www.contador.multisistemas.biz Open in urlscan Pro
162.244.82.65 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.contador.multisistemas.biz/
Submission: On April 04 via automatic, source certstream-suspicious (April 4th 2021, 3:02:51 am UTC)

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 31 HTTP transactions. The main IP is 162.244.82.65, located in United States and belongs to SERVERROOM, US. The main domain is www.contador.multisistemas.biz.
TLS certificate: Issued by R3 on March 28th 2021. Valid for: 3 months.

This is the only time www.contador.multisistemas.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	162.244.82.65 162.244.82.65	19624 (SERVERROOM) (SERVERROOM)
3	162.244.82.66 162.244.82.66	19624 (SERVERROOM) (SERVERROOM)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
31	9

16 162.244.82.65 (United States)

ASN19624 (SERVERROOM, US)
PTR: gedan.com.br

www.contador.multisistemas.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.multisistemas.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contador.multisistemas.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
noticias.gedan.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
popmoney.multisistemas.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.244.82.66 (United States)

ASN19624 (SERVERROOM, US)
PTR: cliquebanner.com

www.cliquebanner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
marketing.cliquebanner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	multisistemas.biz www.contador.multisistemas.biz www.multisistemas.biz	47 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	156 KB
3	gedan.com.br noticias.gedan.com.br	11 KB
3	cliquebanner.com www.cliquebanner.com marketing.cliquebanner.com	17 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
2	multisistemas.bid contador.multisistemas.bid popmoney.multisistemas.bid	4 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	165 B
1	google.de adservice.google.de	165 B
31	9

	Domain	Requested by
10	www.contador.multisistemas.biz	www.contador.multisistemas.biz
5	pagead2.googlesyndication.com	noticias.gedan.com.br pagead2.googlesyndication.com tpc.googlesyndication.com
3	noticias.gedan.com.br	www.contador.multisistemas.biz noticias.gedan.com.br
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.cliquebanner.com	www.contador.multisistemas.biz www.cliquebanner.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	popmoney.multisistemas.bid	noticias.gedan.com.br
1	marketing.cliquebanner.com	www.contador.multisistemas.biz
1	contador.multisistemas.bid	www.contador.multisistemas.biz
1	www.multisistemas.biz	www.contador.multisistemas.biz
31	13

This site contains no links.

Subject Issuer	Validity	Valid
contador.multisistemas.biz R3	`2021-03-28` - `2021-06-26`	3 months	crt.sh
multisistemas.biz R3	`2021-03-28` - `2021-06-26`	3 months	crt.sh
contador.multisistemas.bid R3	`2021-03-28` - `2021-06-26`	3 months	crt.sh
cliquebanner.com R3	`2021-03-28` - `2021-06-26`	3 months	crt.sh
marketing.cliquebanner.com R3	`2021-03-28` - `2021-06-26`	3 months	crt.sh
noticias.gedan.com.br R3	`2021-03-28` - `2021-06-26`	3 months	crt.sh
popmoney.multisistemas.bid R3	`2021-03-28` - `2021-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.contador.multisistemas.biz/
Frame ID: 8ECE2E3A54B533A5817AFF95C6543DDF
Requests: 1 HTTP requests in this frame

Frame: https://www.contador.multisistemas.biz/index1.php
Frame ID: 93F6B3532142B6CE75062400A30A0B74
Requests: 14 HTTP requests in this frame

