aprovapl1731.sinfito.com.br Open in urlscan Pro
213.136.70.54 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://aprovapl1731.sinfito.com.br/
Submission: On March 30 via api (March 30th 2024, 6:17:03 pm UTC) from US — Scanned from US

Summary HTTP 50 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 12 domains to perform 50 HTTP transactions. The main IP is 213.136.70.54, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is aprovapl1731.sinfito.com.br.
TLS certificate: Issued by R3 on March 27th 2024. Valid for: 3 months.

This is the only time aprovapl1731.sinfito.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	213.136.70.54 213.136.70.54	51167 (CONTABO) (CONTABO)
2	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
2	172.67.221.31 172.67.221.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
6	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
3	108.138.128.80 108.138.128.80	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3034::ac43:dd1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
11	142.250.72.110 142.250.72.110	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.65.225 142.250.65.225	15169 (GOOGLE) (GOOGLE)
1	142.251.40.196 142.251.40.196	15169 (GOOGLE) (GOOGLE)
50	18

9 213.136.70.54 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: m1389.contaboserver.net

aprovapl1731.sinfito.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.221.31 (United States)

ASN13335 (CLOUDFLARENET, US)

blob.contato.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.128.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-80.jfk50.r.cloudfront.net

d15k2d11r6t6rl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:dd1f (United States)

ASN13335 (CLOUDFLARENET, US)

beepluginaddons.contato.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.72.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.225 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.196 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 653 www.google.com — Cisco Umbrella Rank: 2	73 KB
9	sinfito.com.br aprovapl1731.sinfito.com.br	64 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 162	263 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
3	cloudfront.net d15k2d11r6t6rl.cloudfront.net	837 KB
3	contato.io blob.contato.io beepluginaddons.contato.io	456 KB
2	gstatic.com fonts.gstatic.com	34 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 182	70 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	274 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	262 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	92 KB
50	12

	Domain	Requested by
13	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	aprovapl1731.sinfito.com.br	aprovapl1731.sinfito.com.br
6	pagead2.googlesyndication.com	aprovapl1731.sinfito.com.br pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	d15k2d11r6t6rl.cloudfront.net	aprovapl1731.sinfito.com.br
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	aprovapl1731.sinfito.com.br connect.facebook.net
2	blob.contato.io	aprovapl1731.sinfito.com.br
2	fonts.googleapis.com	aprovapl1731.sinfito.com.br
1	www.google.com	tpc.googlesyndication.com
1	www.facebook.com	aprovapl1731.sinfito.com.br
1	www.google-analytics.com	www.googletagmanager.com
1	beepluginaddons.contato.io	aprovapl1731.sinfito.com.br
1	www.googletagmanager.com	aprovapl1731.sinfito.com.br
50	15

This site contains links to these domains. Also see Links.

Domain
chat.whatsapp.com
www.camara.leg.br

Subject Issuer	Validity	Valid
aprovapl1731.sinfito.com.br R3	`2024-03-27` - `2024-06-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
contato.io GTS CA 1P5	`2024-03-02` - `2024-05-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-08` - `2024-04-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://aprovapl1731.sinfito.com.br/
Frame ID: 62AA5C7C461814A5CAE7F6E17E0DC66F
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5806931943235597&output=html&adk=1812271804&adf=3025194257&lmt=1711822615&plaf=7%3A2&plat=1%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1000_l%7C260x875_r&format=0x0&url=https%3A%2F%2Faprovapl1731.sinfito.com.br%2F&pra=5&wgl=1&easpi=1&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711822615004&bpp=5&bdt=584&idt=430&shv=r20240327&mjsv=m202403250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4971488313616&frm=20&pv=2&ga_vid=253015250.1711822615&ga_sid=1711822615&ga_hid=30242055&ga_fc=1&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081564%2C31082197%2C44795921%2C95326317%2C95322183%2C95328825&oid=2&pvsid=3795825122010087&tmod=1336610741&uas=0&nvt=1&fsapi=1&fc=1920&brdim=440%2C440%2C440%2C440%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=480
Frame ID: B3C1A80E7D8C972383180D1BBEDDE008
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/zrt_lookup_fy2021.html
Frame ID: B40EAC99000B4B11A0B63AFB1049E3D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/zrt_lookup_fy2021.html
Frame ID: 391E506F33832E310A806B7EBC1436C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1946292D2FEF71DD067BF808FFFBB810
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 194CDA94A944DDB0818D95A5DE4912BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

APROVA PL 988

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

50
Requests

98 %
HTTPS

53 %
IPv6

12
Domains

15
Subdomains

18
IPs

2
Countries

1893 kB
Transfer

2988 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://chat.whatsapp.com/EnUvnz47PTnFWSI3GLyRJ7

Search URL Search Domain Scan URL

URL: https://www.camara.leg.br/enquetes/1195593

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
aprovapl1731.sinfito.com.br/ 16 KB
6 KB 776ms
182ms Document
text/html 213.136.70.54
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://aprovapl1731.sinfito.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.70.54 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m1389.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c4341beebd35e80d6af4f49c9776f14220eb97a43a263e33171167e2a46f87da

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
content-encoding: gzip
content-length: 5803
content-type: text/html; charset=utf-8
date: Sat, 30 Mar 2024 18:16:53 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.0
x-powered-by: ASP.NET

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 116ms
48ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 30 Mar 2024 18:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 30 Mar 2024 18:11:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Mar 2024 18:16:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1002 B 114ms
47ms Stylesheet
text/css 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 30 Mar 2024 18:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 30 Mar 2024 16:18:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Mar 2024 18:16:54 GMT

GET
H3 200 WhatsApp.svg
blob.contato.io/machine-files/all-images/ 27 KB
21 KB 158ms
28ms Image
image/svg+xml 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blob.contato.io/machine-files/all-images/WhatsApp.svg
Requested by: Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ba6c87d63d4fe3f052a9bf4ed349642e1179432770e5e18eb860b552dc4b264

