www.avaconversacomosanjos.com Open in urlscan Pro
104.26.10.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s.pass.com.br/AZAva/imw/mv8/cue83c/01.html
Effective URL:
https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
Submission: On October 11 via api (October 11th 2021, 2:00:11 pm UTC) from BR — Scanned from DE

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 12 domains to perform 39 HTTP transactions. The main IP is 104.26.10.160, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.avaconversacomosanjos.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 13th 2021. Valid for: a year.

This is the only time www.avaconversacomosanjos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	74.63.196.62 74.63.196.62	46475 (LIMESTONE...) (LIMESTONENETWORKS)
1 1	18.202.12.61 18.202.12.61	16509 (AMAZON-02) (AMAZON-02)
20	104.26.10.160 104.26.10.160	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
2	157.240.236.1 157.240.236.1	32934 (FACEBOOK) (FACEBOOK)
4	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	157.240.236.35 157.240.236.35	32934 (FACEBOOK) (FACEBOOK)
1	173.194.76.154 173.194.76.154	15169 (GOOGLE) (GOOGLE)
2	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	12

1 74.63.196.62 (United States) 1 redirects

ASN46475 (LIMESTONENETWORKS, US)
PTR: sql.cadari.net

s.pass.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.12.61 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com

adzappy.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.26.10.160 (United States)

ASN13335 (CLOUDFLARENET, US)

www.avaconversacomosanjos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	avaconversacomosanjos.com www.avaconversacomosanjos.com	374 KB
4	google-analytics.com www.google-analytics.com	20 KB
4	googletagmanager.com www.googletagmanager.com	162 KB
2	google.com www.google.com	676 B
2	facebook.com www.facebook.com	404 B
2	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
2	facebook.net connect.facebook.net	170 KB
1	nr-data.net bam-cell.nr-data.net	935 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	go2cloud.org 1 redirects adzappy.go2cloud.org	2 KB
1	pass.com.br 1 redirects s.pass.com.br	283 B
39	12

	Domain	Requested by
20	www.avaconversacomosanjos.com	www.avaconversacomosanjos.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	www.avaconversacomosanjos.com www.googletagmanager.com
2	www.google.com	www.avaconversacomosanjos.com
2	www.facebook.com	www.avaconversacomosanjos.com
2	connect.facebook.net	www.avaconversacomosanjos.com connect.facebook.net
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.avaconversacomosanjos.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	adzappy.go2cloud.org	1 redirects
1	s.pass.com.br	1 redirects
39	13

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-13` - `2022-09-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-21` - `2021-10-19`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
Frame ID: 41AA0EDB4E9AE06086B0E1700F0C52BC
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

REVELAÇÃO 100% GRATUITA - Ava conversa com os Anjos

Page URL History Show full URLs

https://s.pass.com.br/AZAva/imw/mv8/cue83c/01.html HTTP 301
https://adzappy.go2cloud.org/aff_c?offer_id=295&aff_id=1105&url_id=396&aff_sub2=1095&file_id=4862&aff_sub... HTTP 302
https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

13
Subdomains

12
IPs

3
Countries

757 kB
Transfer

1768 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.pass.com.br/AZAva/imw/mv8/cue83c/01.html HTTP 301
https://adzappy.go2cloud.org/aff_c?offer_id=295&aff_id=1105&url_id=396&aff_sub2=1095&file_id=4862&aff_sub3=17063&aff_sub4=113648905 HTTP 302
https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 27 Show response
www.avaconversacomosanjos.com/viver-comigo/
Redirect Chain

https://s.pass.com.br/AZAva/imw/mv8/cue83c/01.html
https://adzappy.go2cloud.org/aff_c?offer_id=295&aff_id=1105&url_id=396&aff_sub2=1095&file_id=4862&aff_sub3=17063&aff_sub4=113648905
https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