Frame: https://noticias.gedan.com.br/sites.php?P=H&Estilo=popmoney.multisistemas.bid/class1.css
Frame ID: 23F49425D7DE3B2F5868065196819AB7
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210331/r20190131/zrt_lookup.html
Frame ID: 0DB61CD6388E443A59090378B02A1110
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&slotname=8546388886&adk=4129943907&adf=3407277730&pi=t.ma~as.8546388886&w=750&fwrn=16&fwrnh=100&lmt=1617505355&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fnoticias.gedan.com.br%2Fsites.php%3FP%3DH%26Estilo%3Dpopmoney.multisistemas.bid%2Fclass1.css&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617505355497&bpp=8&bdt=495&idt=97&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&correlator=487034495142&frm=6&ife=1&pv=2&ga_vid=227053385.1617505356&ga_sid=1617505356&ga_hid=1278846908&ga_fc=0&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=750&ish=1080&ifk=1900401153&scr_x=-12245933&scr_y=-12245933&eid=44740079%2C44739387&oid=3&pvsid=2768972454780078&top=https%3A%2F%2Fwww.contador.multisistemas.biz%2F&rx=0&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C750%2C1080&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=1&uci=1.9xjjnqnotesd&fsb=1&xpc=Ydh27rD5fI&p=https%3A//noticias.gedan.com.br&dtd=112
Frame ID: F11A50E9494486011D8B00A28F4CBB96
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: D41BD580188019F23DCCB3BC34947958
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

31
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

13
Subdomains

9
IPs

2
Countries

268 kB
Transfer

566 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.contador.multisistemas.biz/ 781 B
1 KB 378ms
91ms Document
text/html 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to

Full URL

https://www.contador.multisistemas.biz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) / PHP/5.6.40

Resource Hash

59bdf4a88bee06c7f172cb3142386e4915da53aba3f5024087e1b0662dc4cd94

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Host: www.contador.multisistemas.biz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:32 GMT
Server: Apache/2.4.46 (IUS)
X-Powered-By: PHP/5.6.40
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Access-Control-Allow-Origin: *
X-Supported-By: Kloxo-MR 7.0
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Connection: Upgrade, close
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1

GET
H/1.1 200
OK index1.php Show response
www.contador.multisistemas.biz/ Frame 93F6 16 KB
17 KB 271ms
95ms Document
text/html 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to

Full URL

https://www.contador.multisistemas.biz/index1.php

Requested by

Host: www.contador.multisistemas.biz
URL: https://www.contador.multisistemas.biz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) / PHP/5.6.40

Resource Hash

55db8aa3e9ac5b5c46f9e51c104f387ba41a499279084e5c934f50d367132a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Host: www.contador.multisistemas.biz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: frame
Referer: https://www.contador.multisistemas.biz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.contador.multisistemas.biz/

Response headers

Date: Sun, 04 Apr 2021 03:02:33 GMT
Server: Apache/2.4.46 (IUS)
X-Powered-By: PHP/5.6.40
Expires: on, 01 Jan 1970 00:00:00 GMT
Last-Modified: Sun, 04 Apr 2021 03:02:33 GMT
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Access-Control-Allow-Origin: *
X-Supported-By: Kloxo-MR 7.0
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Connection: Upgrade, close
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1

GET
H/1.1 200
OK class.css
www.contador.multisistemas.biz/ Frame 93F6 1 KB
2 KB 271ms
91ms Stylesheet
text/css 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to

Full URL

https://www.contador.multisistemas.biz/class.css

Requested by

Host: www.contador.multisistemas.biz
URL: https://www.contador.multisistemas.biz/index1.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) /

Resource Hash

4a86d9220ed9e4ecffa9300f872dac80ada07c2625d7c85fd2a128f2481d7a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.contador.multisistemas.biz/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Sep 2003 19:31:52 GMT
Server: Apache/2.4.46 (IUS)
X-Supported-By: Kloxo-MR 7.0
ETag: "44d-3c6d6808a9a00"
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 1101
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK multisis.js Show response
www.contador.multisistemas.biz/ Frame 93F6 343 B
796 B 272ms
91ms Script
text/javascript 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to

Full URL

https://www.contador.multisistemas.biz/multisis.js

Requested by

Host: www.contador.multisistemas.biz
URL: https://www.contador.multisistemas.biz/index1.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) /