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Mar 2024 18:16:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: IoPAmJJMXBXe295n150INQ==
age: 5044
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Mon, 18 Mar 2019 20:04:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mwcKR1nEPgmPz3zHLrmCruNyA6psUpyZjmYI2ZbGL7J3SmUOL8ihhVqMQUIRfLKMxOTLWA3l8ZGbUP5IEaGfV9XaJ32JI4yyFyNdClyQ7iGnqfBFTMigKZ5exyGnXJT0Gwc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6ef2518d-801e-0051-3951-77e40f000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 86ca17edd9554bc3-BUF

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
92 KB 219ms
70ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7F5RBN16XF

Requested by

Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51967051007134faa7f09ce4abf735b4eab7bd0af981198fa57d4ebf72625315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94264
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 30 Mar 2024 18:16:54 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 240ms
99ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5806931943235597

Requested by

Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

f77ab70819ba86eb9bf58037ada33a91d7444ea8f89edeab26360bdb4fa4cd52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
Origin: https://aprovapl1731.sinfito.com.br
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50926
x-xss-protection: 0
server: cafe
etag: 18008037499873374012
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 30 Mar 2024 18:16:54 GMT

GET
H2 200 Brasil%20unido%20em%20prol%20do%20piso%20nacional%20dos%20Fisioterapeutas%20e%20Terapeutas%20Ocupacionais%20%2819%29.png
d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/7ba73aaa-3da9-4cf1-abf2-ccc85dea5875/uid_2283797/ 483 KB
484 KB 384ms
268ms Image
image/png 108.138.128.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/7ba73aaa-3da9-4cf1-abf2-ccc85dea5875/uid_2283797/Brasil%20unido%20em%20prol%20do%20piso%20nacional%20dos%20Fisioterapeutas%20e%20Terapeutas%20Ocupacionais%20%2819%29.png
Requested by: Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-80.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dcdb974e14984436c8efadb8b6400302e6849d54623c72a604948fe82f925396

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:01:53 GMT
via: 1.1 cd958e502c6aea704f0f824e60431e72.cloudfront.net (CloudFront)
last-modified: Wed, 27 Mar 2024 20:50:55 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 902
etag: "78aa5bd1da496a93522910c95fe45abd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 494756
x-amz-cf-id: ikXA8LxXmh3Je5whFT9DvgD-p7z0T0PCy1gG69hNgSJt_l78qFQ3wA==

GET
H2 200 Brasil%20unido%20em%20prol%20do%20piso%20nacional%20dos%20Fisioterapeutas%20e%20Terapeutas%20Ocupacionais%20%284%29.png
d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/7ba73aaa-3da9-4cf1-abf2-ccc85dea5875/uid_2283797/ 349 KB
349 KB 257ms
142ms Image
image/png 108.138.128.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/7ba73aaa-3da9-4cf1-abf2-ccc85dea5875/uid_2283797/Brasil%20unido%20em%20prol%20do%20piso%20nacional%20dos%20Fisioterapeutas%20e%20Terapeutas%20Ocupacionais%20%284%29.png
Requested by: Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-80.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e74d144e6034f4fec88406f010b225062fd2e5ab01db934a4d5e8e42c17d147c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:01:53 GMT
via: 1.1 cd958e502c6aea704f0f824e60431e72.cloudfront.net (CloudFront)
last-modified: Fri, 25 Aug 2023 10:05:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 902
x-amz-server-side-encryption: AES256
etag: "a4ded4e4af89aa5fe051b6adb2062973"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 356873
x-amz-cf-id: 6dqt17lD6-OQfJ6hJa765fBYuzsSi2NTQwjsQ6b6KMaI-Yho4AmGlQ==

GET
H2 200 base-script.js Show response
beepluginaddons.contato.io/scripts/ 3 KB
2 KB 407ms
262ms Script
application/javascript 2606:4700:3034::ac43:dd1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beepluginaddons.contato.io/scripts/base-script.js
Requested by: Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:dd1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ARR/3.0, ASP.NET
Resource Hash: ec524f47beda7b12cf6265979fe5320d0ee82b6ed842a8aeef77a12faad4ef9f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:54 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 28 Dec 2023 21:56:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b19-18cb26df5c0"
x-powered-by: ARR/3.0, ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AtGql6jjVg1l2RTl4ypcU7%2FTXKuTpO10Xor49W4PeC11BCH15E3%2FRpaSjzCvIWZHc8bazTBJOi4MfOChl4EEUvW3NB%2FzLGGuqvE0dTa4gM7%2FyvSHAcS0rx5%2FRn6pMnqDbroZ3qYBBWeq8xWWlXvWBpd4vQiykaHk8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 86ca17edee554bcf-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 beefree-pages-overwrites
aprovapl1731.sinfito.com.br/Content/ 275 B
303 B 328ms
307ms Stylesheet
text/css 213.136.70.54
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://aprovapl1731.sinfito.com.br/Content/beefree-pages-overwrites?v=KtTlqPGC4p3e40yCX4jAUkaKtaZ3PiNPrHp45nXIx341
Requested by: Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.70.54 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m1389.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ad7be3af20b2c3024e17c4f95cff5c2bc9640edc2e30c7b8817e365efaf6f8eb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:54 GMT
content-encoding: gzip
last-modified: Sat, 30 Mar 2024 18:16:55 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-max-age: 1728000
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cache-control: public
access-control-allow-headers: *
content-length: 256
expires: Sun, 30 Mar 2025 18:16:55 GMT

