urlscan.io logo urlscan.io
SecurityTrails logo

www.usuarioson.multisistemas.bid Open in urlscan Pro
162.244.82.65  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.usuarioson.multisistemas.bid/
Submission: On July 07 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 25 HTTP transactions. The main IP is 162.244.82.65, located in United States and belongs to SERVERROOM, US. The main domain is www.usuarioson.multisistemas.bid.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 23rd 2024. Valid for: 3 months.
This is the only time www.usuarioson.multisistemas.bid was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 162.244.82.65 19624 (SERVERROOM)
1 198.251.81.49 53667 (PONYNET)
6 216.58.206.34 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 6
15    162.244.82.65 (United States)

ASN19624 (SERVERROOM, US)
PTR: gedan.com.br
www.usuarioson.multisistemas.bid
tdg.gedan.com.br
noticias.gedan.com.br
1    198.251.81.49 (Staten Island, United States)

ASN53667 (PONYNET, US)
PTR: d2mail49.my-control-panel.com
hostinghg.com
6    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
10 tdg.gedan.com.br www.usuarioson.multisistemas.bid
6 pagead2.googlesyndication.com www.usuarioson.multisistemas.bid
pagead2.googlesyndication.com
4 www.usuarioson.multisistemas.bid www.usuarioson.multisistemas.bid
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 noticias.gedan.com.br www.usuarioson.multisistemas.bid
1 hostinghg.com www.usuarioson.multisistemas.bid
25 6
Subject Issuer Validity Valid
usuarioson.multisistemas.bid
ZeroSSL RSA Domain Secure Site CA		 2024-06-23 -
2024-09-21		 3 months crt.sh
tdg.gedan.com.br
ZeroSSL RSA Domain Secure Site CA		 2024-06-23 -
2024-09-21		 3 months crt.sh
ftp.hostinghg.com
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
noticias.gedan.com.br
ZeroSSL RSA Domain Secure Site CA		 2024-06-23 -
2024-09-21		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.usuarioson.multisistemas.bid/
Frame ID: 178F2B55DB029E879702858C71582800
Requests: 20 HTTP requests in this frame

Frame: https://noticias.gedan.com.br/sites.php?P=H&Estilo=usuarioson.multisistemas.bid/classe.css
Frame ID: B51DEC394FB1946484C54C28A352B27E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Frame ID: 1030B8C16343D33778E45FF2443EE31A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8500587267418417&output=html&h=100&slotname=4819524882&adk=2370501189&adf=1178029432&pi=t.ma~as.4819524882&w=320&abgtt=3&lmt=1720324596&format=320x100&url=https%3A%2F%2Fwww.usuarioson.multisistemas.bid%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720324596680&bpp=3&bdt=264&idt=178&shv=r20240702&mjsv=m202407010101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=8368573623818&frm=20&pv=2&ga_vid=1432923140.1720324597&ga_sid=1720324597&ga_hid=143969109&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=257&ady=792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95334511%2C95334529%2C95334565%2C31085041%2C31084187%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3082687322952319&tmod=43446171&uas=0&nvt=1&fc=896&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=195
Frame ID: 1B13A6C02EE00CF1CEF72860C6AE472C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8500587267418417&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1720324596&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.usuarioson.multisistemas.bid%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=31_2~27_14~29_10~30_19&aiixl=31_8~27_3~29_5~30_6&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720324596683&bpp=1&bdt=267&idt=200&shv=r20240702&mjsv=m202407010101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=320x100&nras=1&correlator=8368573623818&frm=20&pv=1&ga_vid=1432923140.1720324597&ga_sid=1720324597&ga_hid=143969109&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95334511%2C95334529%2C95334565%2C31085041%2C31084187%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3082687322952319&tmod=43446171&uas=0&nvt=1&fsapi=1&fc=896&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=207
Frame ID: 46379774AEB4C27C5DFB6B1A5EBD7D69
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0D497D4DDF9378E805878650E6AE7A50
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Usuários On :: Contador Gratuito de usuários online para colocar em seu Site ou BLOG