Resource Hash

d7d4b281a42f81530e2c26c83963e9b796d488b4c9e2e8c6161233c5fba05380

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.contador.multisistemas.biz/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 May 2003 19:05:00 GMT
Server: Apache/2.4.46 (IUS)
X-Supported-By: Kloxo-MR 7.0
ETag: "157-3bdb89addef00"
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 343
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK contador.gif
www.multisistemas.biz/logos/ Frame 93F6 5 KB
5 KB 487ms
96ms Image
image/gif 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.multisistemas.biz/logos/contador.gif

Requested by

Host: www.contador.multisistemas.biz
URL: https://www.contador.multisistemas.biz/index1.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) /

Resource Hash

904007b6d4b4b9ca3957ef2609b19120bf059fbd28eedc6c9d01d05ae1f74af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.contador.multisistemas.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:34 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Mar 2007 01:18:08 GMT
Server: Apache/2.4.46 (IUS)
X-Supported-By: Kloxo-MR 7.0
ETag: "141f-42bc10320b400"
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 5151
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK menu_rodape.jpg
www.contador.multisistemas.biz/imags/ Frame 93F6 2 KB
2 KB 263ms
88ms Image
image/jpeg 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.contador.multisistemas.biz/imags/menu_rodape.jpg

Requested by

Host: www.contador.multisistemas.biz
URL: https://www.contador.multisistemas.biz/index1.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) /

Resource Hash

d5f2c4c69ee52e7d50983a11cd54477e816d1e0938546853180169eaf2301058

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.contador.multisistemas.biz/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Sep 2003 17:54:06 GMT
Server: Apache/2.4.46 (IUS)
X-Supported-By: Kloxo-MR 7.0
ETag: "729-3c79e4d504b80"
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 1833
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK seta_01.gif
www.contador.multisistemas.biz/imags/ Frame 93F6 49 B
494 B 270ms
90ms Image
image/gif 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.contador.multisistemas.biz/imags/seta_01.gif

Requested by

Host: www.contador.multisistemas.biz
URL: https://www.contador.multisistemas.biz/index1.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) /

Resource Hash

e4f8e5869cab68091d8dd70aec587239f5cc263b22bcde232ba7c67d867f2742

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.contador.multisistemas.biz/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Sep 2003 17:54:04 GMT
Server: Apache/2.4.46 (IUS)
X-Supported-By: Kloxo-MR 7.0
ETag: "31-3c79e4d31c700"
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 49
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK multilogo.gif
www.contador.multisistemas.biz/imags/ Frame 93F6 6 KB
7 KB 284ms
95ms Image
image/gif 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.contador.multisistemas.biz/imags/multilogo.gif

Requested by

Host: www.contador.multisistemas.biz
URL: https://www.contador.multisistemas.biz/index1.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) /

Resource Hash

6d90a5a7448f457259e4dd338aa1a3eab04b6a97a2904fa1f89369a53456a06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.contador.multisistemas.biz/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Sep 2003 17:54:04 GMT
Server: Apache/2.4.46 (IUS)
X-Supported-By: Kloxo-MR 7.0
ETag: "197b-3c79e4d31c700"
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 6523
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK contaj.php Show response
contador.multisistemas.bid/ Frame 93F6 2 KB
2 KB 393ms
98ms Script
text/javascript 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to

Full URL

https://contador.multisistemas.bid/contaj.php?usuario=contador

Requested by

Host: www.contador.multisistemas.biz
URL: https://www.contador.multisistemas.biz/index1.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) / PHP/5.6.40

Resource Hash

e7df3c9e5ab7a3339bc8e9cd6ef28d0bdb965222180adc3c520e1448dfe9e568

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.contador.multisistemas.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:33 GMT
X-Content-Type-Options: nosniff
X-Supported-By: Kloxo-MR 7.0
X-Powered-By: PHP/5.6.40
Transfer-Encoding: chunked
Connection: Upgrade, close
X-XSS-Protection: 1;mode=block
Pragma: no-cache
Last-Modified: Sun, 04 Apr 2021 03:02:33 GMT
Server: Apache/2.4.46 (IUS)
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/javascript;charset=ISO-8859-1
Expires: on, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK mostra.cgi Show response
www.cliquebanner.com/cgi-bin/ Frame 93F6 1 KB
2 KB 642ms
257ms Script
text/javascript 162.244.82.66
SERVERROOM