GET
H2 200 jquery-351 Show response
aprovapl1731.sinfito.com.br/bundles/ 87 KB
40 KB 316ms
296ms Script
text/javascript 213.136.70.54
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://aprovapl1731.sinfito.com.br/bundles/jquery-351?v=LYwc5OxGSW7ZpkTf7ckY3GOdqafOvzeknRc1cFb3gaI1
Requested by: Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.70.54 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m1389.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 90a5d852e7b743833126df2dafc092d4a2a59fd1a4cceb98412eda984dc065a5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:54 GMT
content-encoding: gzip
last-modified: Sat, 30 Mar 2024 18:16:55 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-max-age: 1728000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cache-control: public
access-control-allow-headers: *
content-length: 40527
expires: Sun, 30 Mar 2025 18:16:55 GMT

GET
H2 200 page-views Show response
aprovapl1731.sinfito.com.br/bundles/ 357 B
402 B 323ms
306ms Script
text/javascript 213.136.70.54
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://aprovapl1731.sinfito.com.br/bundles/page-views?v=RFS_9pcQpAX3kK36TH6nfMX6edR9IzqGFT5-MduLznc1
Requested by: Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.70.54 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m1389.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 730458e207108233af8e957278708556f83f3ea6288c700da49a410d5ada78f8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:54 GMT
content-encoding: gzip
last-modified: Sat, 30 Mar 2024 18:16:55 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-max-age: 1728000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cache-control: public
access-control-allow-headers: *
content-length: 355
expires: Sun, 30 Mar 2025 18:16:55 GMT

GET
H2 200 capture-css-component
aprovapl1731.sinfito.com.br/Content/ 418 B
435 B 205ms
185ms Stylesheet
text/css 213.136.70.54
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://aprovapl1731.sinfito.com.br/Content/capture-css-component?v=N_BHify-8HhgPo6IORhrzVQgZZJBfqLMEhzkzzoPmA01
Requested by: Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.70.54 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m1389.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8c3fba3915fbe9cbd21ca6ba73f60eecacec64eea13ea79c43e2e71f24641320

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:54 GMT
content-encoding: gzip
last-modified: Sat, 30 Mar 2024 18:16:55 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-max-age: 1728000
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cache-control: public
access-control-allow-headers: *
content-length: 370
expires: Sun, 30 Mar 2025 18:16:55 GMT

GET
H2 200 capture-script-component Show response
aprovapl1731.sinfito.com.br/bundles/ 16 KB
4 KB 321ms
305ms Script
text/javascript 213.136.70.54
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://aprovapl1731.sinfito.com.br/bundles/capture-script-component?v=isv88CmZ9dQG-mOEY9kHB_XPODUSUwEUfTz-1abBOnY1
Requested by: Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.70.54 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m1389.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 62ed06b357f4610b1b7225b097a91d17184e3f3a67d7df574dd31a7df39a7d4b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:54 GMT
content-encoding: gzip
last-modified: Sat, 30 Mar 2024 18:16:55 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-max-age: 1728000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cache-control: public
access-control-allow-headers: *
content-length: 3943
expires: Sun, 30 Mar 2025 18:16:55 GMT

GET
H2 200 cleave Show response
aprovapl1731.sinfito.com.br/bundles/ 33 KB
13 KB 201ms
186ms Script
text/javascript 213.136.70.54
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://aprovapl1731.sinfito.com.br/bundles/cleave?v=z6aLQf9LMoQYlbBUWXT2gmO-z3-3c6PPBNnKgxDmzv81
Requested by: Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.70.54 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m1389.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42e3910cb1dfa992cae10d041d44e530cf63bf27eab0ddb0da41a5cf335301c2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:54 GMT
content-encoding: gzip
last-modified: Sat, 30 Mar 2024 18:16:55 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-max-age: 1728000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cache-control: public
access-control-allow-headers: *
content-length: 13428
expires: Sun, 30 Mar 2025 18:16:55 GMT

GET
H2 200 ll-fields-mask Show response
aprovapl1731.sinfito.com.br/bundles/ 486 B
547 B 199ms
184ms Script
text/javascript 213.136.70.54
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://aprovapl1731.sinfito.com.br/bundles/ll-fields-mask?v=N8DZXC3DCNLuY35Ib01g1Bve1k4f3QGhhH08hgBzCLg1
Requested by: Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.70.54 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m1389.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e596e36b239dbf027cd2073cf58516273d99154b55d01760183294bac34c11a4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:54 GMT
content-encoding: gzip
last-modified: Sat, 30 Mar 2024 18:16:55 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent,Accept-Encoding
access-control-max-age: 1728000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
cache-control: public
access-control-allow-headers: *
content-length: 382
expires: Sun, 30 Mar 2025 18:16:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 174ms
31ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 30 Mar 2024 18:16:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58040
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=12, mss=1294, tbw=2790, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: zcjPozIOCbYWS54Lgz6H918vYiRdtEk2vf89jrYRqr+oqnGdU+S47b4aBBO6xw0U1/FBGHwKd7ZMc6dQ6v+CMw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 198ms
46ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://aprovapl1731.sinfito.com.br
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 09:11:58 GMT
x-content-type-options: nosniff
age: 291896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 09:11:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 185ms
35ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://aprovapl1731.sinfito.com.br
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 08:56:32 GMT
x-content-type-options: nosniff
age: 292822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 08:56:32 GMT

GET
H2 200 3098451003793455 Show response
connect.facebook.net/signals/config/ 55 KB
12 KB 88ms
87ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3098451003793455?v=2.9.151&r=stable&domain=aprovapl1731.sinfito.com.br&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba164be8a075f74cd1287e9c0304d7d88d19e309474218dc1981cfd0536576ce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 30 Mar 2024 18:16:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=64, mss=1294, tbw=63179, tp=-1, tpl=-1, uplat=61, ullat=1
pragma: public
x-fb-debug: KkqZ5fRLWGMwqiqPgE5K2WYc820eQWY3naA/TEfQw/uTdE5pAj9NqkElxIhIhHT5pESo5+EfIVX5cvYwvwYAqA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/ 407 KB
138 KB 161ms
112ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5806931943235597

