1MzQtMS00MDB4MzAwLmpwZyZjYWNoZU1hcmtlcj0xNjA4NzE2M...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 41 KB
42 KB 1252ms
528ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTYlMkYxMCUyRkhSUy00NjExLTgwMHg1MzQtMS00MDB4MzAwLmpwZyZjYWNoZU1hcmtlcj0xNjA4NzE2MDk3LTQyMDM2JnRva2VuPWUwZDU4MGQ3MTEwYWYwZmM.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

629ebcfc890b333232ee2b9a9252c6b7e0980478c088f740f2854c2a3b221b69

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:35 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 42036
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:35 GMT
Server: Apache
ETag: "b3b433437f4cf9244b463edad2d639a3"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2016/10/HRS-4611-800x534-1-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:35 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTUlMkYwMyUyRnRyaWxoYS0xLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTU5OTYtNDA5ODAmd...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 40 KB
41 KB 1894ms
553ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTUlMkYwMyUyRnRyaWxoYS0xLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTU5OTYtNDA5ODAmdG9rZW49NzhmZDhhMTRjMDcyMzVhOQ.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

e3296df41d1fe5bd5e34cf373be372f6d864b8e2558502944fe214d109b726c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:35 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 40980
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:36 GMT
Server: Apache
ETag: "7b8b4704dc7b2541eeeabf8f669faab9"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2015/03/trilha-1-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:36 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwOSUyRnJ2c18xLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTY1MTItMjk3NzQmdG9rZ...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 29 KB
30 KB 1797ms
555ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwOSUyRnJ2c18xLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTY1MTItMjk3NzQmdG9rZW49NDIyNjA4ZDU4YzAwMjkzMQ.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

74a33ecbe844b3c6d3dfdccbfeea0dcf1a7dc18758863d4b1ded3c619552bf98

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:35 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 29774
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:36 GMT
Server: Apache
ETag: "9a291deb415ea3808aa03e2a57a65dd3"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2017/09/rvs_1-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:36 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTYlMkYxMCUyRkhSUy02MS04MDB4NTMwLTEtNDAweDMwMC5qcGcmY2FjaGVNYXJrZXI9MTYwODcxNjEyM...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 23 KB
24 KB 1806ms
560ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTYlMkYxMCUyRkhSUy02MS04MDB4NTMwLTEtNDAweDMwMC5qcGcmY2FjaGVNYXJrZXI9MTYwODcxNjEyMy0yMzk2OCZ0b2tlbj03MzY1MjdjNTE0OTgwN2Zj.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

1aebf49c6b99cdf057726fc31929336b729aeb1888a8539cb6e6c032cb99c00b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:35 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 23968
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:36 GMT
Server: Apache
ETag: "6d4f55f3c50f4dbb59defce98ee61a48"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2016/10/HRS-61-800x530-1-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:36 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTglMkYwNSUyRlZTLTIzMS00MDB4MzAwLmpwZyZjYWNoZU1hcmtlcj0xNjA4NzE2NTQxLTIwNDM4JnRva...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 20 KB
21 KB 929ms
513ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTglMkYwNSUyRlZTLTIzMS00MDB4MzAwLmpwZyZjYWNoZU1hcmtlcj0xNjA4NzE2NTQxLTIwNDM4JnRva2VuPTc4OTU2ZjNjY2JkMzNlMTk.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

249843d770f1c13c8fa19fd568513b83ef05a7c8d064233db4511431611628e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:35 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 20438
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:36 GMT
Server: Apache
ETag: "cf45f4e27c4477190061bb5ead5a8b37"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2018/05/VS-231-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:36 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTYlMkYxMCUyRkhSUy0xNzYtODAweDUzMC0xLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTYwM...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 33 KB
33 KB 883ms
468ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTYlMkYxMCUyRkhSUy0xNzYtODAweDUzMC0xLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTYwMzMtMzM1NTUmdG9rZW49NDliNWExMTNlNGY4Mjc3MA.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

e381e402114ecb59682a50861f731de6668c2b0b88c063ff39c361f880255b1b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:36 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 33555
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:36 GMT
Server: Apache
ETag: "87679498eb6590e2ec9d62d6b5d01034"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2016/10/HRS-176-800x530-1-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:36 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwMSUyRkhSUy0zNTItODAweDUzMC0xLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTYyN...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 26 KB
27 KB 898ms
484ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwMSUyRkhSUy0zNTItODAweDUzMC0xLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTYyNzItMjcwOTEmdG9rZW49ZGU3ZjczYWJlOTExM2VmYg.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

52903e11e672b316a8f79b15ed0a90691d6ecafd543d51bade85cfe60dc5a50b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:36 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 27091
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:36 GMT
Server: Apache
ETag: "fd4986cd656e77ea5e84441d358b497a"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2017/01/HRS-352-800x530-1-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:36 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwMSUyRkhSUy0zNTAtODAweDUzMC0xLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTYyN...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 34 KB
35 KB 962ms
537ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwMSUyRkhSUy0zNTAtODAweDUzMC0xLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTYyNzEtMzUyOTImdG9rZW49NTRmODhlM2VmNzMxYzNjNA.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

2ffe04346e9ef536f95ce793982deefcc58125b34a9e1ce30ec437c42c42c9f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:37 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 35292
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:37 GMT
Server: Apache
ETag: "c471e70642ef420933de97d780d1e0e7"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2017/01/HRS-350-800x530-1-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:37 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTUlMkYwMyUyRmNhZmUtMS00MDB4MzAwLmpwZyZjYWNoZU1hcmtlcj0xNjA4NzE1OTYzLTMwNTI4JnRva...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 30 KB
30 KB 947ms
530ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTUlMkYwMyUyRmNhZmUtMS00MDB4MzAwLmpwZyZjYWNoZU1hcmtlcj0xNjA4NzE1OTYzLTMwNTI4JnRva2VuPTZkMWFlZmYzOWRmYTU0ZmM.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

4a0bb1f0441546790e739c6dfff07d7701a98189ff15420c95cd7443cb584b75

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:37 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 30528
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:37 GMT
Server: Apache
ETag: "220aa420e2690d026877941db2c785bc"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2015/03/cafe-1-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:37 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwNSUyRkhSUy00MzItODAweDUzMy00MDB4MzAwLmpwZyZjYWNoZU1hcmtlcj0xNjA4NzE2NDc0L...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 23 KB
23 KB 987ms
519ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwNSUyRkhSUy00MzItODAweDUzMy00MDB4MzAwLmpwZyZjYWNoZU1hcmtlcj0xNjA4NzE2NDc0LTIzNDQ4JnRva2VuPThkYWZkZTViNzhiODQ1MmU.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

1337308df363cd7edd94031219e889375946224ab850404945c9ab5165631ae8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:37 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 23448
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:37 GMT
Server: Apache
ETag: "e2072f8b4849d84d91fe11db2f5e8048"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2017/05/HRS-432-800x533-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:37 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwNSUyRmFwdG9fNC04MDB4NTMwLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTY1MDQtM...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 21 KB
22 KB 920ms
505ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwNSUyRmFwdG9fNC04MDB4NTMwLTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTY1MDQtMjE4ODgmdG9rZW49M2MzNjgzYzVkNzM5NGVjMg.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

56a87ee003ef8a53124ba4492bd1713153d88da3effdd456123347fe97ab2868

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:37 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 21888
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:37 GMT
Server: Apache
ETag: "6f3a3cac70abacb90dd3ad77b3a28b33"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2017/05/apto_4-800x530-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:37 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwOSUyRnJ2c180LTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTY1MTMtMjYzNTQmdG9rZ...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 26 KB
26 KB 925ms
508ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTclMkYwOSUyRnJ2c180LTQwMHgzMDAuanBnJmNhY2hlTWFya2VyPTE2MDg3MTY1MTMtMjYzNTQmdG9rZW49OTVkMTZiN2M4YTllMTJmOQ.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

b6f4724525a4a7b9d6a05f316e0049db6f09c576a4288527f3e6d11dcc63099d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:37 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 26354
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:37 GMT
Server: Apache
ETag: "155c36893edd73d43b48d8698b970c04"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2017/09/rvs_4-400x300.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:37 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
446 B 130ms
25ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-173998601-1&cid=33298186.1645531532&jid=1724469335&gjid=758243145&_gid=748710824.1645531532&_u=IGBAgEABAAAAAE~&z=2071709792