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

25
Requests

96 %
HTTPS

40 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

384 kB
Transfer

785 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.usuarioson.multisistemas.bid/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.usuarioson.multisistemas.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) / PHP/5.6.40
Resource Hash
b660714c2b2d1d279662ea8e3bc4a21674898abeda095594031815c918663eb9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
content-type
text/html; charset=ISO-8859-1
date
Sun, 07 Jul 2024 03:56:36 GMT
server
Apache/2.4.58 (IUS)
strict-transport-security
max-age=2592000; preload
x-content-type-options
nosniff
x-powered-by
PHP/5.6.40
x-supported-by
KloxoNG
x-xss-protection
1;mode=block
usuarioson.js
www.usuarioson.multisistemas.bid/ 		367 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usuarioson.multisistemas.bid/usuarioson.js
Requested by
Host: www.usuarioson.multisistemas.bid
URL: https://www.usuarioson.multisistemas.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) /
Resource Hash
fed33cfb49c36ece03617711c0e2bcffbf277c26fa3b42debced6c821919d901
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Sun, 07 Jul 2024 03:56:36 GMT
x-content-type-options
nosniff
last-modified
Sat, 23 May 2020 14:09:52 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"16f-5a6514ca50c00"
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
367
x-xss-protection
1;mode=block
hg.gif
tdg.gedan.com.br/files/ 		380 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tdg.gedan.com.br/files/hg.gif
Requested by
Host: www.usuarioson.multisistemas.bid
URL: https://www.usuarioson.multisistemas.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) /
Resource Hash
f84113ebbb94d57580e3b1d751fdb26aa09bd1ed44952cc3862addfc10938782
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Sun, 07 Jul 2024 03:56:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Nov 2002 18:56:28 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"17c-3af1acdddaf00"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
380
x-xss-protection
1;mode=block
cartao.gif
tdg.gedan.com.br/files/ 		312 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tdg.gedan.com.br/files/cartao.gif
Requested by
Host: www.usuarioson.multisistemas.bid
URL: https://www.usuarioson.multisistemas.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) /
Resource Hash
4ddaab23aaaf3c0b1d2c3148ae1c8803c038d79021fd991f410d231b3748f6b4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Sun, 07 Jul 2024 03:56:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Nov 2002 18:58:32 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"138-3af1ad541c600"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
312
x-xss-protection
1;mode=block
classif.gif
tdg.gedan.com.br/files/ 		774 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tdg.gedan.com.br/files/classif.gif
Requested by
Host: www.usuarioson.multisistemas.bid
URL: https://www.usuarioson.multisistemas.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) /
Resource Hash
084377c1dc10cf9aa0857e965f324b92f67073901fffef535af1c923a41880ac
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Sun, 07 Jul 2024 03:56:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Nov 2002 21:20:20 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"306-3af1cd05f8d00"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
774
x-xss-protection
1;mode=block
jogos.gif
tdg.gedan.com.br/files/ 		368 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tdg.gedan.com.br/files/jogos.gif
Requested by
Host: www.usuarioson.multisistemas.bid
URL: https://www.usuarioson.multisistemas.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) /
Resource Hash
d75a8c2fba0ac5e9b88d219d34c5a1121e15235eab89ea08f3cfe6de6eef6cad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Sun, 07 Jul 2024 03:56:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Nov 2002 20:39:46 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"170-3af1c3f4ba880"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
368
x-xss-protection
1;mode=block
img.gif
tdg.gedan.com.br/files/ 		414 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tdg.gedan.com.br/files/img.gif
Requested by
Host: www.usuarioson.multisistemas.bid
URL: https://www.usuarioson.multisistemas.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) /
Resource Hash
8483a6a40f03704567642f9357d44ed56847955aa17a932007b1a66f2b2cf7d4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Sun, 07 Jul 2024 03:56:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Nov 2002 21:38:38 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"19e-3af1d11d1b380"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
414
x-xss-protection
1;mode=block
trafego.gif
tdg.gedan.com.br/files/ 		417 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tdg.gedan.com.br/files/trafego.gif
Requested by
Host: www.usuarioson.multisistemas.bid
URL: https://www.usuarioson.multisistemas.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) /
Resource Hash
e51d9e0382082135378a0ce6bd912851b8df45ed470f6553562eadb73ce2d21b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Sun, 07 Jul 2024 03:56:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Nov 2002 20:38:18 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"1a1-3af1c3a0ce280"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
417
x-xss-protection
1;mode=block
tubine.gif
tdg.gedan.com.br/files/ 		391 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tdg.gedan.com.br/files/tubine.gif
Requested by
Host: www.usuarioson.multisistemas.bid
URL: https://www.usuarioson.multisistemas.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) /
Resource Hash
b3258a7d44fee9d1268e3b46af7f567b053967f50d867a542d230736ac6ab0ee
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Sun, 07 Jul 2024 03:56:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Nov 2002 20:36:46 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"187-3af1c34911380"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
391
x-xss-protection
1;mode=block
hbnet.gif
tdg.gedan.com.br/files/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tdg.gedan.com.br/files/hbnet.gif
Requested by
Host: www.usuarioson.multisistemas.bid
URL: https://www.usuarioson.multisistemas.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) /
Resource Hash
d13e73866324ddef9e14a8006953d244e36d8ac9f081eb3fb3052151d7f3d3c9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Sun, 07 Jul 2024 03:56:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Nov 2002 20:33:48 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"589-3af1c29f50300"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
1417
x-xss-protection
1;mode=block
hc.gif
tdg.gedan.com.br/files/ 		244 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tdg.gedan.com.br/files/hc.gif
Requested by
Host: www.usuarioson.multisistemas.bid
URL: https://www.usuarioson.multisistemas.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) /
Resource Hash
aa02332859483bcfd41936e44d21a06b8b7b41e36813f7d705d6d8198e96ed55
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Sun, 07 Jul 2024 03:56:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Nov 2002 22:07:10 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"f4-3af1d77dcbf80"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
244
x-xss-protection
1;mode=block
cb.gif
tdg.gedan.com.br/files/ 		257 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tdg.gedan.com.br/files/cb.gif
Requested by
Host: www.usuarioson.multisistemas.bid
URL: https://www.usuarioson.multisistemas.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) /
Resource Hash
7de854fd06154ecc54850207d93ede14e5aca505e75133baf15214f4f0a15ccc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Sun, 07 Jul 2024 03:56:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Nov 2002 20:43:26 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"101-3af1c4c689780"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
content-length
257
x-xss-protection
1;mode=block
bthost.gif
hostinghg.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hostinghg.com/bthost.gif
Requested by
Host: www.usuarioson.multisistemas.bid
URL: https://www.usuarioson.multisistemas.bid/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.251.81.49 Staten Island, United States, ASN53667 (PONYNET, US),
Reverse DNS
d2mail49.my-control-panel.com
Software
LiteSpeed /
Resource Hash
27f87d9b16cdba16a5a62bc3c42a1561c8051ce983f8dc93717e5aa3ca5d2894