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

ee79f803225857cec811281c24d35460e3917363c3a9f3ccf6a4f5857b509afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141417
x-xss-protection: 0
server: cafe
etag: 15584447750450052148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Mar 2024 18:16:55 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
262 B 103ms
41ms Ping
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7F5RBN16XF&gtm=45je43r0v888619742za200&_p=1711822614548&gcd=13l3l3l3l1&npa=0&dma=0&cid=253015250.1711822615&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711822615&sct=1&seg=0&dl=https%3A%2F%2Faprovapl1731.sinfito.com.br%2F&dt=APROVA%20PL%20988&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1439
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7F5RBN16XF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 30 Mar 2024 18:16:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://aprovapl1731.sinfito.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 100ms
27ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3098451003793455&ev=PageView&dl=https%3A%2F%2Faprovapl1731.sinfito.com.br%2F&rl=&if=false&ts=1711822615181&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.2.1711822615173.878704721&ler=empty&cdl=API_unavailable&it=1711822614883&coo=false&rqm=GET

Requested by

Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1294, tbw=2782, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 30 Mar 2024 18:16:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 AddPageViewScript Show response
aprovapl1731.sinfito.com.br/Pages/ 4 B
132 B 167ms
164ms XHR
application/json 213.136.70.54
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://aprovapl1731.sinfito.com.br/Pages/AddPageViewScript
Requested by: Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/bundles/jquery-351?v=LYwc5OxGSW7ZpkTf7ckY3GOdqafOvzeknRc1cFb3gaI1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 213.136.70.54 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m1389.contaboserver.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://aprovapl1731.sinfito.com.br/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:54 GMT
x-aspnetmvc-version: 5.0
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-max-age: 1728000
access-control-allow-methods: GET, HEAD, POST, DEBUG, PUT, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: *
content-length: 4

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame B3C1 0
0 562ms
507ms Document
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5806931943235597&output=html&adk=1812271804&adf=3025194257&lmt=1711822615&plaf=7%3A2&plat=1%3A16777216%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x1000_l%7C260x875_r&format=0x0&url=https%3A%2F%2Faprovapl1731.sinfito.com.br%2F&pra=5&wgl=1&easpi=1&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711822615004&bpp=5&bdt=584&idt=430&shv=r20240327&mjsv=m202403250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4971488313616&frm=20&pv=2&ga_vid=253015250.1711822615&ga_sid=1711822615&ga_hid=30242055&ga_fc=1&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081564%2C31082197%2C44795921%2C95326317%2C95322183%2C95328825&oid=2&pvsid=3795825122010087&tmod=1336610741&uas=0&nvt=1&fsapi=1&fc=1920&brdim=440%2C440%2C440%2C440%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=480

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aprovapl1731.sinfito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 63846
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Mar 2024 18:16:56 GMT
expires: Sat, 30 Mar 2024 18:16:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 85ms
84ms Image
image/gif 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=wpp-btn-fixo&ign=false&pw=1600&ph=1113&x=1575&y=1088

Requested by

Host: aprovapl1731.sinfito.com.br
URL: https://aprovapl1731.sinfito.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 30 Mar 2024 18:16:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/ 167 KB
56 KB 105ms
103ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

9c27feed1fea2b150c40fc7256499d36603250ff839c00c38dab2175ea956db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57635
x-xss-protection: 0
server: cafe
etag: 4403399459029027583
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Mar 2024 18:16:56 GMT

GET
H2 200 ca-pub-5806931943235597 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 147ms
65ms Script
application/javascript 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5806931943235597?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

773308fa40399e305cd3df30e4ca2098c56953a166d9495a60bd0ff0c6a53534

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-gH1scF-z2RsBHZFYqIMyFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:56 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-gH1scF-z2RsBHZFYqIMyFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTDMWPdwg1sAh-WHW9iBADc1jEc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/ Frame B40E 0
0 29ms
28ms Document
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aprovapl1731.sinfito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 8093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Mar 2024 16:02:03 GMT
etag: 5035419970550746386
expires: Sat, 13 Apr 2024 16:02:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/ Frame 391E 0
0 35ms
33ms Document
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aprovapl1731.sinfito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 8093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Mar 2024 16:02:03 GMT
etag: 5035419970550746386
expires: Sat, 13 Apr 2024 16:02:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWdFT08nllgPk5VO_BX-lor-cBmZ9iOuYeQPsTlUvmo4YnKFTLS5XObO92jTUJry1wdQf_4vrFetQfnaDXoxAj9Dagz7HEDMEtTbJ9qFduRPIFiba3u52Kzo6kcCq9MHPjmW7prsA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 68ms
67ms Script
application/javascript 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWdFT08nllgPk5VO_BX-lor-cBmZ9iOuYeQPsTlUvmo4YnKFTLS5XObO92jTUJry1wdQf_4vrFetQfnaDXoxAj9Dagz7HEDMEtTbJ9qFduRPIFiba3u52Kzo6kcCq9MHPjmW7prsA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExODIyNjE2LDUyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9hcHJvdmFwbDE3MzEuc2luZml0by5jb20uYnIvIixudWxsLFtbOCwiUnlubzRGRDlpVEUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3ca23ee3fc9c6421a9ddcef26dacd918813301ed483684ec6ad79581dc7d79f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6MZ3DA5tctdpGeQ8aT6yHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-6MZ3DA5tctdpGeQ8aT6yHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTDMWPdwg1sAj9-3OlnAgDgaDGd"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
fundingchoicesmessages.google.com/f/AGSKWxUbwk5XHLnoBdL3wRzWXwSueW12YI-YgZm_kqPAYTNzg2EvMsEVEaLaM_39jdgBApXFmUItRDivSsANLmr2S736vw8tEs5MnL7TfZhh5GVqLe1TeN7FQY7L8Fxin4rLTsk50EpMYk8-RkTtzCvKTjs_fc0yV... 54 B
110 B 53ms
52ms Script
application/javascript 142.250.72.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUbwk5XHLnoBdL3wRzWXwSueW12YI-YgZm_kqPAYTNzg2EvMsEVEaLaM_39jdgBApXFmUItRDivSsANLmr2S736vw8tEs5MnL7TfZhh5GVqLe1TeN7FQY7L8Fxin4rLTsk50EpMYk8-RkTtzCvKTjs_fc0yVtkLMPR7mBSeYztI2Kub0R_XDdauq06s/_/adsenceSearchTop./adhost._adbox_/adyard._ads/mobile/