25 KB
9 KB

304ms
255ms

Document
text/html

104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20e9a0642f4ab11db6f285f5fdf5f0ae28219209fabc79015652038a23e03bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:method: GET
:authority: www.avaconversacomosanjos.com
:scheme: https
:path: /viver-comigo/27?subId=1095
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 11 Oct 2021 14:00:05 GMT
content-type: text/html; charset=UTF-8
set-cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco; path=/; secure; HttpOnly
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atxTi%2FHUWPqT0FFwZMpzk3qhRJ%2Fmy3NKr1crS1LM78Jozf5hBiR%2FVlsdSRXOrvPPKRFm3I47XVs%2Bi6inCKBLHGdpyGE4kcGHOJYzvjeJ0ahTwU%2Bcb08TfW3ylhhSap4D10h7rOp47du2XPPFS%2BJ0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69c89cdb7bdd4125-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Server: nginx
Date: Mon, 11 Oct 2021 14:00:05 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 248
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: aff_ran_url_295=396; expires=Tue, 12 Oct 2021 14:00:05 GMT; path=/; SameSite=None; Secure enc_aff_session_295=ENC03c6ecfbd80908027bc0a31c725ce6634d906d563ac7d52c10d320039349cb92cc944f86a53db4fcfa5acbda5171e546131ee9ffc24e6d893fc5856e687fb3b34a924f87d2b873fcc02b31fe873e5eb5d09cc60fcfcb01ff755cc3c175ac511ad71ba99b70d2ce259d0bd1128577aaeb843cd7b013e7980087d24f473af44af3e80ae95523; expires=Thu, 11 Nov 2021 14:00:05 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Thu, 05 Sep 2024 00:40:05 GMT; path=/; SameSite=None; Secure
Tracking_id: 102c5397557c00265ec1776c310988
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: b61d20da606c8a927ed3e835eaa02552
Access-Control-Allow-Headers: Tune-SDK-Version

GET
H2 200 bootstrap.min.css
www.avaconversacomosanjos.com/css/ 119 KB
20 KB 183ms
182ms Stylesheet
text/css 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/css/bootstrap.min.css

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /css/bootstrap.min.css
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6f0CSIOdYLP71UGp2Xq0TWmpfXzlOEvK68pYAa2yb6t7FQUP29LlxmuZ%2F0znJqwjR1BTDpQg7PSQw6phwzt7cMNLwaKtF5Ua%2B91qlesv4dFWGYeExTdrobk%2Fm%2F6PmQtI7v8o%2FiwBxY6rqs6FMO1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
cf-ray: 69c89cdd2cd94125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 styles.css
www.avaconversacomosanjos.com/assets/4b9ec267/ 25 KB
7 KB 102ms
101ms Stylesheet
text/css 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/assets/4b9ec267/styles.css?v=1632913339

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b4889a3cf48777dbec235ce22209584ef41d7906ce76b05881b07efa3145bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /assets/4b9ec267/styles.css?v=1632913339
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEdileII6ajMuxxOzyVLczsjD%2FG1sfXS6Eaes7RAKlIPFnauiM0GlD%2BBqgda50CQofQffikbIYN9r7B9voYM4ZYc%2FDxAry3MfwZ%2Fp9Baq1Qx9UvUyllXcQb96k2VBE9hKnmfnO1KGcPprAm%2FB1xo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
cf-ray: 69c89cdd3cda4125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery.countdown.css
www.avaconversacomosanjos.com/assets/4b9ec267/countdown2/ 838 B
650 B 86ms
86ms Stylesheet
text/css 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/assets/4b9ec267/countdown2/jquery.countdown.css?v=1632913339

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

315dc3ea63f32d6ab6a3563eaf34a28a1eae0185f3f3687728076208d9f19ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /assets/4b9ec267/countdown2/jquery.countdown.css?v=1632913339
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y17%2FS8L0JAEkbOf3Tfij%2B5D4q6vy8MRTMFKiJu4mJ9vwGbL2fzstONGl%2BedVpOv1EBdeyK5ARrPeC7TBNCBH80%2BUkNHUuPDL%2FMBRxpaw1svXyyayLfprltJKP9JOb5aLp0FfRs6pTdpIwZRX3rsD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
cf-ray: 69c89cdd3cdb4125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 profile.png
www.avaconversacomosanjos.com/assets/4b9ec267/images/ 6 KB
7 KB 158ms
156ms Image
image/png 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avaconversacomosanjos.com/assets/4b9ec267/images/profile.png

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0879f9e74017db6d70d2f73ff6b4934d5f155694fcd5b13527057a02dae9dbed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /assets/4b9ec267/images/profile.png
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIs0sju8IYb7lOl3hVZ2klQcr1NyT2ga7EUDrLzEoOFjE6Ykl4lWTfsJxOnW%2FyUxUiSYUaokanCRqMd26JtIIMcPPFVePh4B4IAoK%2F0zEatKI2Ez6XH0YRXdWHDr9OS2GfHvK7MYaBqMH6vbfMZ5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
accept-ranges: bytes
cf-ray: 69c89cdd4cff4125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6485

GET
H2 200 ava-esprit-des-anges-mobile.png
www.avaconversacomosanjos.com/assets/4b9ec267/i18n/pt-BR/images/ 34 KB
35 KB 229ms
227ms Image
image/png 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avaconversacomosanjos.com/assets/4b9ec267/i18n/pt-BR/images/ava-esprit-des-anges-mobile.png