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cliquebanner.com/cgi-bin/mostra.cgi?conta59=hiperh

Requested by

Host: www.contador.multisistemas.biz
URL: https://www.contador.multisistemas.biz/index1.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.66 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

cliquebanner.com

Software

Apache/2.4.46 (IUS) /

Resource Hash

e949ca9351f956872e983684cf89cae0f5f6bc4367e8d2e1171d1980561e08e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.contador.multisistemas.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:34 GMT
X-Content-Type-Options: nosniff
Server: Apache/2.4.46 (IUS)
X-Supported-By: Kloxo-MR 7.0
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: Upgrade, close
Content-Type: text/javascript
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK publi.php Show response
www.contador.multisistemas.biz/ Frame 93F6 683 B
1 KB 270ms
95ms Script
text/javascript 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to

Full URL

https://www.contador.multisistemas.biz/publi.php

Requested by

Host: www.contador.multisistemas.biz
URL: https://www.contador.multisistemas.biz/index1.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) / PHP/5.6.40

Resource Hash

1ad77c5226351bd1b9e49876e8739b85d7c5ad29e1e3eaf2ef45493a05ce6842

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.contador.multisistemas.biz/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:33 GMT
X-Content-Type-Options: nosniff
Server: Apache/2.4.46 (IUS)
X-Supported-By: Kloxo-MR 7.0
X-Powered-By: PHP/5.6.40
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: Upgrade, close
Content-Type: text/javascript;charset=ISO-8859-1
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK topo.jpg
www.contador.multisistemas.biz/imags/ Frame 93F6 8 KB
9 KB 284ms
95ms Image
image/jpeg 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.contador.multisistemas.biz/imags/topo.jpg

Requested by

Host: www.contador.multisistemas.biz
URL: https://www.contador.multisistemas.biz/index1.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) /

Resource Hash

f0f4d53bd7889647931444a1c0a5dcc8ed15689737e82ca7835121985320f01f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.contador.multisistemas.biz/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Sep 2003 17:56:22 GMT
Server: Apache/2.4.46 (IUS)
X-Supported-By: Kloxo-MR 7.0
ETag: "2179-3c79e556b7d80"
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 8569
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK menu.jpg
www.contador.multisistemas.biz/imags/ Frame 93F6 1 KB
1 KB 283ms
95ms Image
image/jpeg 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.contador.multisistemas.biz/imags/menu.jpg

Requested by

Host: www.contador.multisistemas.biz
URL: https://www.contador.multisistemas.biz/index1.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) /

Resource Hash

578497323185ca1959c8b1210362f497edde70876dd3aa0268e9a5defcec6808

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.contador.multisistemas.biz/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Sep 2003 17:54:06 GMT
Server: Apache/2.4.46 (IUS)
X-Supported-By: Kloxo-MR 7.0
ETag: "43b-3c79e4d504b80"
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 1083
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK popdhtml.php Show response
www.cliquebanner.com/ Frame 93F6 2 KB
2 KB 294ms
104ms Script
text/javascript 162.244.82.66
SERVERROOM

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cliquebanner.com/popdhtml.php?usuario=hiperh&Catac=Sporn&Categoria=Int&Apop=sim

Requested by

Host: www.cliquebanner.com
URL: https://www.cliquebanner.com/cgi-bin/mostra.cgi?conta59=hiperh