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refugiovistaserrana.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Feb 2022 12:05:31 GMT
content-type: text/plain
access-control-allow-origin: https://refugiovistaserrana.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 42ms
41ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1864486020&t=pageview&_s=1&dl=https%3A%2F%2Frefugiovistaserrana.com.br%2F&ul=en-us&de=UTF-8&dt=Hotel%20para%20eventos%20perto%20de%20S%C3%A3o%20Paulo%20-%20Vista%20Serrana&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=1724469335&gjid=758243145&cid=33298186.1645531532&tid=UA-173998601-1&_gid=748710824.1645531532&z=557447727

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Feb 2022 12:57:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83267
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 240 B
240 B Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631

Request headers

Referer
Origin: https://refugiovistaserrana.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H/1.1 200
OK c2VydmljZT1idW5kbGVyJnI9Q1E4TUw5ZlQteVUmcj1HOTNuRDZGRGlxOCZyPUlZTWoxTzRRVWVFJnI9UUtEYXBPQ051LWcmcj1aVFlCd0xkWEZXcyZyPWNOS19fQ1VTbjdNJnI9bXY3T2s3QjNCYUEmcj1uZlNPMW5IekRpSSZyPXZFWGJYZVI0ZFN3JnI9eFJ1W... Show response
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 235 KB
39 KB 796ms
598ms XHR
text/plain 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9Q1E4TUw5ZlQteVUmcj1HOTNuRDZGRGlxOCZyPUlZTWoxTzRRVWVFJnI9UUtEYXBPQ051LWcmcj1aVFlCd0xkWEZXcyZyPWNOS19fQ1VTbjdNJnI9bXY3T2s3QjNCYUEmcj1uZlNPMW5IekRpSSZyPXZFWGJYZVI0ZFN3JnI9eFJ1WHFtRDQ2bkk.q.js

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

8f9fa49cc5123d0bb1cc83dcd6d6a57fd4c57f427d032dacaca82b6c6364030b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 39399
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:32 GMT
Server: Apache
ETag: "98091ebbf2b9c49583bec293490b24f2"
Vary: Accept-Encoding
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Expires: Wed, 22 Feb 2023 12:05:32 GMT

GET
H/1.1 200
OK c2VydmljZT1idW5kbGVyJnI9NXlYZTA2R1dMMG8mcj1kNnJpUDBWR05DMCZyPXNqWUtvWk9sMTFzJnI9eS1LeWZoRGtkc2s.q.js Show response
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 138 KB
18 KB 814ms
603ms XHR
text/plain 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9NXlYZTA2R1dMMG8mcj1kNnJpUDBWR05DMCZyPXNqWUtvWk9sMTFzJnI9eS1LeWZoRGtkc2s.q.js

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

0aeec4857194c5be46953fdcaa5e993f4043ff431669904021a0982410d75c5d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 17968
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:32 GMT
Server: Apache
ETag: "904f6d1146febb533654d3079105a861"
Vary: Accept-Encoding
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Expires: Wed, 22 Feb 2023 12:05:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
36 KB 70ms
42ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-43907301-1

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0f6d80c33a95761b003379aee574c496d7f23bb737d887aa6e247addd36da13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:32 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37328
x-xss-protection: 0
expires: Tue, 22 Feb 2022 12:05:32 GMT

GET
H2 200 infochat.js Show response
cdn.asksuite.com/ 272 KB
64 KB 112ms
23ms Script
application/javascript 2600:9000:223c:0:1:376:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.asksuite.com/infochat.js?dataConfig=https://control.asksuite.com/api/companies/hotel-refugio-vista-serrana
Requested by: Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:0:1:376:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d61d1405298450550cd161c3489be696dd0e8e84a0b0cfe025a51e94cb75be70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 02:23:03 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 19:31:01 GMT
server: AmazonS3
age: 35167
etag: "d9f368ae9bc9fde417fadaaf4b236ccb"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 65596
x-amz-cf-id: D0USZbXjQqSDMCpBcSMe8lAjMt9_UWD2_pkjP2S3G9OOQUAMl78fRg==

GET
H2 200 101092.js Show response
cdn.targeting.voxus.com.br/ 2 KB
1 KB 825ms
241ms Script
application/javascript 2606:4700:10::6816:1d97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.targeting.voxus.com.br/101092.js
Requested by: Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1d97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ef9d2ece4e30c4ba5c4851afed2a192a734ba442d0627d0a99b204f951403a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:33 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 22 Feb 2022 12:05:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 6e181554587a690f-FRA
content-length: 901
expires: Thu, 24 Mar 2022 12:16:26 GMT

GET
H/1.1 200
OK c2VydmljZT1zY3JpcHRzJnNyYz1odHRwcyUzQSUyRiUyRnJlZnVnaW92aXN0YXNlcnJhbmEuY29tLmJyJTJGd3AtaW5jbHVkZXMlMkZqcyUyRndwLWVtb2ppLXJlbGVhc2UubWluLmpzJTNGdmVyJTNENS41LjgmY2FjaGVNYXJrZXI9MjI4NTQ2.q.js Show response
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 14 KB
5 KB 1036ms
545ms Script
application/javascript 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1zY3JpcHRzJnNyYz1odHRwcyUzQSUyRiUyRnJlZnVnaW92aXN0YXNlcnJhbmEuY29tLmJyJTJGd3AtaW5jbHVkZXMlMkZqcyUyRndwLWVtb2ppLXJlbGVhc2UubWluLmpzJTNGdmVyJTNENS41LjgmY2FjaGVNYXJrZXI9MjI4NTQ2.q.js

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

5a37c6632c941f7791bb540072222d5cdf46907ea878eb50b813c33fb8349410

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Transfer-Encoding: chunked
Connection: close
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:37 GMT
Server: Apache
ETag: "7338532fed0ad5d63231759716fecd94"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Expires: Wed, 22 Feb 2023 12:05:37 GMT

GET
H2 526 bg-pattern.png
themes.goodlayers2.com/hotelmaster/wp-content/uploads/2015/03/ 0
0 271ms
271ms Image
text/html 2606:4700:3035::6815:7c6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://themes.goodlayers2.com/hotelmaster/wp-content/uploads/2015/03/bg-pattern.png
Requested by: Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:7c6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1 200
OK mM4RkFRJnI9Wm9FY2ZoVjFmSWcmcj1acGlDVkRmMG1pMCZyPWQ5ZlFWVTJuc1pnJnI9ZGhhZlRVbTlmc2smcj1lZFpmOWQ3YmM0OCZyPWg2SHNCZ3NkS0FrJnI9anUxdS1nYzYtakUmcj1ramdiM2xNaVllVSZyPWt5eWQ1SENnZ2ZNJnI9dFJMQk55dWRQenMmcj... Show response
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9MFIwS2VfX1hmUzAmcj0xNnFCTkduLXZ6SSZyPTVaZ1Ezek95MzQwJnI9OFdnS3RGdFU4OHcmcj1DdE82MDZFa1pEMCZyPUpUVDFyem90T2... 540 KB
142 KB 877ms
707ms XHR
text/plain 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1idW5kbGVyJnI9MFIwS2VfX1hmUzAmcj0xNnFCTkduLXZ6SSZyPTVaZ1Ezek95MzQwJnI9OFdnS3RGdFU4OHcmcj1DdE82MDZFa1pEMCZyPUpUVDFyem90T2dRJnI9TU55WWx4MzNrcmMmcj1OaURLYU9ZQk9aWSZyPVAyTFJtZldpMTNBJnI9UDh0ZDFsaVFzMmcmcj1QeHp0dmdpanhxTSZyPVZ1M2xid/mM4RkFRJnI9Wm9FY2ZoVjFmSWcmcj1acGlDVkRmMG1pMCZyPWQ5ZlFWVTJuc1pnJnI9ZGhhZlRVbTlmc2smcj1lZFpmOWQ3YmM0OCZyPWg2SHNCZ3NkS0FrJnI9anUxdS1nYzYtakUmcj1ramdiM2xNaVllVSZyPWt5eWQ1SENnZ2ZNJnI9dFJMQk55dWRQenMmcj13UDlWOUJacGFmMCZyPXlBSDJBMjFnck5BJnI9ejlZRGxLdFFRSFE.q.js