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e676c3922c22261fccc733a80722d86a3e266d09b205dc2e9b8a5914740abc30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /assets/4b9ec267/i18n/pt-BR/images/ava-esprit-des-anges-mobile.png
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfFUunJH2tcF8NsiAAhvE2U7a%2BZAdqzl9DpuMVFzrcPyEFwTCIqls9TDSIFsD1TcDzWMFdLmbp%2Fb2rLy8WyCcYDeL%2FiXTs%2Bk1Ma55wqrG8Lqe1mim5YWooWEaQcm0g97xKibxwev%2B5V0v1ZfKC2g"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
accept-ranges: bytes
cf-ray: 69c89cdd4d004125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35125

GET
H2 200 jquery.min.js Show response
www.avaconversacomosanjos.com/js/ 87 KB
32 KB 218ms
214ms Script
application/javascript 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/js/jquery.min.js

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /js/jquery.min.js
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuM%2FESj%2FN5NQWmGlzJ8RqT3nRqSnT2pzhP9QVVfLQO35sKf7sVp9yG3WFRtQPzGQ%2FH2By6GI2eeDbK1Hg2QCMb1QcbAL5GV1NHqLuBW4fpV02AbGDV6MJuH3%2BCEIYlcuu8%2Fa%2FClybuKxZ2WRKRTD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
cf-ray: 69c89cdd3ce04125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 all.min.js Show response
www.avaconversacomosanjos.com/js/ 21 KB
7 KB 199ms
195ms Script
application/javascript 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/js/all.min.js

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd2b879f08e2df364bc4cc35364ee797b8686f843de4fa5b8e64f64ed3b8e368

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /js/all.min.js
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPyg4%2BNdDpMMT%2B%2FraKRNOSEXUkbQtbEWaV7Rozmx4BHK5BOB0GSCwEXMsuyH7AuuGaE7sLjKNAKHE8kALKg7jjb0XqeT4zP14ZEUEEljnSQmxaUAdRObHq1Xl4HnlTx9J29ALgx4KmlNCUEZ4hng"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
cf-ray: 69c89cdd3ce24125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bootstrap.min.js Show response
www.avaconversacomosanjos.com/js/ 39 KB
11 KB 116ms
113ms Script
application/javascript 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/js/bootstrap.min.js

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /js/bootstrap.min.js
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zojB8Sg14aP0B11PAYzyBalw3VGFgNMm%2Ft4nNDUA783lEdLuEz%2BANLaTr5JzC8Wn2OEF%2F%2B8HvnzvpDhYRA0ZrVsJUaKNQ2lPeMYySUxB%2BTjv%2FUMRdXgV9dU2HAWb98FJZCNyJjDwgM0FfFZjSlzN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
cf-ray: 69c89cdd3ce34125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 Dialog.min.js Show response
www.avaconversacomosanjos.com/js/ 1 KB
824 B 143ms
140ms Script
application/javascript 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/js/Dialog.min.js?v=1632913340

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9cb67ebc9f78c2a1cd6db8791a6449c4a3c5841f412c0d49a37c58ebe16d6d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /js/Dialog.min.js?v=1632913340
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVlE71qW90tVRqogGk9XQM%2BvZTXRZb21ncx0lR1DaVMSN7PkOZTwBRUWPlXzG1qg5hF3wLL3omiQen6tdfU3t%2BvI6M4q%2FAYveRqMsf5V8hICJQxB0pllqI8J5J71cmEI8SU0TrTUTFttY57QqXqu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
cf-ray: 69c89cdd3ce44125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery.plugin.min.js Show response
www.avaconversacomosanjos.com/assets/4b9ec267/countdown2/ 3 KB
2 KB 114ms
111ms Script
application/javascript 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/assets/4b9ec267/countdown2/jquery.plugin.min.js?v=1632913339

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ff9064b94819ab0674b87949c2adc14e5c3ea2896d733333a831bddedd8d27a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /assets/4b9ec267/countdown2/jquery.plugin.min.js?v=1632913339
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79XwDTuOOnedjmZDN7i0PtHEcNw%2B0kzXpNX5i7E9%2FJfpMBZXCoUfDt8sPdwQ92s4yTtph1evhCdDE8Y2%2F1frY81LxRGkMDdDJFIqYZAzMI4ja%2FEOmu60uy8pDPVAe4hMvS4FGQl12k1mqqLF6HmU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
cf-ray: 69c89cdd3ce54125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery.countdown.min.js Show response
www.avaconversacomosanjos.com/assets/4b9ec267/countdown2/ 14 KB
5 KB 142ms
139ms Script
application/javascript 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/assets/4b9ec267/countdown2/jquery.countdown.min.js?v=1632913339