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.66 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

cliquebanner.com

Software

Apache/2.4.46 (IUS) / PHP/5.6.40

Resource Hash

111078804b651aca3c3b24c4ebdc44e5889d4aab4be82dc8f6f0518b9abab13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.contador.multisistemas.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:34 GMT
X-Content-Type-Options: nosniff
Server: Apache/2.4.46 (IUS)
X-Supported-By: Kloxo-MR 7.0
X-Powered-By: PHP/5.6.40
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: Upgrade, close
Content-Type: text/javascript;charset=ISO-8859-1
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK marketing.gif
marketing.cliquebanner.com/ Frame 93F6 13 KB
13 KB 498ms
97ms Image
image/gif 162.244.82.66
SERVERROOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://marketing.cliquebanner.com/marketing.gif

Requested by

Host: www.contador.multisistemas.biz
URL: https://www.contador.multisistemas.biz/index1.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.66 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

cliquebanner.com

Software

Apache/2.4.46 (IUS) /

Resource Hash

104465f5c844289c30c331d87896d7846e35ac7d9673b7311fa8fd4e679d1ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://www.contador.multisistemas.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:34 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 23 Sep 2006 15:56:52 GMT
Server: Apache/2.4.46 (IUS)
X-Supported-By: Kloxo-MR 7.0
ETag: "33e3-41e210155d900"
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 13283
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK sites.php Show response
noticias.gedan.com.br/ Frame 23F4 7 KB
7 KB 469ms
92ms Document
text/html 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to

Full URL

https://noticias.gedan.com.br/sites.php?P=H&Estilo=popmoney.multisistemas.bid/class1.css

Requested by

Host: www.contador.multisistemas.biz
URL: https://www.contador.multisistemas.biz/publi.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) / PHP/5.6.40

Resource Hash

8a364aa6e346f6fba3a0a36f00cfea8d1333f8c01859d81ffc461dd2c47f00dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Host: noticias.gedan.com.br
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.contador.multisistemas.biz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.contador.multisistemas.biz/

Response headers

Date: Sun, 04 Apr 2021 03:02:34 GMT
Server: Apache/2.4.46 (IUS)
X-Powered-By: PHP/5.6.40
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Access-Control-Allow-Origin: *
X-Supported-By: Kloxo-MR 7.0
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Connection: Upgrade, close
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1

GET
H/1.1 200
OK class1.css
popmoney.multisistemas.bid/ Frame 23F4 1 KB
2 KB 491ms
96ms Stylesheet
text/css 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to

Full URL

https://popmoney.multisistemas.bid/class1.css

Requested by

Host: noticias.gedan.com.br
URL: https://noticias.gedan.com.br/sites.php?P=H&Estilo=popmoney.multisistemas.bid/class1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) /

Resource Hash

93ab392188dc0fd15afe9546a0e6fb70efc2a131bb5f4a8e241d9f7ff989062a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://noticias.gedan.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 06 Feb 2012 02:03:32 GMT
Server: Apache/2.4.46 (IUS)
X-Supported-By: Kloxo-MR 7.0
ETag: "471-4b84211c02500"
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 1137
X-XSS-Protection: 1;mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 23F4 133 KB
47 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: noticias.gedan.com.br
URL: https://noticias.gedan.com.br/sites.php?P=H&Estilo=popmoney.multisistemas.bid/class1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83c54916208ba4fec97b8c109dc1d26f5e2231ced12bee8032864c219b7d14e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noticias.gedan.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 03:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47703
x-xss-protection: 0
server: cafe
etag: 6346030555081020592
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 03:02:35 GMT

GET
H/1.1 200
OK notifica.js Show response
noticias.gedan.com.br/ Frame 23F4 2 KB
2 KB 286ms
96ms Script
text/javascript 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to

Full URL

https://noticias.gedan.com.br/notifica.js

Requested by

Host: noticias.gedan.com.br
URL: https://noticias.gedan.com.br/sites.php?P=H&Estilo=popmoney.multisistemas.bid/class1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) /

Resource Hash

0644457e66839d658cde6152a46dd17a98b3cb584caf067c08dd8f83eab61045

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://noticias.gedan.com.br/sites.php?P=H&Estilo=popmoney.multisistemas.bid/class1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 19:20:06 GMT
Server: Apache/2.4.46 (IUS)
X-Supported-By: Kloxo-MR 7.0
ETag: "632-5af5f09e04580"
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 1586
X-XSS-Protection: 1;mode=block