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

6406cb59c640ec503184ee64b5a801f424ce7ec9a48082ea6ace02f061bf4476

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 144663
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:33 GMT
Server: Apache
ETag: "294bce010cc077aded883b8489701984"
Vary: Accept-Encoding
Content-Type: text/plain;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Expires: Wed, 22 Feb 2023 12:05:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 54ms
18ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: zGo7175E5QGFxpeoFrDgtjCgnRMzAXLbqY4eNLQteTexISy67iQf3/1BSUjsNp+9Ib+GB1PCb891mupL57LFWA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 22 Feb 2022 12:05:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
51 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-56B5K5T

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7aa106ae44f66859b2181ca9981a35b7fc8a3c510773136040f89596aa4072e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52498
x-xss-protection: 0
expires: Tue, 22 Feb 2022 12:05:34 GMT

GET
H/1.1

200
OK

bundle.js Show response
static.getbutton.io/widget/
Redirect Chain

https://static.whatshelp.io/widget-send-button/js/init.js
https://static.getbutton.io/widget-send-button/js/init.js
https://static.getbutton.io/widget/bundle.js

266 KB
85 KB

49ms
48ms

Script
application/javascript

78.46.57.120
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getbutton.io/widget/bundle.js
Requested by: Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/
Protocol: HTTP/1.1
Server: 78.46.57.120 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.120.57.46.78.clients.your-server.de
Software: nginx/1.6.2 /
Resource Hash: ce62c40dd07ad8d31490b1e1d55c60055c5a51dc27abc05c4f1c278e3ac9991e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Feb 2022 16:00:12 GMT
Server: nginx/1.6.2
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: keep-alive
Expires: Tue, 22 Feb 2022 15:05:35 GMT

Redirect headers

Location: https://static.getbutton.io/widget/bundle.js
Date: Tue, 22 Feb 2022 12:05:35 GMT
Server: nginx/1.6.2
Connection: keep-alive
Content-Length: 160
Content-Type: text/html

GET
H/1.1 200
OK FnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGcGx1Z2lucyUyRm1hc3RlcnNsaWRlciUyRnB1YmxpYyUyRmFzc2V0cyUyRmNzcyUyRmNvbW1vbiUyRmxvYWRpbmctMi5naWYmY2FjaGVNYXJrZXI...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbW/ 3 KB
3 KB 1260ms
1147ms Image
image/gif 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbW/FnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGcGx1Z2lucyUyRm1hc3RlcnNsaWRlciUyRnB1YmxpYyUyRmFzc2V0cyUyRmNzcyUyRmNvbW1vbiUyRmxvYWRpbmctMi5naWYmY2FjaGVNYXJrZXI9MTYwODcxNTc1OS0yNzA3JnRva2VuPWJkODIzZjY1ZDg4YzZkMTM.q.gif

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

014e4b61c8d6dbafa792dbccb03d65d38675a32a8bde54f45a6e00b6805dd57a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:34 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 2707
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:35 GMT
Server: Apache
ETag: "962169751d0d57b14651b4903b3f18e9"
Vary: Accept
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/plugins/masterslider/public/assets/css/common/loading-2.gif>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 76ms
31ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,700|Merriweather:regular

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bc03a8a1191998ac4b866dcbd6d36f4d6b854c8eaf25a446e87d60ec1db703b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 11:56:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 12:05:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 12:05:34 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
27ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1864486020&t=pageview&_s=1&dl=https%3A%2F%2Frefugiovistaserrana.com.br%2F&ul=en-us&de=UTF-8&dt=Hotel%20para%20eventos%20perto%20de%20S%C3%A3o%20Paulo%20-%20Vista%20Serrana&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAAG~&jid=1326002713&gjid=177625329&cid=33298186.1645531532&tid=UA-43907301-1&_gid=748710824.1645531532&_r=1&gtm=2ou2g0&z=626094257

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://refugiovistaserrana.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 12:05:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://refugiovistaserrana.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 43ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.52

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: 7iDfz+wrVR2LmMlf1C0bnax/KVxAVDiDljQdUD7L4NA6BFEx9o7vyGMsxZ4+4HSMmg7lTqo19L5rL71Tnr7QTQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 22 Feb 2022 12:05:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 552982022205830 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 146ms
125ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/552982022205830?v=2.9.52&r=stable

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

db1abecd412c5d0c9dd117b99db7259cd474b98113c00caed483a41f14138775

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 47fpUhOk65C+Aw1/N9YbPOMQdhrZLl8sZm7REYwRCdREFIWRNwTvC7WH6r0HT6ZRRqVdTAiBUVN8pN1J6e8ikA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 22 Feb 2022 12:05:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGcGx1Z2lucyUyRmNvbnRhY3QtZm9ybS03JTJGYXNzZXRzJTJGYWpheC1sb2FkZXIuZ2lmJmNhY2hlTWFya2VyPTE2MDg3MTU1O...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 847 B
1 KB 886ms
461ms Image
image/gif 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGcGx1Z2lucyUyRmNvbnRhY3QtZm9ybS03JTJGYXNzZXRzJTJGYWpheC1sb2FkZXIuZ2lmJmNhY2hlTWFya2VyPTE2MDg3MTU1OTAtODQ3JnRva2VuPTU0YmUwM2ZiZDk4NDI1MzU.q.gif

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:38 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 847
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:38 GMT
Server: Apache
ETag: "c74520b2b5cd8297aa4601379ac8b50a"
Vary: Accept
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/plugins/contact-form-7/assets/ajax-loader.gif>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:38 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGcnZzJTJGaW1hZ2VzJTJGbWFzdGVyLXNsaWRlci1yaWdodC5wbmcmY2FjaGVNYXJrZXI9MTYwODcxNTgzNS0zM...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 3 KB
4 KB 577ms
523ms Image
image/png 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGcnZzJTJGaW1hZ2VzJTJGbWFzdGVyLXNsaWRlci1yaWdodC5wbmcmY2FjaGVNYXJrZXI9MTYwODcxNTgzNS0zMDA2JnRva2VuPThjMTdhZWY2MGFiZWIwNzk.q.png

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

515fa0cff500ab005110ac88fb6aff3b1d61e94127dd8d1c499f83bc1a106946

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:34 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 3006
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:35 GMT
Server: Apache
ETag: "bfb4c6f075df988c615084381f846a99"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/themes/rvs/images/master-slider-right.png>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:35 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGcnZzJTJGaW1hZ2VzJTJGbWFzdGVyLXNsaWRlci1sZWZ0LnBuZyZjYWNoZU1hcmtlcj0xNjA4NzE1ODM1LTI5O...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 3 KB
4 KB 838ms
579ms Image
image/png 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdGhlbWVzJTJGcnZzJTJGaW1hZ2VzJTJGbWFzdGVyLXNsaWRlci1sZWZ0LnBuZyZjYWNoZU1hcmtlcj0xNjA4NzE1ODM1LTI5OTgmdG9rZW49OWZkNjQ2ZTYyMjhjMDg5Yg.q.png

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

5d0a12295725a58baf7d0ad8a4739d44f81611a5d55fafde535a009d58decb5d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:35 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 2998
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:35 GMT
Server: Apache
ETag: "625e62ed284805a368e6db38131cd2e1"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/themes/rvs/images/master-slider-left.png>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:35 GMT