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe66fd2db088bda30fa7d9f4eea56a36948de4f002f3b798eae00cbfd6b11ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /assets/4b9ec267/countdown2/jquery.countdown.min.js?v=1632913339
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qCyb7QDhZJslvJICHlZ%2BGMu44rEsRM8oV0fhKBWw1HiZaB9%2Bf77epppxnt0EeMpwxKGqESP1koLQKEPr05ZKJTCvINm1OOjwqBC%2FvNYojExpF5N8Ewh6RwodLqFo2wJgQT4WL6dhYrr9eOovvy5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
cf-ray: 69c89cdd3ce64125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery.countdown-language.js Show response
www.avaconversacomosanjos.com/assets/4b9ec267/i18n/pt-BR/countdown2/ 688 B
741 B 87ms
84ms Script
application/javascript 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/assets/4b9ec267/i18n/pt-BR/countdown2/jquery.countdown-language.js?v=1632913339

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

524e34faec3b1e4e3eaf5131fab2a5e97f59ad1316928387ed07c693f97494db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /assets/4b9ec267/i18n/pt-BR/countdown2/jquery.countdown-language.js?v=1632913339
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pk6btpIYQpQaJBAcmsB4JzPH8J%2FrqM9MGPnycSNlplRDlnDC4Y68uY2P0Xmdl5GEXFVIso7joCHAuW8FToxsB77BewZEJlFkSLvvopNlRy8or5E%2FSxeQeghlgKf2jcJ4UVFwDiqvTqCP0mxH8oo0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
cf-ray: 69c89cdd3ce74125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 chat_text.js Show response
www.avaconversacomosanjos.com/assets/4b9ec267/i18n/pt-BR/ 3 KB
1 KB 192ms
189ms Script
application/javascript 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/assets/4b9ec267/i18n/pt-BR/chat_text.js?v=1632913339

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a86f4b0b6ae9c0c5d1035994b54d989cee39395652c2c1229323c6e2f3ae60c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /assets/4b9ec267/i18n/pt-BR/chat_text.js?v=1632913339
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DE4CsT842Au7gFq0LEh31GOMjHVmWBnz%2FVtlrbMY9PyX%2BDOp5S7Gr%2BR4miNZGNh3j1nvdOqLy4TBbPal%2BS3U2DAteYTdroCjVdtMD6L5%2FWAPDrMwcAKsuvLiStghv7rSHC4NzaV%2B96JECbdThGh1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
cf-ray: 69c89cdd4cfa4125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 chat_date_now.js Show response
www.avaconversacomosanjos.com/assets/4b9ec267/i18n/pt-BR/ 364 B
523 B 187ms
184ms Script
application/javascript 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/assets/4b9ec267/i18n/pt-BR/chat_date_now.js?v=1632913339

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67459a8bd1803ee5c10e8a00ffbcc38d5d3952b30302c1295c8ead07143d3895

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /assets/4b9ec267/i18n/pt-BR/chat_date_now.js?v=1632913339
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cjHKRM2FEBwO5Qq%2FdVkfh0yHuo5omn7JeBFZOufqAoHoGDPjK1tZKsI%2F%2B4ii8e0Nent6MHFad4DzFCY%2B8me4fug%2F7SU3hmPtm5VnsXRhkUSVAoLzjPqIQ9%2Fr6qFjMq6J2pfyMZZ14mXStDuiWQ6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
cf-ray: 69c89cdd4cfc4125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 ts.min.js Show response
www.avaconversacomosanjos.com/assets/4b9ec267/ 9 KB
3 KB 163ms
161ms Script
application/javascript 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/assets/4b9ec267/ts.min.js?v=1632913339

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e9d1ad559a3c97fa72a5428ea8e7530c9d717b37fe8b2f34cf353156cd7252f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /assets/4b9ec267/ts.min.js?v=1632913339
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yN8ON40Ds7yhlMp3hmYFq8Z%2FOqF%2FgAXWXnoVa74%2Btt7ZvIEZAAAQGzP%2B0kp5IHpYcpRXqNylzpRNSQsmf7lph4%2F4JMXAtDnjCE7%2BwJXH6cz0FGXUFX4m8TV1RUjv3NPXhxBmqbDfDoFyCPR5bygW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
cf-ray: 69c89cdd4cfd4125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 EHawkTalon.js Show response
www.avaconversacomosanjos.com/assets/22fe352a/ 43 KB
14 KB 139ms
137ms Script
application/javascript 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/assets/22fe352a/EHawkTalon.js?v=1632913339

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3548fa5ce7c4f7be68fda9000ea4fa0cd2c278b570f585b8b6a5dddff33b586