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMy7cSXtGgaSzwhyAa1SgDG3tjt8eQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f14.1e100.net

Software

ESF /

Resource Hash

824b298f09e19ab08743bc7fd927cb443cd92384740e55df54595e7c174a238b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VYSKL3uM4WdFnsTcoAL2kQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-VYSKL3uM4WdFnsTcoAL2kQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTDMXPdwg1sAgeefl3KCADc2TF7"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 24ms
23ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 17:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 30 Mar 2024 18:46:32 GMT

POST
H3 204 AGSKWxWLUU7nfJJc0nKFOKj240RN_cs6ySd-UWHSSFKKY5WsNwCaVHhec7B_ipdRjAztoRSoS66PWRSjEnbS1k7KQnWUhBqZiM1kNCO0CBrCP9FWqZFraQwbbgEWmBO4xEafPtsEfyl4pA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 131ms
62ms XHR
text/html 142.250.72.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWLUU7nfJJc0nKFOKj240RN_cs6ySd-UWHSSFKKY5WsNwCaVHhec7B_ipdRjAztoRSoS66PWRSjEnbS1k7KQnWUhBqZiM1kNCO0CBrCP9FWqZFraQwbbgEWmBO4xEafPtsEfyl4pA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gacf5w2PPOAmerVscTPLKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Mar 2024 18:16:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-gacf5w2PPOAmerVscTPLKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0ZBiqGV4xtQKxE7pM1hDgFiIh2PmuoUb2ARWzL54ghEAxCQMIA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aprovapl1731.sinfito.com.br
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWLUU7nfJJc0nKFOKj240RN_cs6ySd-UWHSSFKKY5WsNwCaVHhec7B_ipdRjAztoRSoS66PWRSjEnbS1k7KQnWUhBqZiM1kNCO0CBrCP9FWqZFraQwbbgEWmBO4xEafPtsEfyl4pA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hHigv2JmkXdV7H7Dp7JBHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Mar 2024 18:16:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-hHigv2JmkXdV7H7Dp7JBHA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BiqGV4xtQKxE7pM1hDgFiIh2PmuoUb2AQ6dmw5zQgAw-sMBQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aprovapl1731.sinfito.com.br
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWLUU7nfJJc0nKFOKj240RN_cs6ySd-UWHSSFKKY5WsNwCaVHhec7B_ipdRjAztoRSoS66PWRSjEnbS1k7KQnWUhBqZiM1kNCO0CBrCP9FWqZFraQwbbgEWmBO4xEafPtsEfyl4pA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kQQTU_N5ZUP8Hnuqq8DtOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Mar 2024 18:16:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-kQQTU_N5ZUP8Hnuqq8DtOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1hDgFiIh2PmuoUb2AROzP5_ihEAxbgMcw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aprovapl1731.sinfito.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWLUU7nfJJc0nKFOKj240RN_cs6ySd-UWHSSFKKY5WsNwCaVHhec7B_ipdRjAztoRSoS66PWRSjEnbS1k7KQnWUhBqZiM1kNCO0CBrCP9FWqZFraQwbbgEWmBO4xEafPtsEfyl4pA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4326vYvMzYKvc9z13l_3iQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Mar 2024 18:16:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-4326vYvMzYKvc9z13l_3iQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw05BiqGV4xtQKxE7pM1hDgFiIh2PmuoUb2AR2bHh4khEAxC4MUA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aprovapl1731.sinfito.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU2PL6lDjZ9OIuz8UGj43OTMh6RAiIN7-PIwz8XiZW4CXRtcPGKzr15PMcyyweTCLWqaLDtDveBmMvToQXe7D8zu3v78RBTK1M2uLqjcdJA2X6dw5NpqaA8VGy2KlnHCG20g6O7hw== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 59ms
58ms Script
application/javascript 142.250.72.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU2PL6lDjZ9OIuz8UGj43OTMh6RAiIN7-PIwz8XiZW4CXRtcPGKzr15PMcyyweTCLWqaLDtDveBmMvToQXe7D8zu3v78RBTK1M2uLqjcdJA2X6dw5NpqaA8VGy2KlnHCG20g6O7hw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExODIyNjE3LDM3NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYXByb3ZhcGwxNzMxLnNpbmZpdG8uY29tLmJyLyIsbnVsbCxbWzgsIlJ5bm80RkQ5aVRFIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f14.1e100.net