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 03:56:38 GMT
last-modified
Sat, 11 Oct 2014 02:24:10 GMT
server
LiteSpeed
etag
"1067-543894ca-39e2e1422dcabe72;;;"
vary
User-Agent
content-type
image/gif
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4199
expires
Sun, 14 Jul 2024 03:56:38 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.usuarioson.multisistemas.bid
URL: https://www.usuarioson.multisistemas.bid/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
cb8d5aa8014255f69b9f1f1ef3d42de7fc7c79b4d6eef2d40d56a312db0ea103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 03:56:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52887
x-xss-protection
0
server
cafe
etag
4924442747330938844
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 07 Jul 2024 03:56:36 GMT
sites.php
noticias.gedan.com.br/ Frame B51D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://noticias.gedan.com.br/sites.php?P=H&Estilo=usuarioson.multisistemas.bid/classe.css
Requested by
Host: www.usuarioson.multisistemas.bid
URL: https://www.usuarioson.multisistemas.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) / PHP/5.6.40
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.usuarioson.multisistemas.bid/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
content-type
text/html; charset=ISO-8859-1
date
Sun, 07 Jul 2024 03:56:37 GMT
server
Apache/2.4.58 (IUS)
strict-transport-security
max-age=2592000; preload
x-content-type-options
nosniff
x-powered-by
PHP/5.6.40
x-supported-by
KloxoNG
x-xss-protection
1;mode=block
fundo.jpg
www.usuarioson.multisistemas.bid/images/ 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.usuarioson.multisistemas.bid/images/fundo.jpg
Requested by
Host: www.usuarioson.multisistemas.bid
URL: https://www.usuarioson.multisistemas.bid/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) /
Resource Hash
43c5d8a539dda38e349b319c007587df3eb11e0470b944d43bd3bbec6bfa68d7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Sun, 07 Jul 2024 03:56:36 GMT
x-content-type-options
nosniff
last-modified
Sat, 20 Oct 2018 02:45:18 GMT
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
etag
"257f5-578a002a4ab80"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
153589
x-xss-protection
1;mode=block
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/ 		424 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8500587267418417&plah=www.usuarioson.multisistemas.bid&aplac=true&bust=31085041
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
3828bb79047eef4a8871daefb1c2ee9da0b968787150fb60e50bd886b2f57482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 03:56:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146541
x-xss-protection
0
server
cafe
etag
4214925178771393463
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 Jul 2024 03:56:36 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/ Frame 1030 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8500587267418417&plah=www.usuarioson.multisistemas.bid&aplac=true&bust=31085041
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.usuarioson.multisistemas.bid/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
52168
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 13:27:08 GMT
etag
2738592464165616
expires
Sat, 20 Jul 2024 13:27:08 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 1B13 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8500587267418417&output=html&h=100&slotname=4819524882&adk=2370501189&adf=1178029432&pi=t.ma~as.4819524882&w=320&abgtt=3&lmt=1720324596&format=320x100&url=https%3A%2F%2Fwww.usuarioson.multisistemas.bid%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720324596680&bpp=3&bdt=264&idt=178&shv=r20240702&mjsv=m202407010101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=8368573623818&frm=20&pv=2&ga_vid=1432923140.1720324597&ga_sid=1720324597&ga_hid=143969109&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=257&ady=792&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95334511%2C95334529%2C95334565%2C31085041%2C31084187%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3082687322952319&tmod=43446171&uas=0&nvt=1&fc=896&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=195
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8500587267418417&plah=www.usuarioson.multisistemas.bid&aplac=true&bust=31085041
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.usuarioson.multisistemas.bid/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