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /assets/22fe352a/EHawkTalon.js?v=1632913339
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyIzNiUoUd2Ks0GTz9U%2BhR8rYbkKcun%2BllyKD4sqzJ6CWKiIiO2wNcr0wNK4M17fsMXb8muGyTEWayWN%2BKywMLTj5i1N3dCWb9y7vQFJXYLQA66D59frfEB%2Byp9X0QD89h9sqyoTqMD3ax5wffph"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
cf-ray: 69c89cdd4cfe4125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
36 KB 45ms
21ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5BZH38

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c9c05acafcfa98b238f248e2f1ecac2564373570c00aa1bc384faf71f2483a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36686
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Oct 2021 14:00:05 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 49ms
27ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-149873486-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5BZH38

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1665f535884a292ec5b5ddb73a13f1e8f60227a3ef2b4c360e1b550326d49089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39156
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Oct 2021 14:00:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 142ms
6ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: JeN2JVm6U4UnAKI9EIeRID92ZgmvcBsUZUvURCsRm8a17KBOPgP99J/qqFSqhqZHQVZLycjnKJyLLlPaejrgew==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 11 Oct 2021 14:00:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 81ms
16ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149873486-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4389
date: Mon, 11 Oct 2021 12:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 11 Oct 2021 14:46:57 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 28ms
26ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-701953015&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149873486-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

046223243d7d59208e2c330069dbcd2590dbd07deb03c515be1b613be39204de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39599
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Oct 2021 14:00:06 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
49 KB 40ms
38ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TMNPCSGVF3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149873486-1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bd4a56edea55ca6734c0f2a271317476335d0546e14241ffb8b50380435559d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50024
x-xss-protection: 0
expires: Mon, 11 Oct 2021 14:00:06 GMT

GET
H3 200 bg.jpg
www.avaconversacomosanjos.com/assets/4b9ec267/images/ 105 KB
106 KB 118ms
118ms Image
image/jpeg 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avaconversacomosanjos.com/assets/4b9ec267/images/bg.jpg

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/assets/4b9ec267/styles.css?v=1632913339

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57b2e0e70b11a415b330b4eb5b9e83b4d8b10754fbc851d7beb26b24ca847e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /assets/4b9ec267/images/bg.jpg
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco; _gcl_au=1.1.1489366304.1633960806
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/assets/4b9ec267/styles.css?v=1632913339
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/assets/4b9ec267/styles.css?v=1632913339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfZhJr70YC2HreloFbBLJrc1jmaDYVQUCnDLjag%2B84wKCX7yhtZoD52SePBEO6wk0r70MYkBRcGE06%2BgQNYtvSigF3oE8vyLRM9tVGf1NOI5jwI0jUByOygw1F5IDkDH3pMhqgWz%2B9Ubbbcxx%2BnT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
accept-ranges: bytes
cf-ray: 69c89cde6d6f27a0-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 107740

GET
H3 200 bg-chat.png
www.avaconversacomosanjos.com/assets/4b9ec267/images/ 112 KB
112 KB 147ms
147ms Image
image/png 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avaconversacomosanjos.com/assets/4b9ec267/images/bg-chat.png

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/assets/4b9ec267/styles.css?v=1632913339

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f09c394acf0c248dd6e5a53918fdd90c9bcc148e66f4de6d23e22225ade842

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

:path: /assets/4b9ec267/images/bg-chat.png
pragma: no-cache
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco; _gcl_au=1.1.1489366304.1633960806
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/assets/4b9ec267/styles.css?v=1632913339
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/assets/4b9ec267/styles.css?v=1632913339
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 11:02:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4IkMvOMyA6DwrhX7e0XFna1KUezPyTjfKgyl%2F8ZreGH0HwqvP7wcKbABZi%2BcJ4Rl0QdrZpMfgWqBOot4090p%2Fyj1ckQ8aMN3d2aH97OSXbL%2Fl9ZT57ldiCMTBV3kq2U2WXyzkEmAujujLzdQLfN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
accept-ranges: bytes
cf-ray: 69c89cde6d7127a0-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 114536

GET
H3 200 142260346315840 Show response
connect.facebook.net/signals/config/ 490 KB
143 KB 84ms
75ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/142260346315840?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

4025c83fc72cd5b0dec19c53b316c0068334ca727b5e534d104f37a862663883

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: ZAMIY6cKDxyW64yfEAenRBjA/M5qUcYqd8dMdSOIcZvfmu5xNuyE5DNUMaNxSYgFIjduh8NHZbrGbmHUtbeZtQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 11 Oct 2021 14:00:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 43ms
21ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-701953015&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