GET
H/1.1 200
OK gedan.gif
noticias.gedan.com.br/imagens/ Frame 23F4 2 KB
2 KB 287ms
96ms Image
image/gif 162.244.82.65
SERVERROOM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://noticias.gedan.com.br/imagens/gedan.gif

Requested by

Host: noticias.gedan.com.br
URL: https://noticias.gedan.com.br/sites.php?P=H&Estilo=popmoney.multisistemas.bid/class1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.244.82.65 , United States, ASN19624 (SERVERROOM, US),

Reverse DNS

gedan.com.br

Software

Apache/2.4.46 (IUS) /

Resource Hash

93341c62500c6d7b82552ee5750d2311533c6b823a6d8d3247b1e6f0b4000342

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://noticias.gedan.com.br/sites.php?P=H&Estilo=popmoney.multisistemas.bid/class1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Apr 2021 03:02:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 03 Jan 2010 00:09:52 GMT
Server: Apache/2.4.46 (IUS)
X-Supported-By: Kloxo-MR 7.0
ETag: "6c8-47c376c7cb400"
Strict-Transport-Security: max-age=2592000; preload
Upgrade: h2
Access-Control-Allow-Origin: *
Connection: Upgrade, close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 1736
X-XSS-Protection: 1;mode=block

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/ Frame 23F4 225 KB
85 KB 57ms
42ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8500587267418417&plah=noticias.gedan.com.br&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee65ec4e6687e75cf0082dffb5a452a42d4353263efe439959072d89b7f437b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noticias.gedan.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 03:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86022
x-xss-protection: 0
server: cafe
etag: 6413673484793450264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 04 Apr 2021 03:02:35 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210331/r20190131/ Frame 0DB6 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210331/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210331/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://noticias.gedan.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://noticias.gedan.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 03 Apr 2021 20:17:11 GMT
expires: Sat, 17 Apr 2021 20:17:11 GMT
content-type: text/html; charset=UTF-8
etag: 13254444762018554669
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4647
x-xss-protection: 0
age: 24324
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 23F4 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=noticias.gedan.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8500587267418417&plah=noticias.gedan.com.br&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noticias.gedan.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Apr 2021 03:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 23F4 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=noticias.gedan.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noticias.gedan.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Apr 2021 03:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F11A 405 B
767 B 136ms
123ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&slotname=8546388886&adk=4129943907&adf=3407277730&pi=t.ma~as.8546388886&w=750&fwrn=16&fwrnh=100&lmt=1617505355&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fnoticias.gedan.com.br%2Fsites.php%3FP%3DH%26Estilo%3Dpopmoney.multisistemas.bid%2Fclass1.css&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617505355497&bpp=8&bdt=495&idt=97&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&correlator=487034495142&frm=6&ife=1&pv=2&ga_vid=227053385.1617505356&ga_sid=1617505356&ga_hid=1278846908&ga_fc=0&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=750&ish=1080&ifk=1900401153&scr_x=-12245933&scr_y=-12245933&eid=44740079%2C44739387&oid=3&pvsid=2768972454780078&top=https%3A%2F%2Fwww.contador.multisistemas.biz%2F&rx=0&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C750%2C1080&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=1&uci=1.9xjjnqnotesd&fsb=1&xpc=Ydh27rD5fI&p=https%3A//noticias.gedan.com.br&dtd=112