GET
H2 200 hotel-refugio-vista-serrana.json Show response
companies.asksuite.com/ 4 KB
5 KB 736ms
410ms XHR
text/json 2600:9000:2315:7200:1b:84ac:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://companies.asksuite.com/hotel-refugio-vista-serrana.json?firstAccess=1
Requested by: Host: cdn.asksuite.com
URL: https://cdn.asksuite.com/infochat.js?dataConfig=https://control.asksuite.com/api/companies/hotel-refugio-vista-serrana
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:7200:1b:84ac:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c748730011fc2fb8c84bae6938e59b2b90c50e02a37f707e2938a6cbc6b19b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:36 GMT
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
last-modified: Sun, 20 Feb 2022 19:34:50 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
etag: "f2cad553d844d1a9a1c77a36ced854b3"
access-control-allow-methods: PUT, POST, DELETE, GET
content-type: text/json
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
content-length: 4572
x-amz-cf-id: 8JFzOGayHlp9fe2FQfiEc41ervy9E8pGXZS14j6XkFm-XkbrRC0vBg==

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTglMkYwNSUyRnJ2czQuanBnJmNhY2hlTWFya2VyPTE2MDg3MTY1NDUtMjAyODA5JnRva2VuPTY1YWVhN...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 198 KB
199 KB 909ms
493ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTglMkYwNSUyRnJ2czQuanBnJmNhY2hlTWFya2VyPTE2MDg3MTY1NDUtMjAyODA5JnRva2VuPTY1YWVhNmRiNjlmMWQ4YTE.q.jpg

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

46de21a20e84aa0018cf61855fad2aec2ad6217a5c2d59e3cc8750113d89cc08

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:38 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 202809
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:38 GMT
Server: Apache
ETag: "6343fee95d76a42e7e013b93c4d6e0d8"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2018/05/rvs4.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:38 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 364ms
44ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 12:05:35 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 46ms
18ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,700|Merriweather:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://refugiovistaserrana.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 00:14:34 GMT
x-content-type-options: nosniff
age: 561060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 00:14:34 GMT

GET
H3 200 119606362051983 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 73ms
73ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/119606362051983?v=2.9.52&r=stable

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

52b633a947fe05813b24e1bc308a7da8ab980ac0626623921fbae3d1b5234929

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: wAraJzXVZoap/NcJupuD2D6/eZwKqBJ2kYbr1+dgwfixi/qc+LJA6Z6lrqNdiZS/hhxUGiZ/GA9+Ehj4G/3O3Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 22 Feb 2022 12:05:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 206ms
17ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=552982022205830&ev=PageView&dl=https%3A%2F%2Frefugiovistaserrana.com.br%2F&rl=&if=false&ts=1645531534792&sw=1600&sh=1200&v=2.9.52&r=stable&a=wordpress-5.5.8-3.0.4&ec=0&o=30&fbp=fb.2.1645531534790.2125337902&it=1645531534605&coo=false&rqm=GET

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 22 Feb 2022 12:05:34 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 18ms
17ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=119606362051983&ev=PageView&dl=https%3A%2F%2Frefugiovistaserrana.com.br%2F&rl=&if=false&ts=1645531534987&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.2.1645531534790.2125337902&it=1645531534605&coo=false&rqm=GET

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 22 Feb 2022 12:05:34 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/865256220/ 2 KB
2 KB 80ms
30ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/865256220/?random=1645531535040&cv=9&fst=1645531535040&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Frefugiovistaserrana.com.br%2F&tiba=Hotel%20para%20eventos%20perto%20de%20S%C3%A3o%20Paulo%20-%20Vista%20Serrana&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6702bb1b4ea53e5d9e79d5c4e4cc694355dc82e67b3a89ab0ec8b9271ef6abd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 12:05:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1040
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/865256220/ 42 B
548 B 77ms
30ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/865256220/?random=1645531535040&cv=9&fst=1645531200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Frefugiovistaserrana.com.br%2F&tiba=Hotel%20para%20eventos%20perto%20de%20S%C3%A3o%20Paulo%20-%20Vista%20Serrana&async=1&fmt=3&is_vtc=1&random=198311146&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 12:05:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/865256220/ 42 B
548 B 80ms
34ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/865256220/?random=1645531535040&cv=9&fst=1645531200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg2g0&sendb=1&frm=0&url=https%3A%2F%2Frefugiovistaserrana.com.br%2F&tiba=Hotel%20para%20eventos%20perto%20de%20S%C3%A3o%20Paulo%20-%20Vista%20Serrana&async=1&fmt=3&is_vtc=1&random=198311146&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Feb 2022 12:05:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F523 0
18 B 48ms
26ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://refugiovistaserrana.com.br
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/

Response headers

content-type: text/plain
access-control-allow-origin: https://refugiovistaserrana.com.br
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Tue, 22 Feb 2022 12:05:35 GMT

GET
H/1.1 200
OK site-visits Show response
sqs.us-east-1.amazonaws.com/627793480922/ 378 B
658 B 683ms
125ms XHR
text/xml 3.239.232.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/627793480922/site-visits?Action=SendMessage&MessageBody=hotel-refugio-vista-serrana
Requested by: Host: cdn.asksuite.com
URL: https://cdn.asksuite.com/infochat.js?dataConfig=https://control.asksuite.com/api/companies/hotel-refugio-vista-serrana
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.239.232.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-239-232-212.compute-1.amazonaws.com
Software: /
Resource Hash: 141437c2fdb7631a1f0b556b15e69c716c16c5be5920b82be63f71498ad9e43b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-RequestId: 4caaa014-01f7-57fc-91e1-fa9ad2387ebb
Date: Tue, 22 Feb 2022 12:05:36 GMT
Content-Length: 378
Content-Type: text/xml

GET
H/1.1 200
OK infochat.css
s3.amazonaws.com/cdn.asksuite.com/ 41 KB
5 KB 447ms
118ms Stylesheet
text/css 52.216.250.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.asksuite.com/infochat.css?v=1644434997293
Requested by: Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.250.190 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cc7efa7efa14aa62ce1161bba4e4498125600e5dbc7b1127ff3f8a5cbd86d0b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 19:31:03 GMT
Server: AmazonS3
x-amz-request-id: Y4P9P10PYT3343KF
ETag: "50cb7a8ee5e49da99053da3525b173eb"
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 4383
x-amz-id-2: xmQhhEBMZM4tGxsLM5X+DmR4pfPHjnMrXHjiuc06kzLIzWG+FLrisOfmLKSANKuLvgnimCyrq7k=

GET
H/1.1 200
OK inner-botchatframe.html Show response
s3.amazonaws.com/cdn.asksuite.com/ Frame D0D8 17 KB
5 KB 444ms
117ms Document
text/html 52.216.250.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.asksuite.com/inner-botchatframe.html?v=1644434997293
Requested by: Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.250.190 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 79598d7b5ee411a7c899e5541b46012c8e0409081a2b52c3200559d951dfdffb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/

Response headers

x-amz-id-2: cHHUkxU2uCYva+DFOwe3oEdfJ2UPwfgfKpjHGroZxEdiOpGQUu67Dg+ticUQHyG6WKe9saPeRwk=
x-amz-request-id: Y4P4NHSZA7WF0S4Z
Date: Tue, 22 Feb 2022 12:05:36 GMT
Last-Modified: Wed, 09 Feb 2022 19:30:53 GMT
ETag: "55ae3c5343d9cb82d3a32b31bc8c9035"
Cache-Control: max-age=604800
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Type: text/html;charset=utf-8
Server: AmazonS3
Content-Length: 4644

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 794F 0
15 B 18ms
17ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://refugiovistaserrana.com.br
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/

Response headers

content-type: text/plain
access-control-allow-origin: https://refugiovistaserrana.com.br
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Tue, 22 Feb 2022 12:05:35 GMT