03b8f9e258f69727a11fc81ce93fbc8d0d5ca96489a1e84463af819efedf0782

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14399
x-xss-protection: 0
server: cafe
etag: 3154747477907843336
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:00:06 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 28ms
13ms Ping
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TMNPCSGVF3&gtm=2oea60&_p=1453590964&sr=1600x1200&ul=en-us&cid=167302637.1633960806&_s=1&dl=https%3A%2F%2Fwww.avaconversacomosanjos.com%2Fviver-comigo%2F27%3FsubId%3D1095&dt=REVELA%C3%87%C3%83O%20100%25%20GRATUITA%20-%20Ava%20conversa%20com%20os%20Anjos&sid=1633960806&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TMNPCSGVF3&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.avaconversacomosanjos.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 14:00:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avaconversacomosanjos.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 location Show response
www.avaconversacomosanjos.com/tchat-local/ 35 B
595 B 179ms
179ms XHR
text/html 104.26.10.160
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avaconversacomosanjos.com/tchat-local/location

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/js/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.160 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e05d05a7578967da8baa613f8f47476917320a0f541c7e15338360ea3445e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-fetch-mode: cors
origin: https://www.avaconversacomosanjos.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: _csrf=MeN5lq2dDn2WmwBIQU1-PLpHluquLwco; _gcl_au=1.1.1489366304.1633960806; _ga_TMNPCSGVF3=GS1.1.1633960806.1.0.1633960806.0; _ga=GA1.1.167302637.1633960806
content-length: 0
:path: /tchat-local/location
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.avaconversacomosanjos.com
referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DomMgUlyhoiiTz9CqyTxMGiBeoPFQ5k87A9rTKtn0fOM%2F6bCCQgs6vi4u3q0uRvew2k8OFWkJFfirw55%2BR7S0BaSyfzl%2F4xWc9AdW5e0A3BWCX%2BLOWVn2ycL4RmSXSomGF%2FG0sR%2Fkv%2B9HBC%2FR2XD"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 69c89cdeddf127a0-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1453590964&t=pageview&_s=1&dl=https%3A%2F%2Fwww.avaconversacomosanjos.com%2Fviver-comigo%2F27%3FsubId%3D1095&ul=en-us&de=UTF-8&dt=REVELA%C3%87%C3%83O%20100%25%20GRATUITA%20-%20Ava%20conversa%20com%20os%20Anjos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1759185551&gjid=1747860186&cid=167302637.1633960806&tid=UA-149873486-1&_gid=1732658313.1633960806&_r=1&gtm=2oua60&z=1510839924

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avaconversacomosanjos.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 14:00:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avaconversacomosanjos.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/701953015/ 2 KB
2 KB 42ms
20ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/701953015/?random=1633960806379&cv=9&fst=1633960806379&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa60&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.avaconversacomosanjos.com%2Fviver-comigo%2F27%3FsubId%3D1095&tiba=REVELA%C3%87%C3%83O%20100%25%20GRATUITA%20-%20Ava%20conversa%20com%20os%20Anjos&tc=x&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

82abc4cd022584252bd9d11d9f9890a3311320602202c8e9126a23fa454375f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 14:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1070
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 22ms
7ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=142260346315840&ev=PageView&dl=https%3A%2F%2Fwww.avaconversacomosanjos.com%2Fviver-comigo%2F27%3FsubId%3D1095&rl=&if=false&ts=1633960806403&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633960806402.111777443&it=1633960806172&coo=false&rqm=GET

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 11 Oct 2021 14:00:06 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
471 B 62ms
20ms XHR
text/plain 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-149873486-1&cid=167302637.1633960806&jid=1759185551&gjid=1747860186&_gid=1732658313.1633960806&_u=YADAAUAAAAAAAC~&z=589481287

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avaconversacomosanjos.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 11 Oct 2021 14:00:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.avaconversacomosanjos.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 417 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ea2386004d026938ef0f644a75fc9fa38a79f9f813286883e47bdae3624e11e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 461 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27ba0e7bb942b41dd5025fce55bcf1ca228be1517e777a2671a11fe01006ac0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
www.google.com/pagead/1p-user-list/701953015/ 42 B
569 B 44ms
21ms Image
image/gif 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/701953015/?random=1633960806379&cv=9&fst=1633960800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa60&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.avaconversacomosanjos.com%2Fviver-comigo%2F27%3FsubId%3D1095&tiba=REVELA%C3%87%C3%83O%20100%25%20GRATUITA%20-%20Ava%20conversa%20com%20os%20Anjos&async=1&fmt=3&is_vtc=1&random=759281484&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 14:00:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 33ms
33ms Image
image/gif 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-149873486-1&cid=167302637.1633960806&jid=1759185551&_u=YADAAUAAAAAAAC~&z=1793323075