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d3ae4fd09c4cb66baeb3b8ff967f0a248355af461a27f812862416f2f51df50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8500587267418417&output=html&h=280&slotname=8546388886&adk=4129943907&adf=3407277730&pi=t.ma~as.8546388886&w=750&fwrn=16&fwrnh=100&lmt=1617505355&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fnoticias.gedan.com.br%2Fsites.php%3FP%3DH%26Estilo%3Dpopmoney.multisistemas.bid%2Fclass1.css&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1617505355497&bpp=8&bdt=495&idt=97&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&correlator=487034495142&frm=6&ife=1&pv=2&ga_vid=227053385.1617505356&ga_sid=1617505356&ga_hid=1278846908&ga_fc=0&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=-12245933&bih=-12245933&isw=750&ish=1080&ifk=1900401153&scr_x=-12245933&scr_y=-12245933&eid=44740079%2C44739387&oid=3&pvsid=2768972454780078&top=https%3A%2F%2Fwww.contador.multisistemas.biz%2F&rx=0&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C750%2C1080&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=8320&bc=31&ifi=1&uci=1.9xjjnqnotesd&fsb=1&xpc=Ydh27rD5fI&p=https%3A//noticias.gedan.com.br&dtd=112
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://noticias.gedan.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://noticias.gedan.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 04 Apr 2021 03:02:35 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 04-Apr-2021 03:17:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 04 Apr 2021 03:02:35 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23F4 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noticias.gedan.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 03:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218226621639"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
expires: Sun, 04 Apr 2021 03:02:35 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 23F4 9 KB
7 KB 45ms
31ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210331&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5654eea52dcfd699fd3ef2ce2ea3258560187b85c713ddeb246946256852dadb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noticias.gedan.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Apr 2021 03:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6990
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 23F4 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noticias.gedan.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 04 Apr 2021 03:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 04 Apr 2021 03:02:35 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame D41B 12 KB
5 KB 34ms
20ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://noticias.gedan.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://noticias.gedan.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sat, 03 Apr 2021 21:46:43 GMT
expires: Sun, 03 Apr 2022 21:46:43 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18952
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js Show response
pagead2.googlesyndication.com/bg/ Frame D41B 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 03 Apr 2021 15:18:41 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 42234
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
expires: Sun, 03 Apr 2022 15:18:41 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 23F4 0
88 B 40ms
40ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210331&jk=2768972454780078&bg=!BwSlBEDNAAY56aLOOek7ACkAdvg8WqKRtxJxAgzQnflgsxspoyLHxy9xvbFs_i0g2_xt-glW7mtHCgIAAABGUgAAAAloAQcKADbWwNziPG59Wb2pEvQDU9cfEknFZT2xFZCmGYJBfN2ZRU1udhV7cHk7ur1XCgYHKRmN5eDJS9iZAmbA2kAFZ53p6tdM-YJ2vRPuDabcHXaQzYBoCuZDhfqjW-RBE8gWqOCSNhFodPL-J7I1-4_ZpLhkksw3jIlbIqM-nBk2ffs6DdxmOLBZybfCkNNB-TtgNe7v_xr_1gl-e43OEefbSwBq7r7Qs8s7Ub2p-e7Nutn5ICVYv5pw-kAnRrTTHqwVGeMGCid7a9xRvLqFFd1BQQGZ5QsZtqPdXkLelsoAhQoUBGJy4KHqXUhYdT3zudPt60Dt9NcugYLSkkz5iwNvUXS27CDTmQ41Xowc_6v1mKJqFYYy9mRbau_2oNIIhOfS5CwrscT_z46m3nLqDsup5JXMDudOH2xBuh3oHlWAoXRUgO99aOo0qnRax3WwUZyuk8l3zNfOeifHVv62iImPumti1Ol35sJC0YMBlM12l_xIN6lyxtFy1CWkgXKLIRXkBRKhmoOMdvqFbO6Ml7scyYB9-QhEQRAGYPbSaHlB_NFu98qY1sAE7tUTCvNsaS_Of2pD2vxtms957soq4o6iSIQYS_qvDTxf4NKJUuKguc2YGEHrQCtjIZRCy9rHGxaPFZlKedDXcqbGx80kN-AU0gWA3OE-8pMvRwGUyhrNJVWt0zH8XCWVhBDOPnHg_1s-jcYLpesQsavUMkJVYYVrVqXiU8v70_RFmqM_nH_T1--KV5iPvg7AEDwBKKt30x2Xft-VDK34J_fGSxRjUSVCBNnVZA9PYFQ98BqVYs69YgJN6JOiA0WqeEVaaTol2syr_kAA5Nd4X1fjH7vW9D8r19mmJB5j3mQrHd8wD27ncxS8T538Xfvy1ekc8l2upW7ccQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://noticias.gedan.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Apr 2021 03:02:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 17:18:26	Name: test_cookie Value: CheckForPermission
			www.contador.multisistemas.biz/	1970-01-19 17:18:28	Name: PopUpCB2 Value: POP