GET
H2 200 / Show response
targeting.voxus.com.br/v/ 7 B
285 B 290ms
206ms XHR
text/html 2606:4700:10::ac43:254d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.voxus.com.br/v/
Requested by: Host: cdn.targeting.voxus.com.br
URL: https://cdn.targeting.voxus.com.br/101092.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:254d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 936f8569f0f6e031fbeb7d824e40680da55073b2f60594d52ebd51b3138a9cf2

Request headers

Referer: https://refugiovistaserrana.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 22 Feb 2022 12:05:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 21 Feb 2022 20:46:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
access-control-allow-origin: *
cf-ray: 6e181561f8e091e7-FRA
access-control-allow-headers: sentry-trace

GET
H/1.1 200
OK app.js Show response
s3.amazonaws.com/cdn.asksuite.com/ Frame D0D8 189 KB
58 KB 114ms
114ms Script
application/javascript 52.216.250.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.asksuite.com/app.js?v=1644434997293
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.asksuite.com/inner-botchatframe.html?v=1644434997293
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.250.190 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8cae10d998ded4ba22f627c5cb11a19dca9fdea5c6b2cf9dfb70e53e5c047401

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/cdn.asksuite.com/inner-botchatframe.html?v=1644434997293
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 19:30:58 GMT
Server: AmazonS3
x-amz-request-id: Y4PF9YSD6WXAQN6M
ETag: "bc44462f5c7bc2b95f5348f3b07a81fb"
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 58686
x-amz-id-2: fzyaBqObxjK2RDJzaJrM1seeQlpSRpOnOEPSGrGO9WuErAV70uvHPfxY28UD0zZ7zBKaLRbsLbA=

GET
H3 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v3/ Frame D0D8 17 KB
17 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.asksuite.com/inner-botchatframe.html?v=1644434997293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27ae72daf88c7431896929273087c99910d019ae82dc0af7d86505c0f5ef5dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s3.amazonaws.com/
Origin: https://s3.amazonaws.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 20:18:02 GMT
x-content-type-options: nosniff
age: 488853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17156
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:52:04 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 20:18:02 GMT

GET
H2 200 1010929.js Show response
targeting.voxus.com.br/clients/ 47 KB
11 KB 281ms
281ms Script
application/javascript 2606:4700:10::6816:1d97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.voxus.com.br/clients/1010929.js?v=1083400
Requested by: Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1d97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c0fa8915f262b0780873f1f2d1959db2aaab790321eea99a794ee6c2dad7508

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:36 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 22 Feb 2022 12:05:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
cf-ray: 6e1815635b39690f-FRA
access-control-allow-headers: sentry-trace
content-length: 11292
expires: Thu, 24 Mar 2022 12:11:13 GMT

GET
H/1.1 200
OK 9c62c373-788e-4b5a-9fb5-78204bf9f2ac.png
s3.amazonaws.com/solvus-dev/files/asksuite-img/ 9 KB
9 KB 137ms
137ms Image
application/octet-stream 52.216.250.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/solvus-dev/files/asksuite-img/9c62c373-788e-4b5a-9fb5-78204bf9f2ac.png
Requested by: Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.250.190 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 43572d1f547307155a0d1e985f1b55d30d2f8369ed85dec3aa4f9b92c5be0f92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:37 GMT
Last-Modified: Fri, 06 Jul 2018 13:41:04 GMT
Server: AmazonS3
x-amz-request-id: 8EVSGGPC2WDT2PW3
ETag: "d7451eb4680910611769118299196d8a"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 8865
x-amz-id-2: q5zYRcWc0a1p4uLJjV7Dzd0WrYVwBoP6OHwaEeQopQiZ0TY4Sk02ulanwd3OKKJyopMNz7arxm0=

GET
H/1.1 200
OK compiled_botchat.css
s3.amazonaws.com/cdn.asksuite.com/ Frame D0D8 51 KB
12 KB 112ms
112ms Stylesheet
text/css 52.216.250.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.asksuite.com/compiled_botchat.css?v=1644434997293
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.asksuite.com/app.js?v=1644434997293
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.250.190 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e78f371c2211b24a5016d701b4a4b174a6326e7564fae52922bbec5f603dd469

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/cdn.asksuite.com/inner-botchatframe.html?v=1644434997293
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Feb 2022 19:31:03 GMT
Server: AmazonS3
x-amz-request-id: 8EVR0E9AQKYMEYMM
ETag: "aaada02b2ebb926665a3717455544a56"
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 12234
x-amz-id-2: gBpUOaF6dVWNjArfXgQkA2AUQBByGWjcFO/RpNcsCzX7JV076hpGTJv074d69yOL8KPmBdr9G28=

GET
H3 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v3/ 17 KB
17 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.asksuite.com/infochat.css?v=1644434997293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27ae72daf88c7431896929273087c99910d019ae82dc0af7d86505c0f5ef5dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s3.amazonaws.com/
Origin: https://refugiovistaserrana.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 20:18:02 GMT
x-content-type-options: nosniff
age: 488854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17156
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:52:04 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 20:18:02 GMT

GET
H2 200 index_nckv4.html Show response
targeting.voxus.tv/a/ Frame 4A24 53 KB
16 KB 382ms
327ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DRefugio%20Vista%20Serrana%26website_id%3D1909%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview
Requested by: Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce871fe0bcbe2928a3a322be37213b9970380d7ed9ea19dae8bdb60c05fe9479

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/

Response headers

date: Tue, 22 Feb 2022 12:05:37 GMT
content-type: text/html
access-control-allow-headers: sentry-trace
access-control-allow-origin: *
last-modified: Tue, 17 Aug 2021 20:21:18 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aD%2BbBJufBbDdoVkUxqj5DRVSzw1J9qEFOx%2F6ZlMpATXKTUhx6cUTO0Z%2Ft11nKYgKjYz%2FtRku6TYQ9xUbmh44oRPh6JIqYFvyaMhFlz0X99SxrtJ%2BsrcZW0Ms3fbzVasK3nqQZgbB8ehm5sKjnmj%2Fhw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e18156bdea1923e-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 rocket-loader.min.js Show response
targeting.voxus.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 4A24 12 KB
4 KB 49ms
23ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.voxus.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: targeting.voxus.tv
URL: https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DRefugio%20Vista%20Serrana%26website_id%3D1909%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DRefugio%20Vista%20Serrana%26website_id%3D1909%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Feb 2022 13:46:32 GMT
server: cloudflare
etag: W/"620d0038-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sr5T5HvGUf8AlbjHT1T%2FyOCOZNB4gHY%2FLzvm9u3Y8%2FQCCaRZg97iXeHkdUIreR3Fq2pHEaGVEmRdCDrmeC3wbhEaHi90M7n%2BSM%2BsH%2BfH1%2FJN%2BCc4APnmHTkT71CiJ2JvAQaPizj%2F1Y0l7nG0MoYTZ1o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e18156e2a689247-FRA
vary: Accept-Encoding
expires: Thu, 24 Feb 2022 12:05:37 GMT

GET
H/1.1 200
OK / Show response
api.voxus.tv/verify/ 24 B
249 B 479ms
102ms XHR
text/html 34.226.91.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.voxus.tv/verify/?adv_id=1909&ck_id=16455315376430.8737031513506517vuv0aks46wa&ipa=true
Requested by: Host: targeting.voxus.com.br
URL: https://targeting.voxus.com.br/clients/1010929.js?v=1083400
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.91.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-91-122.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.17
Resource Hash: 91a198fc0c19694e2b6606ec092803daf9528b8834681b3aa3fac11361068b4c

Request headers

Referer: https://refugiovistaserrana.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 22 Feb 2022 12:05:38 GMT
Server: Apache/2.4.7 (Ubuntu)
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.17
Content-Length: 24
Content-Type: text/html