Requested by

Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 14:00:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 20ms
6ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: www.avaconversacomosanjos.com
URL: https://www.avaconversacomosanjos.com/viver-comigo/27?subId=1095
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id: 3700EJ4ZWWQ4P78Z
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11781
x-amz-id-2: WHzeslBLMht/NaCF9kkJd18iJ6Fkr2YZAl5iGj0a1qtVGAGpwFyTtZrMMtk5xKXdIU5RYSWHiEw=
x-served-by: cache-hhn4081-HHN
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1633960807.532745,VS0,VE0
date: Mon, 11 Oct 2021 14:00:06 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 25596

GET
H/1.1 200
OK 0686a6165a Show response
bam-cell.nr-data.net/1/ 49 B
935 B 905ms
872ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/0686a6165a?a=433691883&v=1210.e2a3f80&to=YQFSbERWWRJXAEMIXVhLZUpfGF4PUgZPT0JeFA%3D%3D&rst=1654&ck=1&ref=https://www.avaconversacomosanjos.com/viver-comigo/27&ap=179&be=1056&fe=1626&dc=1419&perf=%7B%22timing%22:%7B%22of%22:1633960804887,%22n%22:0,%22f%22:731,%22dn%22:732,%22dne%22:744,%22c%22:744,%22s%22:759,%22ce%22:780,%22rq%22:780,%22rp%22:1035,%22rpe%22:1037,%22dl%22:1039,%22di%22:1419,%22ds%22:1419,%22de%22:1419,%22dc%22:1626,%22l%22:1626,%22le%22:1627%7D,%22navigation%22:%7B%7D%7D&fp=1288&fcp=1288&at=TUZRGgxMShw%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 11 Oct 2021 14:00:07 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQGQlRTCQECUFVRFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoDAlcJWHRMB05WAhtDAlVZUgdQA1BRAlNSUgAHC0BKBQNcEV0/
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 69c89ce119814e0d-FRA