Software

ESF /

Resource Hash

d9577fbda3e325589929965c3cbe54d318ce22c42cf2ddceda86a4120bb0ce12

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-sU4KXnZ-e2jodcWrwXlhZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-sU4KXnZ-e2jodcWrwXlhZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTDMXPdwg1sAg3fZ59gBADiOTEm"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWLUU7nfJJc0nKFOKj240RN_cs6ySd-UWHSSFKKY5WsNwCaVHhec7B_ipdRjAztoRSoS66PWRSjEnbS1k7KQnWUhBqZiM1kNCO0CBrCP9FWqZFraQwbbgEWmBO4xEafPtsEfyl4pA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PXzxFy_SwqVzlbHbWOMv9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Mar 2024 18:16:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PXzxFy_SwqVzlbHbWOMv9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0ZBiqGV4xtQKxE7pM1hDgFiIh2PmuoUb2AQ-rPz8gREAxnoMwA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aprovapl1731.sinfito.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVVwObyzuqB2fgGM2ODd5cWKfzMJbIcgtGdryrctFJXWh28Q9q9afZCapfTSndogDiwFhjf6XTJ1xfitLKD8ghXkmty-keDYhZF7WEyOHUO-GV_P5fqd6TZaSXgE9bvAlR5LpzCWw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 59ms
58ms Script
application/javascript 142.250.72.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVVwObyzuqB2fgGM2ODd5cWKfzMJbIcgtGdryrctFJXWh28Q9q9afZCapfTSndogDiwFhjf6XTJ1xfitLKD8ghXkmty-keDYhZF7WEyOHUO-GV_P5fqd6TZaSXgE9bvAlR5LpzCWw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExODIyNjE3LDQ3MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYXByb3ZhcGwxNzMxLnNpbmZpdG8uY29tLmJyLyIsbnVsbCxbWzgsIlJ5bm80RkQ5aVRFIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f14.1e100.net

Software

ESF /

Resource Hash

b374c9dcf52df47ec41f8534df2217f88ed5dcacdebc8a5d7beb3e93c1bccc0c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--SsRLkvhYUL_ZbnEJrgq8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:57 GMT
content-security-policy: script-src 'report-sample' 'nonce--SsRLkvhYUL_ZbnEJrgq8Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTDMXPdwg1sAivmfv7CCADcSzFp"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWBJ1PShnsz8P-gNBY3juH5R7OtjkmFqS7TbebSzzsejSS0ToMSdFO6dj2yudk8YERGJODKphAY0tucTVN4rQO6KCczntXA5zliaa8Xm99wNEh2IxVMdnYxK6-9YEn1qD5Er8CJeg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 63ms
62ms Script
application/javascript 142.250.72.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWBJ1PShnsz8P-gNBY3juH5R7OtjkmFqS7TbebSzzsejSS0ToMSdFO6dj2yudk8YERGJODKphAY0tucTVN4rQO6KCczntXA5zliaa8Xm99wNEh2IxVMdnYxK6-9YEn1qD5Er8CJeg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExODIyNjE3LDY0MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwicHQtUFQiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9hcHJvdmFwbDE3MzEuc2luZml0by5jb20uYnIvIixudWxsLFtbOCwiUnlubzRGRDlpVEUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f14.1e100.net

Software

ESF /

Resource Hash

67891c27f6469e15b6ccc0269599913ed2518e8df928ff38d25637d59bffd0c0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-cgbaixx9RXs2DnPqEx6xYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-cgbaixx9RXs2DnPqEx6xYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otAnPzvPGspEAvxcMxct3ADm8CJzQ1HmQCRezWH"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWp1LvvN2t5LkcuMByH0TaiLnwLPlHLkNbW-m7BhtkE5CCnOYy3zDrDHB5MHZs_vCO-Ax4b3VvbI4bbnwN8aDFpoiQYWfRl3ezya-VVe3N_E3XFDrBXCk0HbKD3d3QMGJsvQ1Qjeg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 56ms
55ms XHR
text/html 142.250.72.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWp1LvvN2t5LkcuMByH0TaiLnwLPlHLkNbW-m7BhtkE5CCnOYy3zDrDHB5MHZs_vCO-Ax4b3VvbI4bbnwN8aDFpoiQYWfRl3ezya-VVe3N_E3XFDrBXCk0HbKD3d3QMGJsvQ1Qjeg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UgMoqSQB7ogGyghax0YBNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Mar 2024 18:16:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-UgMoqSQB7ogGyghax0YBNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBiqGV4xtQKxE7pM1hDgFiIh2PmuoUb2AROPO3_xAQAxGsMaw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aprovapl1731.sinfito.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWLUU7nfJJc0nKFOKj240RN_cs6ySd-UWHSSFKKY5WsNwCaVHhec7B_ipdRjAztoRSoS66PWRSjEnbS1k7KQnWUhBqZiM1kNCO0CBrCP9FWqZFraQwbbgEWmBO4xEafPtsEfyl4pA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-59Idi1-fidhMxCV49am_sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 30 Mar 2024 18:16:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-59Idi1-fidhMxCV49am_sg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1hDgFiIh2PmuoUb2AQu9G3-wgQAxR0MTQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://aprovapl1731.sinfito.com.br
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 109ms
107ms XHR
application/json 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240327&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

473e4bbdf0fa5683ef505565ccf17864c88ac389e125b8a4ed62d4ce6bec58cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12201
x-xss-protection: 0

GET
H3 200 machine-615101-favicon.png
blob.contato.io/machines-favicon/ 432 KB
433 KB 19ms
18ms Other
application/octet-stream 172.67.221.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blob.contato.io/machines-favicon/machine-615101-favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4006a67c010c98b15bbca995c7ddd8f151931e61670e0a1f0a943b21dc4105a8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 30 Mar 2024 18:16:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: pUeBfhCgz9ruJvcm3+euow==
age: 902
alt-svc: h3=":443"; ma=86400
content-length: 442427
x-ms-lease-status: unlocked
last-modified: Sun, 17 Dec 2023 17:53:58 GMT
server: cloudflare
etag: 0x8DBFF2925707A9B
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3oNCYsNs01BMox0Bn7cFVXIgm5vOSzPYvFyp29Iudv0ZSktIHoau1stzU9G7zXxGBV1YGf4VsDVNEp0vErZUBdrN%2BNytAN2zxoSx6vBauTEa7NUMmcq4XpHMd%2BpS86ksEQY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: af22792d-701e-0008-12cc-82638c000000
cache-control: max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 86ca1800f9004bc3-BUF