GET
H/1.1 200
OK / Show response
api.ipify.org/ 32 B
281 B 329ms
101ms XHR
application/javascript 52.20.78.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=getIP
Requested by: Host: targeting.voxus.com.br
URL: https://targeting.voxus.com.br/clients/1010929.js?v=1083400
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.20.78.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-78-240.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 0af68c79fafbd45b6514fb7823270eb98f448b79df3d658dd467fa38edd2d9f8

Request headers

Referer: https://refugiovistaserrana.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Date: Tue, 22 Feb 2022 12:05:38 GMT
Via: 1.1 vegur
Server: Cowboy
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: https://refugiovistaserrana.com.br
Connection: keep-alive
Content-Length: 32

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=28903153&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D28903153%26t%3D2

43 B
1 KB

44ms
44ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D28903153%26t%3D2

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

HTTP/1.1

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 12:05:38 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9d8a628b-3fd2-4e30-845b-79fd70b76e38
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 12:05:38 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: baf69a2b-27c5-4d87-9a0c-e5e7b5dfa196
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D28903153%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 jY3RbM4BmjQ Show response
www.youtube.com/embed/ Frame 940D 60 KB
26 KB 125ms
77ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dafdad4d379680a172b4da1e973afb92a83d94e28f8906256b7a04d24d519e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Feb 2022 12:05:39 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cRLqRaBfm_Q Show response
www.youtube.com/embed/ Frame 35B3 60 KB
25 KB 142ms
94ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent

Requested by

Host: refugiovistaserrana.com.br
URL: https://refugiovistaserrana.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbcae972551f410b1db28e6c901f55cad4d0c2f9f7e90f5033462cff2aaaa91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 22 Feb 2022 12:05:39 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTklMkYwNSUyRnJlZnVnaW8tdmlzdGEtc2VycmFuYS5qcGcmY2FjaGVNYXJrZXI9MTYwODcxNjU3NC0yM...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 230 KB
231 KB 940ms
524ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTklMkYwNSUyRnJlZnVnaW8tdmlzdGEtc2VycmFuYS5qcGcmY2FjaGVNYXJrZXI9MTYwODcxNjU3NC0yMzU3NTUmdG9rZW49OGZlMjQ1YzhkM2QwMmYyNA.q.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

e6f760e0ef957b1e8b7eff57f27e6f5b982edd32098fa4711ddf4a237a5934d0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:40 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 235755
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:40 GMT
Server: Apache
ETag: "ad3a51f2481803d1c97d8c4a9473a6b1"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2019/05/refugio-vista-serrana.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:40 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/c3125ad0/ Frame 940D 341 KB
47 KB 49ms
21ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4477ee59b97030d6f35483b304d8bd6e71388e45c339d83c22cde5d1dead3d34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 05:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47760
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Feb 2023 05:47:03 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 940D 15 KB
15 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 2854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 11:18:05 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/ Frame 940D 283 KB
85 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b838fab476b0b972555361c19bfa11475adc6bcb3165ea3823eca1584fe6017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 03:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87214
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Feb 2023 03:16:12 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/ Frame 940D 2 MB
539 KB 103ms
83ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c0b6c872c7e94af4fb9a7daed9dd3b48037402aa2bfa90df773913fd9d9ef6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551833
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 15:52:43 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c3125ad0/fetch-polyfill.vflset/ Frame 940D 10 KB
3 KB 73ms
52ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 02:51:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Feb 2023 02:51:04 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/c3125ad0/ Frame 35B3 341 KB
47 KB 34ms
22ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4477ee59b97030d6f35483b304d8bd6e71388e45c339d83c22cde5d1dead3d34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 20 Feb 2022 05:47:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47760
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 20 Feb 2023 05:47:03 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/ Frame 35B3 283 KB
85 KB 64ms
53ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b838fab476b0b972555361c19bfa11475adc6bcb3165ea3823eca1584fe6017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 03:16:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87214
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Feb 2023 03:16:12 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/ Frame 35B3 2 MB
539 KB 178ms
167ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c0b6c872c7e94af4fb9a7daed9dd3b48037402aa2bfa90df773913fd9d9ef6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551833
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 15:52:43 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c3125ad0/fetch-polyfill.vflset/ Frame 35B3 10 KB
3 KB 66ms
55ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 02:51:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Feb 2023 02:51:04 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 35B3 15 KB
15 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 2854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 11:18:05 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 940D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

40ms
39ms

XHR
application/json

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent

Protocol

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15f3de155c9a1687e96034fcde85bbb437c6523a2f1530b209431f2f81b9d9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 22 Feb 2022 12:05:39 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 940D 29 B
588 B 62ms
17ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:59:18 GMT
x-content-type-options: nosniff
age: 381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Feb 2022 12:14:18 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/ Frame 940D 119 KB
37 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

221d3a2d426c59a6409d52c0479926772d85f1432c59b92d0997397567025897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:52:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37823
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 15:52:28 GMT

GET
H3 200 R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js Show response
www.google.com/js/th/ Frame 940D 35 KB
13 KB 53ms
17ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47646be25c50852fa975f0f776a24b58b33bdff3d9e68994f8b7dcdff0c167ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 06:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 539741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 06:09:59 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/ Frame 940D 26 KB
8 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a577e36e5d969ddf3f78d35584fd3186309bbcf56427a8b0e1faba9e126a2065

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418328
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7727
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 15:53:32 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 35B3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

30ms
30ms

XHR
application/json

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent

Protocol

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b5c0a1df8e960942cf7dba36c2e928e65ff5ecb3185ac6ee51e77a9739c8a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 22 Feb 2022 12:05:40 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 35B3 29 B
54 B 57ms
28ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 11:59:18 GMT
x-content-type-options: nosniff
age: 382
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Feb 2022 12:14:18 GMT

GET
DATA 200
OK truncated
/ Frame 940D 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRwKkScli80VN6VD2i_-y7Xd4FxBvph8crGsRmN=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 940D 1 KB
1 KB 432ms
373ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRwKkScli80VN6VD2i_-y7Xd4FxBvph8crGsRmN=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8490a60ad6b9d049e9c8013d3abc33b4064c5c734bfd499c1c7fc0015d162ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v35"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1360
x-xss-protection: 0
expires: Wed, 23 Feb 2022 12:05:40 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/jY3RbM4BmjQ/ Frame 940D 39 KB
39 KB 121ms
62ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/jY3RbM4BmjQ/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1664cec12aacc4f6a5d55fab5653bd19836c22efda757eddf4baea86cac75d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "1559077088"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39556
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Feb 2022 14:05:40 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/ Frame 35B3 119 KB
37 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

221d3a2d426c59a6409d52c0479926772d85f1432c59b92d0997397567025897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:52:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37823
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 15:52:28 GMT

GET
H3 200 R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js Show response
www.google.com/js/th/ Frame 35B3 35 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/R2Rr4lxQhS-pdfD3dqJLWLM73_PZ5omU-Lfc3_DBZ-o.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47646be25c50852fa975f0f776a24b58b33bdff3d9e68994f8b7dcdff0c167ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 06:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 539741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13572
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 06:09:59 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/ Frame 35B3 26 KB
8 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a577e36e5d969ddf3f78d35584fd3186309bbcf56427a8b0e1faba9e126a2065

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 15:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 418328
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7727
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 01:18:33 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Feb 2023 15:53:32 GMT