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
7ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=142260346315840&ev=Microdata&dl=https%3A%2F%2Fwww.avaconversacomosanjos.com%2Fviver-comigo%2F27%3FsubId%3D1095&rl=&if=false&ts=1633960807907&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22REVELA%C3%87%C3%83O%20100%25%20GRATUITA%20-%20Ava%20conversa%20com%20os%20Anjos%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1633960806402.111777443&it=1633960806172&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avaconversacomosanjos.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 14:00:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 11 Oct 2021 14:00:07 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
13ms Ping
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TMNPCSGVF3&gtm=2oea60&_p=1453590964&sr=1600x1200&ul=en-us&cid=167302637.1633960806&_s=2&dl=https%3A%2F%2Fwww.avaconversacomosanjos.com%2Fviver-comigo%2F27%3FsubId%3D1095&dt=REVELA%C3%87%C3%83O%20100%25%20GRATUITA%20-%20Ava%20conversa%20com%20os%20Anjos&sid=1633960806&sct=1&seg=0&en=scroll&_et=331&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TMNPCSGVF3&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.avaconversacomosanjos.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Oct 2021 14:00:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avaconversacomosanjos.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.avaconversacomosanjos.com/viver-comigo	1970-01-23 13:31:33	Name: 6bdfac53cbfb648b7ebe7a1fe1b93f4d Value: %7B%22v%22%3A%225.5%22%2C%22a%22%3A2436770608%2C%22b%22%3A%2223fcea4c3d3d7b43dd6e88fdd8f4890b%22%2C%22c%22%3A1633960806760%2C%22d%22%3A%221e2c02be13221b5048610bda93653a1d%22%2C%22e%22%3A%22%22%7D
s.pass.com.br/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: hqao4xegfyjujsxpyip3o3tv
adzappy.go2cloud.org/	1970-01-19 21:54:07	Name: aff_ran_url_295 Value: 396
adzappy.go2cloud.org/	1970-01-19 22:37:19	Name: enc_aff_session_295 Value: ENC03c6ecfbd80908027bc0a31c725ce6634d906d563ac7d52c10d320039349cb92cc944f86a53db4fcfa5acbda5171e546131ee9ffc24e6d893fc5856e687fb3b34a924f87d2b873fcc02b31fe873e5eb5d09cc60fcfcb01ff755cc3c175ac511ad71ba99b70d2ce259d0bd1128577aaeb843cd7b013e7980087d24f473af44af3e80ae95523
adzappy.go2cloud.org/	1970-01-20 23:18:16	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
www.avaconversacomosanjos.com/	1969-12-31 23:59:59	Name: _csrf Value: MeN5lq2dDn2WmwBIQU1-PLpHluquLwco
.avaconversacomosanjos.com/	1970-01-20 00:02:16	Name: _gcl_au Value: 1.1.1489366304.1633960806
.avaconversacomosanjos.com/	1970-01-20 15:23:52	Name: _ga_TMNPCSGVF3 Value: GS1.1.1633960806.1.0.1633960806.0
.avaconversacomosanjos.com/	1970-01-20 15:23:52	Name: _ga Value: GA1.2.167302637.1633960806
.avaconversacomosanjos.com/	1970-01-19 21:54:07	Name: _gid Value: GA1.2.1732658313.1633960806
.avaconversacomosanjos.com/	1970-01-19 21:52:40	Name: _gat_gtag_UA_149873486_1 Value: 1
.avaconversacomosanjos.com/	1970-01-20 00:02:16	Name: _fbp Value: fb.1.1633960806402.111777443
.doubleclick.net/	1970-01-19 21:52:41	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adzappy.go2cloud.org
bam-cell.nr-data.net
connect.facebook.net
googleads.g.doubleclick.net
js-agent.newrelic.com
s.pass.com.br
stats.g.doubleclick.net
www.avaconversacomosanjos.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
104.26.10.160
142.250.185.100
142.250.185.174
142.250.185.66
142.250.186.104
142.250.186.34
151.101.66.137
157.240.236.1
157.240.236.35
162.247.243.147
173.194.76.154
18.202.12.61
74.63.196.62
03b8f9e258f69727a11fc81ce93fbc8d0d5ca96489a1e84463af819efedf0782
046223243d7d59208e2c330069dbcd2590dbd07deb03c515be1b613be39204de
0879f9e74017db6d70d2f73ff6b4934d5f155694fcd5b13527057a02dae9dbed
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1665f535884a292ec5b5ddb73a13f1e8f60227a3ef2b4c360e1b550326d49089
1e9d1ad559a3c97fa72a5428ea8e7530c9d717b37fe8b2f34cf353156cd7252f
1ff9064b94819ab0674b87949c2adc14e5c3ea2896d733333a831bddedd8d27a
20e9a0642f4ab11db6f285f5fdf5f0ae28219209fabc79015652038a23e03bec
27ba0e7bb942b41dd5025fce55bcf1ca228be1517e777a2671a11fe01006ac0f
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
315dc3ea63f32d6ab6a3563eaf34a28a1eae0185f3f3687728076208d9f19ce9
3ea2386004d026938ef0f644a75fc9fa38a79f9f813286883e47bdae3624e11e
4025c83fc72cd5b0dec19c53b316c0068334ca727b5e534d104f37a862663883
524e34faec3b1e4e3eaf5131fab2a5e97f59ad1316928387ed07c693f97494db
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5e05d05a7578967da8baa613f8f47476917320a0f541c7e15338360ea3445e15
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
66f09c394acf0c248dd6e5a53918fdd90c9bcc148e66f4de6d23e22225ade842
67459a8bd1803ee5c10e8a00ffbcc38d5d3952b30302c1295c8ead07143d3895
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
7b4889a3cf48777dbec235ce22209584ef41d7906ce76b05881b07efa3145bbe
82abc4cd022584252bd9d11d9f9890a3311320602202c8e9126a23fa454375f3
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a57b2e0e70b11a415b330b4eb5b9e83b4d8b10754fbc851d7beb26b24ca847e9
a86f4b0b6ae9c0c5d1035994b54d989cee39395652c2c1229323c6e2f3ae60c7
bd2b879f08e2df364bc4cc35364ee797b8686f843de4fa5b8e64f64ed3b8e368
bd4a56edea55ca6734c0f2a271317476335d0546e14241ffb8b50380435559d5
c3548fa5ce7c4f7be68fda9000ea4fa0cd2c278b570f585b8b6a5dddff33b586
c9c05acafcfa98b238f248e2f1ecac2564373570c00aa1bc384faf71f2483a38
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e676c3922c22261fccc733a80722d86a3e266d09b205dc2e9b8a5914740abc30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9cb67ebc9f78c2a1cd6db8791a6449c4a3c5841f412c0d49a37c58ebe16d6d3
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe66fd2db088bda30fa7d9f4eea56a36948de4f002f3b798eae00cbfd6b11ecd

www.avaconversacomosanjos.com Open in urlscan Pro 104.26.10.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

0 %IPv6

12 Domains

13 Subdomains

12 IPs

3 Countries

757 kBTransfer

1768 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.avaconversacomosanjos.com Open in urlscan Pro
104.26.10.160 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

0 %
IPv6

12
Domains

13
Subdomains

12
IPs

3
Countries

757 kB
Transfer

1768 kB
Size

13
Cookies

39 HTTP transactions
2 data transactions