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
contador.multisistemas.bid
googleads.g.doubleclick.net
marketing.cliquebanner.com
noticias.gedan.com.br
pagead2.googlesyndication.com
popmoney.multisistemas.bid
tpc.googlesyndication.com
www.cliquebanner.com
www.contador.multisistemas.biz
www.googletagservices.com
www.multisistemas.biz
162.244.82.65
162.244.82.66
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
0644457e66839d658cde6152a46dd17a98b3cb584caf067c08dd8f83eab61045
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
104465f5c844289c30c331d87896d7846e35ac7d9673b7311fa8fd4e679d1ab4
111078804b651aca3c3b24c4ebdc44e5889d4aab4be82dc8f6f0518b9abab13f
1ad77c5226351bd1b9e49876e8739b85d7c5ad29e1e3eaf2ef45493a05ce6842
1d3ae4fd09c4cb66baeb3b8ff967f0a248355af461a27f812862416f2f51df50
234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6
4a86d9220ed9e4ecffa9300f872dac80ada07c2625d7c85fd2a128f2481d7a61
55db8aa3e9ac5b5c46f9e51c104f387ba41a499279084e5c934f50d367132a26
5654eea52dcfd699fd3ef2ce2ea3258560187b85c713ddeb246946256852dadb
578497323185ca1959c8b1210362f497edde70876dd3aa0268e9a5defcec6808
59bdf4a88bee06c7f172cb3142386e4915da53aba3f5024087e1b0662dc4cd94
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6d90a5a7448f457259e4dd338aa1a3eab04b6a97a2904fa1f89369a53456a06a
7ee65ec4e6687e75cf0082dffb5a452a42d4353263efe439959072d89b7f437b
7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798
83c54916208ba4fec97b8c109dc1d26f5e2231ced12bee8032864c219b7d14e4
8a364aa6e346f6fba3a0a36f00cfea8d1333f8c01859d81ffc461dd2c47f00dd
904007b6d4b4b9ca3957ef2609b19120bf059fbd28eedc6c9d01d05ae1f74af7
93341c62500c6d7b82552ee5750d2311533c6b823a6d8d3247b1e6f0b4000342
93ab392188dc0fd15afe9546a0e6fb70efc2a131bb5f4a8e241d9f7ff989062a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
d5f2c4c69ee52e7d50983a11cd54477e816d1e0938546853180169eaf2301058
d7d4b281a42f81530e2c26c83963e9b796d488b4c9e2e8c6161233c5fba05380
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f8e5869cab68091d8dd70aec587239f5cc263b22bcde232ba7c67d867f2742
e7df3c9e5ab7a3339bc8e9cd6ef28d0bdb965222180adc3c520e1448dfe9e568
e949ca9351f956872e983684cf89cae0f5f6bc4367e8d2e1171d1980561e08e2
f0f4d53bd7889647931444a1c0a5dcc8ed15689737e82ca7835121985320f01f

www.contador.multisistemas.biz Open in urlscan Pro 162.244.82.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

78 %IPv6

9 Domains

13 Subdomains

9 IPs

2 Countries

268 kBTransfer

566 kBSize

2 Cookies

0 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.contador.multisistemas.biz Open in urlscan Pro
162.244.82.65 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

13
Subdomains

9
IPs

2
Countries

268 kB
Transfer

566 kB
Size

2
Cookies

31 HTTP transactions
0 data transactions