GET
DATA 200
OK truncated
/ Frame 35B3 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQEqecmyP2h986wTUGd8fV1d6Yzr8btARZIcw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 35B3 749 B
1 KB 175ms
175ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQEqecmyP2h986wTUGd8fV1d6Yzr8btARZIcw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ab23864b0fd1305823ef723e995816cae1244689389ae7786a30a70aa41c1eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:40 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 749
x-xss-protection: 0
expires: Wed, 23 Feb 2022 12:05:40 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/cRLqRaBfm_Q/ Frame 35B3 29 KB
29 KB 79ms
79ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/cRLqRaBfm_Q/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b381ebfdfbdb303081ae3c0c21d31b5222aa9b5135998d20e2d4b3dd5a379ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:40 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29706
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 22 Feb 2022 14:05:40 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 940D 4 KB
3 KB 97ms
43ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 12:05:40 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 940D 0
9 B 25ms
21ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Dq06yQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 35B3 4 KB
2 KB 68ms
36ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 12:05:40 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 35B3 0
9 B 42ms
42ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?dv0QWA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 12:05:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/98/ Frame 940D 52 KB
15 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/98/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 07:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15480
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:03:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 23 Feb 2022 07:12:54 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/98/ Frame 35B3 52 KB
15 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/98/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 07:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15480
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:03:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 23 Feb 2022 07:12:54 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTYlMkYxMCUyRlZTLTE0NC5qcGcmY2FjaGVNYXJrZXI9MTYwODcxNjE5NS00NDM0MjgmdG9rZW49NWFjY...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 296 KB
0 934ms
518ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTYlMkYxMCUyRlZTLTE0NC5qcGcmY2FjaGVNYXJrZXI9MTYwODcxNjE5NS00NDM0MjgmdG9rZW49NWFjY2ZiYmM2NTg1NDJlMg.q.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:41 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 443428
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:42 GMT
Server: Apache
ETag: "2baff8698e3abd84a2cde392d074077d"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2016/10/VS-144.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:42 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 35B3 28 B
54 B 76ms
75ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/cRLqRaBfm_Q?wmode=transparent
X-YouTube-Client-Version: 1.20220216.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtsVTkwNmdWZmZQRSiTo9OQBg%3D%3D
X-YouTube-Ad-Signals: dt=1645531539788&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C620%2C348&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 22 Feb 2022 12:05:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 22 Feb 2022 12:05:42 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 940D 28 B
54 B 170ms
168ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c3125ad0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/jY3RbM4BmjQ?wmode=transparent
X-YouTube-Client-Version: 1.20220216.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtGRlNJUnJPZTZJayiTo9OQBg%3D%3D
X-YouTube-Ad-Signals: dt=1645531539794&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C620%2C348&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 22 Feb 2022 12:05:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 22 Feb 2022 12:05:42 GMT

GET
H/1.1 200
OK c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTklMkYwNSUyRnJlZnVnaW8tdmlzdGEtc2VycmFuYS5qcGcmY2FjaGVNYXJrZXI9MTYwODcxNjU3NC0yM...
refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/ 85 KB
0 1052ms
523ms Image
image/jpeg 186.202.153.226
Locaweb Servicos ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refugiovistaserrana.com.br/wp-content/plugins/phastpress/phast.php/c2VydmljZT1pbWFnZXMmc3JjPWh0dHBzJTNBJTJGJTJGcmVmdWdpb3Zpc3Rhc2VycmFuYS5jb20uYnIlMkZ3cC1jb250ZW50JTJGdXBsb2FkcyUyRjIwMTklMkYwNSUyRnJlZnVnaW8tdmlzdGEtc2VycmFuYS5qcGcmY2FjaGVNYXJrZXI9MTYwODcxNjU3NC0yMzU3NTUmdG9rZW49OGZlMjQ1YzhkM2QwMmYyNA.q.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

186.202.153.226 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),

Reverse DNS

hm8689.locaweb.com.br

Software

Apache / PHP/7.3.28

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://refugiovistaserrana.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 12:05:43 GMT
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.3.28
Connection: close
Content-Length: 235755
X-Accel-Expires: 31536000
Last-Modified: Tue, 22 Feb 2022 12:05:43 GMT
Server: Apache
ETag: "5b6064e013049401208932cc4db71f71"
Vary: Accept
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Content-Security-Policy: default-src 'none'
Link: <https://refugiovistaserrana.com.br/wp-content/uploads/2019/05/refugio-vista-serrana.jpg>; rel="canonical"
Expires: Wed, 22 Feb 2023 12:05:43 GMT

Verdicts & Comments Add Verdict or Comment

230 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.refugiovistaserrana.com.br/	1970-01-20 18:36:43	Name: _ga Value: GA1.3.33298186.1645531532
.refugiovistaserrana.com.br/	1970-01-20 01:06:57	Name: _gid Value: GA1.3.748710824.1645531532
.refugiovistaserrana.com.br/	1970-01-20 01:05:31	Name: _gat Value: 1
.refugiovistaserrana.com.br/	1970-01-20 01:05:31	Name: _gat_gtag_UA_43907301_1 Value: 1
.refugiovistaserrana.com.br/	1970-01-20 03:15:07	Name: _gcl_au Value: 1.1.1209563564.1645531535
.refugiovistaserrana.com.br/	1970-01-20 03:15:07	Name: _fbp Value: fb.2.1645531534790.2125337902
.doubleclick.net/	1970-01-20 01:05:32	Name: test_cookie Value: CheckForPermission
.voxus.tv/	1970-01-23 15:29:31	Name: _dmp_ Value: 16455315376430.8737031513506517vuv0aks46wa
.voxus.tv/	1970-01-20 03:15:07	Name: voxusdsp_ret2 Value: [["1909","2022-02-22 12:05:37"]]
.refugiovistaserrana.com.br/	1970-01-20 01:05:35	Name: voxusmediamanager_id Value: 16455315376430.8737031513506517vuv0aks46wa
.refugiovistaserrana.com.br/	1970-01-20 01:48:43	Name: voxusmediamanager_acs Value: true
.adnxs.com/	1970-01-20 03:15:07	Name: uuid2 Value: 7042795654278918440
.adnxs.com/	1970-01-20 03:15:07	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GVKk[u5s!]tbP6j2F-XstGt!@DC>$Z$kW
.refugiovistaserrana.com.br/	1970-01-20 01:05:32	Name: voxusmediamanager__ip Value: 217.114.215.132
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: _d-IQ-vhZTo
.youtube.com/	1970-01-20 05:24:43	Name: VISITOR_INFO1_LIVE Value: lU906gVffPE