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 214ms
38ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Mar 2024 18:16:58 GMT

GET
H2 200 Brasil_unido_em_prol_do_piso_nacional_dos_Fisioterapeutas_e_Terapeutas_Ocupacionais_Video_para_dispositivos_moveis_3-222106-32-icon.png
d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/7ba73aaa-3da9-4cf1-abf2-ccc85dea5875/uid_2283797/favicon_images/ 3 KB
3 KB 125ms
19ms Other
image/png 108.138.128.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15k2d11r6t6rl.cloudfront.net/public/users/Integrators/7ba73aaa-3da9-4cf1-abf2-ccc85dea5875/uid_2283797/favicon_images/Brasil_unido_em_prol_do_piso_nacional_dos_Fisioterapeutas_e_Terapeutas_Ocupacionais_Video_para_dispositivos_moveis_3-222106-32-icon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-80.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4a9355b39c18f88d1b7218a7958e2e97cd4ba487274569fb46ff381983364bf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://aprovapl1731.sinfito.com.br/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 18:01:57 GMT
via: 1.1 cd958e502c6aea704f0f824e60431e72.cloudfront.net (CloudFront)
last-modified: Sun, 17 Dec 2023 17:59:35 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 902
x-amz-server-side-encryption: AES256
etag: "cd49ebcd59229d2887a64d9f0d4665f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3127
x-amz-cf-id: Rrdv8rCln2MXohgXnoDkmFKIaZXAmt5KESREeVCAT_TRWCk2FqrT-w==

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1946 0
0 45ms
35ms Document
text/html 142.250.65.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aprovapl1731.sinfito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 240577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Mar 2024 23:27:21 GMT
expires: Thu, 27 Mar 2025 23:27:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 194C 0
0 142ms
54ms Document
text/html 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.196 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z9GGJhIRXHL9MntqA-ywwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://aprovapl1731.sinfito.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-z9GGJhIRXHL9MntqA-ywwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 30 Mar 2024 18:16:58 GMT
expires: Sat, 30 Mar 2024 18:16:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240327&jk=3795825122010087&bg=!xsWlxYrNAAYQOWS2MDk7ADQBe5WfOHUuBcTA53Bn-PXsyJlLlDtjsfKX1v4T-iD7Q1VxzYgkd3vJZLPSLhEGSpNyLMY7AgAAAJxSAAAABGgBB34ANfXtC4LyUvFLxtdJ7npfgzI48zXBMC32ZLkYo5heTOxkEXp564LG1y4C5ssM6O9eUcCJHVwDmQKk98mDbVYB20QK6udsYL3Ml2Swn_xIpGuhk-8DCaxSJDpxXd0VA6ILejWDmJw5bsSn525fp0VD9niIJPaZf7MS8crGEC7xFKd_kWtRuDHzpV9_uIkR1Aiy8Pe0A6zy0TQ1ssKmmgn6_oa9AewJTkg0grCb9VBV0bOlDGRfZ0zDCmBgBgwpG28jXBCYYd8IlqHBO2pVg_meit-Nw8eTS0ysJhbOU2dWAdvTvq-cfS6AuSoc5gioDgoESH7QpW2C3P7kt2dNjzOKrhmrTuYFfmwxAqJ47QVsyGLQ36oEC_32MtbVPHVqXOXA2a8Y3F548spdsZgdUzTPYprzuV7UB8AhVicBwI-5j3Zb6MnglpAjsQXzvWmUTn5XoUfpKRjQdg2gk59zVrHA6Q6-ZCNAeBDYO28cCjAiZj6_NWGf_vs7AjduTs627_hiMNJB14aiiDyrEEiVw6L79kOGNxwwr1AdrKTGflIlI6w3jSkFNGqHEte4nyFZLLaMkhuE8Pf3d5_5QqDBDEqBrBn5ig5uG2igNRGq75ZaqRqB9UAOWufUKLgRKG7sxS3IJQ4mAbcs0t4HmeuWl9bK1I4wA9jtZaitf-oQV6er0c1aB0CIQxi0NWf398toc2X_cUSb8R6Q3UpLsoWn4iQFDe9b9EzOjVoOSL40iRhyrFhrinLD1fpYxZVF8SsNWst3-BP0VLwGWKTNCMYZYOhuNTmbNnvcVqFBAl1iQEORxMuA_Rm_atn5IEZ1doU2_NP2t08ZZebiXD9JwhApiHyQdo_apAGiYdiZW4__TzBLeWXyXlbagDvVEzzAgdmoYVyBRYBQ_2CsPaPoZr21rJbv8XdmZdsOUeyJJ0X_k0eAZ_wIL-uNoeftMT-DZd3Y5qbT1nA_hyYUtH_GcTG9SA