304
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jul 2024 03:56:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 4637 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8500587267418417&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1720324596&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.usuarioson.multisistemas.bid%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=31_2~27_14~29_10~30_19&aiixl=31_8~27_3~29_5~30_6&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720324596683&bpp=1&bdt=267&idt=200&shv=r20240702&mjsv=m202407010101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=320x100&nras=1&correlator=8368573623818&frm=20&pv=1&ga_vid=1432923140.1720324597&ga_sid=1720324597&ga_hid=143969109&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95334511%2C95334529%2C95334565%2C31085041%2C31084187%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3082687322952319&tmod=43446171&uas=0&nvt=1&fsapi=1&fc=896&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=207
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8500587267418417&plah=www.usuarioson.multisistemas.bid&aplac=true&bust=31085041
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.usuarioson.multisistemas.bid/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
4319
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jul 2024 03:56:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240702&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8500587267418417&plah=www.usuarioson.multisistemas.bid&aplac=true&bust=31085041
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
c06d0284922237f35123c535490c886d4aab5daba1caed0eb302eeb8e240a134
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 03:56:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12592
x-xss-protection
0
favicon.ico
www.usuarioson.multisistemas.bid/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.usuarioson.multisistemas.bid/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.244.82.65 , United States, ASN19624 (SERVERROOM, US),
Reverse DNS
gedan.com.br
Software
Apache/2.4.58 (IUS) /
Resource Hash
b748eaa0a9dcf0cc66b0278bf12fb322219948df211d89bafba40b75042fc59f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; preload
date
Sun, 07 Jul 2024 03:56:38 GMT
x-content-type-options
nosniff
server
Apache/2.4.58 (IUS)
x-supported-by
KloxoNG
content-type
text/html
access-control-allow-origin
*
accept-ranges
bytes
content-length
2059
x-xss-protection
1;mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202407010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8500587267418417&plah=www.usuarioson.multisistemas.bid&aplac=true&bust=31085041
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.usuarioson.multisistemas.bid/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Jul 2024 03:56:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 07 Jul 2024 03:56:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0D49 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.usuarioson.multisistemas.bid/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
74370
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 07:17:08 GMT
expires
Sun, 06 Jul 2025 07:17:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240702&jk=3082687322952319&bg=!_P-l_7DNAAZ5zPvEWcw7ADQBe5WfONYxtecWqvSYDghrwJ9MYSW48gdWqHvRB8JiNPZp3lkE_WvzyXqWOTIx16ySN4VKAgAAAEpSAAAAAmgBB34ANSknbZfDoIyR9s4PfdUVUZZl45B4lk6fsr6yy5T7iWJ7FexONpA0OSqbn0Gh2sXZNqzuWamWCgA2-bdu32agrT7IbTkGh-Jusgkld_NSZBb0W3S01ZBeZ3bYnFi_oagELud7rsti7IZudVs7-cVYmQK2Z5-84tIcAUqU6X72XWMg3A4C_x6vZvPZMoSTvkrTKNVMDbapGZU5Tk_YUVQ80wUln_iSX1Ck59PIPVpFkmeneMK79kspM_tN821MNB5UouD8_4f--6CA5EVZLywrge9zDrwpKL-ITqUje8Rjys8udi6spLxsM2Xif56Od87AhnQNW37BOdVAH_ipdCUGvaCOgn0N8Xs7qqtcslZ6ZYKoXQkXbSVJKlU5uL8R3o7iMKiWFTnCR1B9WhrkIkCn9UnE3NI8_ajEGHmTWCz-ya5eUOti2Br-IUW9N8NVf-zFN3S6Eyp0ffPGZotcRoS6b9be_utqaB17cThuh52EKENIPoVnZjYakpVkaxl-UaP5o90Gt1Zvb5P6706dkT5I4R_IfcNK8xydHwGZtQ7Xpi3F3brtQf6HJkkMHGh0bA7-IzQTmeX9Hk-CJyGOXhxI9-a_kBVS7v-gLX4RZs7nOwJjLzl_J4UWaDBryv_ugbzuST_HtlgSAm9fcBsLJSuxRY4Q2RgFm7-pJv98ubkgbmL4rBDttGH9F2p7ud3WKjVUD5RBJAU6WCW-XgJDPBapKBUpIvLu9df2i_fZVCwy53e2yXvPNj1S9vFnqoiVstSB0B_euovk1oBpTrJTvHUJ-Im971snzwOzdKtgE-rpzGFqv1nD1AwGePOb_vNXTtySH-VfLD_FLiMZupkpNMRbxZVu7GaQiv77e-BYa-YCwKO7ENKNLbadfM_8zcNPwY-vtv5T9FTSdRCr1zHv7p2E28fkzqzc8nfGPs1TYPymI_IOcUsj3dxIyKdItkzsDMww6hTNXleBmoMZwxop0yHlhI8o4IE0qayaA_kzIzjZzTl3Y-dfUHbWeuCxj23wy3f-K-qBDLN1x8yqL-0RaJ-3tmqIOkOLl_0SyVkJKJSddE8b072OnDHvJw