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://refugiovistaserrana.com.br/ Message: Mixed Content: The page at 'https://refugiovistaserrana.com.br/' was loaded over HTTPS, but requested an insecure element 'http://themes.goodlayers2.com/hotelmaster/wp-content/uploads/2015/03/bg-pattern.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://themes.goodlayers2.com/hotelmaster/wp-content/uploads/2015/03/bg-pattern.png Message: Failed to load resource: the server responded with a status of 526 ()
security	warning	URL: https://refugiovistaserrana.com.br/ Message: Mixed Content: The page at 'https://refugiovistaserrana.com.br/' was loaded over HTTPS, but requested an insecure element 'http://themes.goodlayers2.com/hotelmaster/wp-content/uploads/2015/03/bg-pattern.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://themes.goodlayers2.com/hotelmaster/wp-content/uploads/2015/03/bg-pattern.png Message: Failed to load resource: the server responded with a status of 526 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
api.voxus.tv
cdn.asksuite.com
cdn.targeting.voxus.com.br
companies.asksuite.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
refugiovistaserrana.com.br
s3.amazonaws.com
secure.adnxs.com
sqs.us-east-1.amazonaws.com
static.doubleclick.net
static.getbutton.io
static.whatshelp.io
stats.g.doubleclick.net
targeting.voxus.com.br
targeting.voxus.tv
themes.goodlayers2.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
142.250.186.130
185.33.221.50
186.202.153.226
2600:9000:223c:0:1:376:d400:93a1
2600:9000:2315:7200:1b:84ac:d740:93a1
2606:4700:10::6816:1d97
2606:4700:10::ac43:254d
2606:4700:3035::6815:18cd
2606:4700:3035::6815:7c6
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2006
2a00:1450:4001:813::2004
2a00:1450:4001:813::2016
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c06::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::7
3.239.232.212
34.226.91.122
52.20.78.240
52.216.250.190
78.46.57.120
014e4b61c8d6dbafa792dbccb03d65d38675a32a8bde54f45a6e00b6805dd57a
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0aeec4857194c5be46953fdcaa5e993f4043ff431669904021a0982410d75c5d
0af68c79fafbd45b6514fb7823270eb98f448b79df3d658dd467fa38edd2d9f8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1337308df363cd7edd94031219e889375946224ab850404945c9ab5165631ae8
141437c2fdb7631a1f0b556b15e69c716c16c5be5920b82be63f71498ad9e43b
146e50cd89f6e3aa21adc75a28a801e9e603bfae674b8aa984385e0d32f4798a
15f3de155c9a1687e96034fcde85bbb437c6523a2f1530b209431f2f81b9d9cd
1664cec12aacc4f6a5d55fab5653bd19836c22efda757eddf4baea86cac75d5d
16a9a096e753745409226c0a410096abf554939852aaa587f5a26cc8ea1414e3
17da644f9913dcea2c97ee66aef5d3ff4d9a17818472f6e48abf3934331524df
1aebf49c6b99cdf057726fc31929336b729aeb1888a8539cb6e6c032cb99c00b
221d3a2d426c59a6409d52c0479926772d85f1432c59b92d0997397567025897
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
249843d770f1c13c8fa19fd568513b83ef05a7c8d064233db4511431611628e3
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
27ae72daf88c7431896929273087c99910d019ae82dc0af7d86505c0f5ef5dbf
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2ef9d2ece4e30c4ba5c4851afed2a192a734ba442d0627d0a99b204f951403a2
2ffe04346e9ef536f95ce793982deefcc58125b34a9e1ce30ec437c42c42c9f1
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43572d1f547307155a0d1e985f1b55d30d2f8369ed85dec3aa4f9b92c5be0f92
4477ee59b97030d6f35483b304d8bd6e71388e45c339d83c22cde5d1dead3d34
46de21a20e84aa0018cf61855fad2aec2ad6217a5c2d59e3cc8750113d89cc08
47646be25c50852fa975f0f776a24b58b33bdff3d9e68994f8b7dcdff0c167ea
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4a0bb1f0441546790e739c6dfff07d7701a98189ff15420c95cd7443cb584b75
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0b6c872c7e94af4fb9a7daed9dd3b48037402aa2bfa90df773913fd9d9ef6f
4c0fa8915f262b0780873f1f2d1959db2aaab790321eea99a794ee6c2dad7508
515fa0cff500ab005110ac88fb6aff3b1d61e94127dd8d1c499f83bc1a106946
52903e11e672b316a8f79b15ed0a90691d6ecafd543d51bade85cfe60dc5a50b
52b633a947fe05813b24e1bc308a7da8ab980ac0626623921fbae3d1b5234929
5488de84b2d27c56d586eeac4cf90cd822ac8f457aaed9a5e3050e3c81900c25
56a87ee003ef8a53124ba4492bd1713153d88da3effdd456123347fe97ab2868
57fc4930173a480fe561da419cdb22b54c64ffc5889ebc75238a18315d280b3c
5a37c6632c941f7791bb540072222d5cdf46907ea878eb50b813c33fb8349410
5b5c0a1df8e960942cf7dba36c2e928e65ff5ecb3185ac6ee51e77a9739c8a10
5bc03a8a1191998ac4b866dcbd6d36f4d6b854c8eaf25a446e87d60ec1db703b
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5d0a12295725a58baf7d0ad8a4739d44f81611a5d55fafde535a009d58decb5d
6078cc38fbc1a3ffe563802df8198a9cf4d8e40b26c57b2c91bca0e203fffb1f
629ebcfc890b333232ee2b9a9252c6b7e0980478c088f740f2854c2a3b221b69
6406cb59c640ec503184ee64b5a801f424ce7ec9a48082ea6ace02f061bf4476
65b72e15d975f67fbd1cb126d57772c06c21fa016e5651b6ce213b26ce0e6877
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7325aaefa9a40162a03624cc4c3885d2f99bf618c9bd726bf172290f878b8d76
74a33ecbe844b3c6d3dfdccbfeea0dcf1a7dc18758863d4b1ded3c619552bf98
79598d7b5ee411a7c899e5541b46012c8e0409081a2b52c3200559d951dfdffb
7c748730011fc2fb8c84bae6938e59b2b90c50e02a37f707e2938a6cbc6b19b3
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7ed00c2de56b846a0a52c345cf7f88fd2432c595e31d92762bfc06447185c14b
7f7cb7375ee61179924161c6e2477d6cc7e131a8206343b2e479f6acdc45df44
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8490a60ad6b9d049e9c8013d3abc33b4064c5c734bfd499c1c7fc0015d162ce6
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8b838fab476b0b972555361c19bfa11475adc6bcb3165ea3823eca1584fe6017
8cae10d998ded4ba22f627c5cb11a19dca9fdea5c6b2cf9dfb70e53e5c047401
8f9fa49cc5123d0bb1cc83dcd6d6a57fd4c57f427d032dacaca82b6c6364030b
91a198fc0c19694e2b6606ec092803daf9528b8834681b3aa3fac11361068b4c
936f8569f0f6e031fbeb7d824e40680da55073b2f60594d52ebd51b3138a9cf2
9eeb6a5144f558b25f3b1c2dd97e4a6202a298966db49d59637294b93decc6ee
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f389a4a583504e955a630f2dc66ba3ef895fed89b6c6477f30fef9e09fd631
a577e36e5d969ddf3f78d35584fd3186309bbcf56427a8b0e1faba9e126a2065
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79
ab23864b0fd1305823ef723e995816cae1244689389ae7786a30a70aa41c1eeb
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
b381ebfdfbdb303081ae3c0c21d31b5222aa9b5135998d20e2d4b3dd5a379ebf
b6f4724525a4a7b9d6a05f316e0049db6f09c576a4288527f3e6d11dcc63099d
b913617ecb157e52dbc59ad7a242471949b0833ba37a6e743a68843dce69469c
c7aa106ae44f66859b2181ca9981a35b7fc8a3c510773136040f89596aa4072e
cc7efa7efa14aa62ce1161bba4e4498125600e5dbc7b1127ff3f8a5cbd86d0b7
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce62c40dd07ad8d31490b1e1d55c60055c5a51dc27abc05c4f1c278e3ac9991e
ce871fe0bcbe2928a3a322be37213b9970380d7ed9ea19dae8bdb60c05fe9479
d0f6d80c33a95761b003379aee574c496d7f23bb737d887aa6e247addd36da13
d61d1405298450550cd161c3489be696dd0e8e84a0b0cfe025a51e94cb75be70
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dafdad4d379680a172b4da1e973afb92a83d94e28f8906256b7a04d24d519e53
db1abecd412c5d0c9dd117b99db7259cd474b98113c00caed483a41f14138775
dbcae972551f410b1db28e6c901f55cad4d0c2f9f7e90f5033462cff2aaaa91d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
e3296df41d1fe5bd5e34cf373be372f6d864b8e2558502944fe214d109b726c3
e381e402114ecb59682a50861f731de6668c2b0b88c063ff39c361f880255b1b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e426ccf4afd99cfa4b6e9c61ab4d0010ff3d0f527794caf3110532cc4884382b
e6f760e0ef957b1e8b7eff57f27e6f5b982edd32098fa4711ddf4a237a5934d0
e78f371c2211b24a5016d701b4a4b174a6326e7564fae52922bbec5f603dd469
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6702bb1b4ea53e5d9e79d5c4e4cc694355dc82e67b3a89ab0ec8b9271ef6abd

refugiovistaserrana.com.br Open in urlscan Pro 186.202.153.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

119 Requests

97 %HTTPS

73 %IPv6

23 Domains

30 Subdomains

30 IPs

5 Countries

4111 kBTransfer

10811 kBSize

16 Cookies

9 Outgoing links

Page URL History

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

refugiovistaserrana.com.br Open in urlscan Pro
186.202.153.226 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

97 %
HTTPS

73 %
IPv6

23
Domains

30
Subdomains

30
IPs

5
Countries

4111 kB
Transfer

10811 kB
Size

16
Cookies

119 HTTP transactions
4 data transactions