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
aprovapl1731.sinfito.com.br/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: g1txtnll121adysoqwetjwvz
.sinfito.com.br/	1970-01-21 05:06:22	Name: _ga_7F5RBN16XF Value: GS1.1.1711822615.1.0.1711822615.0.0.0
.sinfito.com.br/	1970-01-21 05:06:22	Name: _ga Value: GA1.1.253015250.1711822615
.sinfito.com.br/	1970-01-20 21:39:58	Name: _fbp Value: fb.2.1711822615173.878704721
aprovapl1731.sinfito.com.br/	1970-01-21 05:06:22	Name: llbrMachine_615101 Value: 20359040=20359040
.doubleclick.net/	1970-01-21 05:06:22	Name: IDE Value: AHWqTUlakntMmofJpkV306zsAyiSv0qWmpyJoE5eCCjd_nreEH2HDKpqIIJQODSo
.sinfito.com.br/	1970-01-21 04:51:58	Name: __gads Value: ID=f256fb2fc38412b1:T=1711822615:RT=1711822615:S=ALNI_MZSHbj6LT3FcLNwxleu9YQsOhtdgw
.sinfito.com.br/	1970-01-21 04:51:58	Name: __gpi Value: UID=00000dd7203ddca0:T=1711822615:RT=1711822615:S=ALNI_MbA1sap6uTfbqYetZFnKXM8FtlA-w
.sinfito.com.br/	1970-01-20 23:49:34	Name: __eoi Value: ID=bedbd3d04d5dd9ab:T=1711822615:RT=1711822615:S=AA-AfjaAoypkGgO2vEWhfqslACti
.adnxs.com/	1970-01-21 05:06:22	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 04:15:58	Name: CMID Value: ZghXGUt3uYwAAB8bAEQezwAA
.casalemedia.com/	1970-01-20 21:39:58	Name: CMPS Value: 468
.casalemedia.com/	1970-01-20 21:39:58	Name: CMPRO Value: 468
.doubleclick.net/	1970-01-20 23:49:34	Name: APC Value: AfxxVi6Anh58cYAajjKd2-IvGzXF3oh1gvbSCd2pKG7BB_9nwFDzZw
.doubleclick.net/	1970-01-20 23:49:34	Name: receive-cookie-deprecation Value: 1
.sinfito.com.br/	1970-01-21 04:15:58	Name: FCNEC Value: %5B%5B%22AKsRol8pnRknirgN6bEn74J2K0klLuemK58yc_L-7-AOBaiaU_hKnxzMleansW17q2r1OXbFOFQBnPfL2JgigQzZH95nlErx-oI1x5uDI96DEsYcqSgn-a_xiZm62QLFXiRMBok6pp_osTslArySFHxrYmnVQPWpUA%3D%3D%22%5D%5D

29 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/3098451003793455?v=2.9.151&r=stable&domain=aprovapl1731.sinfito.com.br&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://aprovapl1731.sinfito.com.br/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aprovapl1731.sinfito.com.br
beepluginaddons.contato.io
blob.contato.io
connect.facebook.net
d15k2d11r6t6rl.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
108.138.128.80
142.250.65.225
142.250.72.110
142.251.32.98
142.251.40.194
142.251.40.196
172.67.221.31
2001:4860:4802:36::178
213.136.70.54
2606:4700:3034::ac43:dd1f
2607:f8b0:4006:809::2008
2607:f8b0:4006:809::200e
2607:f8b0:4006:80c::200a
2607:f8b0:4006:81f::2001
2607:f8b0:4006:822::2003
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
4006a67c010c98b15bbca995c7ddd8f151931e61670e0a1f0a943b21dc4105a8
42e3910cb1dfa992cae10d041d44e530cf63bf27eab0ddb0da41a5cf335301c2
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
473e4bbdf0fa5683ef505565ccf17864c88ac389e125b8a4ed62d4ce6bec58cb
51967051007134faa7f09ce4abf735b4eab7bd0af981198fa57d4ebf72625315
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ed06b357f4610b1b7225b097a91d17184e3f3a67d7df574dd31a7df39a7d4b
67891c27f6469e15b6ccc0269599913ed2518e8df928ff38d25637d59bffd0c0
730458e207108233af8e957278708556f83f3ea6288c700da49a410d5ada78f8
773308fa40399e305cd3df30e4ca2098c56953a166d9495a60bd0ff0c6a53534
824b298f09e19ab08743bc7fd927cb443cd92384740e55df54595e7c174a238b
8ba6c87d63d4fe3f052a9bf4ed349642e1179432770e5e18eb860b552dc4b264
8c3fba3915fbe9cbd21ca6ba73f60eecacec64eea13ea79c43e2e71f24641320
90a5d852e7b743833126df2dafc092d4a2a59fd1a4cceb98412eda984dc065a5
9c27feed1fea2b150c40fc7256499d36603250ff839c00c38dab2175ea956db0
ad7be3af20b2c3024e17c4f95cff5c2bc9640edc2e30c7b8817e365efaf6f8eb
b374c9dcf52df47ec41f8534df2217f88ed5dcacdebc8a5d7beb3e93c1bccc0c
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
ba164be8a075f74cd1287e9c0304d7d88d19e309474218dc1981cfd0536576ce
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
c4341beebd35e80d6af4f49c9776f14220eb97a43a263e33171167e2a46f87da
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c4a9355b39c18f88d1b7218a7958e2e97cd4ba487274569fb46ff381983364bf
d9577fbda3e325589929965c3cbe54d318ce22c42cf2ddceda86a4120bb0ce12
dcdb974e14984436c8efadb8b6400302e6849d54623c72a604948fe82f925396
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ca23ee3fc9c6421a9ddcef26dacd918813301ed483684ec6ad79581dc7d79f
e596e36b239dbf027cd2073cf58516273d99154b55d01760183294bac34c11a4
e74d144e6034f4fec88406f010b225062fd2e5ab01db934a4d5e8e42c17d147c
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
ec524f47beda7b12cf6265979fe5320d0ee82b6ed842a8aeef77a12faad4ef9f
ee79f803225857cec811281c24d35460e3917363c3a9f3ccf6a4f5857b509afa
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f77ab70819ba86eb9bf58037ada33a91d7444ea8f89edeab26360bdb4fa4cd52

aprovapl1731.sinfito.com.br Open in urlscan Pro 213.136.70.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

98 %HTTPS

53 %IPv6

12 Domains

15 Subdomains

18 IPs

2 Countries

1893 kBTransfer

2988 kBSize

16 Cookies

2 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aprovapl1731.sinfito.com.br Open in urlscan Pro
213.136.70.54 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

98 %
HTTPS

53 %
IPv6

12
Domains

15
Subdomains

18
IPs

2
Countries

1893 kB
Transfer

2988 kB
Size

16
Cookies

50 HTTP transactions
0 data transactions