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 undefined| event object| fence object| sharedStorage function| criarcodigo object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.multisistemas.bid/ Name: __eoi
Value: ID=9c1a28e6988ec2f5:T=1720324596:RT=1720324596:S=AA-AfjYEwKMYuf6QHRfMK0NxG7Ki
noticias.gedan.com.br/ Name: TESTCOOKIESENABLED
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://www.usuarioson.multisistemas.bid/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hostinghg.com
noticias.gedan.com.br
pagead2.googlesyndication.com
tdg.gedan.com.br
tpc.googlesyndication.com
www.usuarioson.multisistemas.bid
pagead2.googlesyndication.com
162.244.82.65
198.251.81.49
216.58.206.34
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2001
084377c1dc10cf9aa0857e965f324b92f67073901fffef535af1c923a41880ac
27f87d9b16cdba16a5a62bc3c42a1561c8051ce983f8dc93717e5aa3ca5d2894
3828bb79047eef4a8871daefb1c2ee9da0b968787150fb60e50bd886b2f57482
43c5d8a539dda38e349b319c007587df3eb11e0470b944d43bd3bbec6bfa68d7
4ddaab23aaaf3c0b1d2c3148ae1c8803c038d79021fd991f410d231b3748f6b4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7de854fd06154ecc54850207d93ede14e5aca505e75133baf15214f4f0a15ccc
8483a6a40f03704567642f9357d44ed56847955aa17a932007b1a66f2b2cf7d4
aa02332859483bcfd41936e44d21a06b8b7b41e36813f7d705d6d8198e96ed55
b3258a7d44fee9d1268e3b46af7f567b053967f50d867a542d230736ac6ab0ee
b660714c2b2d1d279662ea8e3bc4a21674898abeda095594031815c918663eb9
b748eaa0a9dcf0cc66b0278bf12fb322219948df211d89bafba40b75042fc59f
c06d0284922237f35123c535490c886d4aab5daba1caed0eb302eeb8e240a134
cb8d5aa8014255f69b9f1f1ef3d42de7fc7c79b4d6eef2d40d56a312db0ea103
d13e73866324ddef9e14a8006953d244e36d8ac9f081eb3fb3052151d7f3d3c9
d75a8c2fba0ac5e9b88d219d34c5a1121e15235eab89ea08f3cfe6de6eef6cad
e51d9e0382082135378a0ce6bd912851b8df45ed470f6553562eadb73ce2d21b
f84113ebbb94d57580e3b1d751fdb26aa09bd1ed44952cc3862addfc10938782
fed33cfb49c36ece03617711c0e2bcffbf277c26fa3b42debced6c821919d901