dev.queromaisbonus.com.br Open in urlscan Pro
104.208.158.252  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response dev.queromaisbonus.com.br/	4 KB 3 KB	711ms 83ms	Document text/html	104.208.158.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dev.queromaisbonus.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.208.158.252 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash fdc89a869f6d68700cd52ef35ee81f3b2fece6850f8b8195d896e9984b463299 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-cache, private Connection keep-alive Content-Encoding gzip Content-Security-Policy frame-ancestors 'self'; Content-Type text/html; charset=UTF-8 Date Fri, 17 Nov 2023 17:44:08 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Transfer-Encoding chunked Vary Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	login.css dev.queromaisbonus.com.br/css/	18 KB 4 KB	70ms 68ms	Stylesheet text/css	104.208.158.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dev.queromaisbonus.com.br/css/login.css?version=1700243048 Requested by Host: dev.queromaisbonus.com.br URL: https://dev.queromaisbonus.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.208.158.252 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 2306fafb98cdbad4766bd7857d8ec98a382fd61ddf1f6c919d78875b8aed759c Request headers accept-language en-US,en;q=0.9 Referer https://dev.queromaisbonus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma public Date Fri, 17 Nov 2023 17:44:08 GMT Content-Encoding gzip Last-Modified Thu, 29 Jun 2023 18:24:52 GMT ETag W/"649dcc74-4756" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control max-age=31536000, public, must-revalidate, proxy-revalidate Connection keep-alive Expires Sat, 16 Nov 2024 17:44:08 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	204ms 74ms	Script text/javascript	2607:f8b0:4006:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LcD6TQcAAAAAB4kNC3W2-JytWKSVU5W4m-LOcsV Requested by Host: dev.queromaisbonus.com.br URL: https://dev.queromaisbonus.com.br/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 70b13f33b21af4245edb1c5c1669dce0837a874ddfe31f17bae314fc2a3c73c4 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://dev.queromaisbonus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 17:44:08 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 17 Nov 2023 17:44:08 GMT
GET H/1.1	200 OK	logo-tim.svg dev.queromaisbonus.com.br/images/	15 KB 16 KB	201ms 130ms	Image image/svg+xml	104.208.158.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://dev.queromaisbonus.com.br/images/logo-tim.svg Requested by Host: dev.queromaisbonus.com.br URL: https://dev.queromaisbonus.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.208.158.252 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c0d705d01e8d2e88212877a0257b68893471a5778ab7aa6eb6b139b2785c6c31 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://dev.queromaisbonus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 17:44:08 GMT Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy frame-ancestors 'self'; Last-Modified Wed, 09 Mar 2022 12:48:02 GMT ETag "6228a202-3c8e" X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 15502 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	jquery.js Show response dev.queromaisbonus.com.br/js/refidelizacao/	86 KB 30 KB	274ms 144ms	Script application/javascript	104.208.158.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dev.queromaisbonus.com.br/js/refidelizacao/jquery.js Requested by Host: dev.queromaisbonus.com.br URL: https://dev.queromaisbonus.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.208.158.252 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 53204067e4480cd48452851810064e68acb7c7c1027c0d43bed74d6f291849e0 Request headers accept-language en-US,en;q=0.9 Referer https://dev.queromaisbonus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma public Date Fri, 17 Nov 2023 17:44:08 GMT Content-Encoding gzip Last-Modified Thu, 29 Jun 2023 18:24:53 GMT ETag W/"649dcc75-15856" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=31536000, public, must-revalidate, proxy-revalidate Connection keep-alive Expires Sat, 16 Nov 2024 17:44:08 GMT
GET H/1.1	200 OK	jquery.mask.js Show response dev.queromaisbonus.com.br/js/refidelizacao/	23 KB 6 KB	78ms 78ms	Script application/javascript	104.208.158.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dev.queromaisbonus.com.br/js/refidelizacao/jquery.mask.js Requested by Host: dev.queromaisbonus.com.br URL: https://dev.queromaisbonus.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.208.158.252 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash b054f441a0fa5b55cdaaac75f6da693a604faabc52a6df0499b78fecd44cab0a Request headers accept-language en-US,en;q=0.9 Referer https://dev.queromaisbonus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma public Date Fri, 17 Nov 2023 17:44:08 GMT Content-Encoding gzip Last-Modified Wed, 09 Mar 2022 12:48:02 GMT ETag W/"6228a202-5a70" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=31536000, public, must-revalidate, proxy-revalidate Connection keep-alive Expires Sat, 16 Nov 2024 17:44:08 GMT
GET H/1.1	200 OK	jquery.validate.min.js Show response dev.queromaisbonus.com.br/js/refidelizacao/	21 KB 7 KB	86ms 71ms	Script application/javascript	104.208.158.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dev.queromaisbonus.com.br/js/refidelizacao/jquery.validate.min.js Requested by Host: dev.queromaisbonus.com.br URL: https://dev.queromaisbonus.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.208.158.252 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13 Request headers accept-language en-US,en;q=0.9 Referer https://dev.queromaisbonus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma public Date Fri, 17 Nov 2023 17:44:09 GMT Content-Encoding gzip Last-Modified Wed, 09 Mar 2022 12:48:02 GMT ETag W/"6228a202-5262" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=31536000, public, must-revalidate, proxy-revalidate Connection keep-alive Expires Sat, 16 Nov 2024 17:44:09 GMT
GET H/1.1	200 OK	modal.js Show response dev.queromaisbonus.com.br/js/	3 KB 1 KB	191ms 59ms	Script application/javascript	104.208.158.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dev.queromaisbonus.com.br/js/modal.js Requested by Host: dev.queromaisbonus.com.br URL: https://dev.queromaisbonus.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.208.158.252 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 4a29c49e82d2e0916ef0aa17b44e9fdf24dd563dfcabd4156fe841d8a0019135 Request headers accept-language en-US,en;q=0.9 Referer https://dev.queromaisbonus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma public Date Fri, 17 Nov 2023 17:44:09 GMT Content-Encoding gzip Last-Modified Thu, 29 Jun 2023 18:24:53 GMT ETag W/"649dcc75-bc3" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=31536000, public, must-revalidate, proxy-revalidate Connection keep-alive Expires Sat, 16 Nov 2024 17:44:09 GMT
GET H/1.1	200 OK	common.js Show response dev.queromaisbonus.com.br/js/refidelizacao/	4 KB 2 KB	194ms 62ms	Script application/javascript	104.208.158.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dev.queromaisbonus.com.br/js/refidelizacao/common.js Requested by Host: dev.queromaisbonus.com.br URL: https://dev.queromaisbonus.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.208.158.252 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e9c052aeeaf48c589a1df07a3eaf2c524fdafbb05082dd34053c7435f664e46c Request headers accept-language en-US,en;q=0.9 Referer https://dev.queromaisbonus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma public Date Fri, 17 Nov 2023 17:44:09 GMT Content-Encoding gzip Last-Modified Tue, 17 Oct 2023 18:12:27 GMT ETag W/"652ece8b-eee" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=31536000, public, must-revalidate, proxy-revalidate Connection keep-alive Expires Sat, 16 Nov 2024 17:44:09 GMT
GET H/1.1	200 OK	slick.min.js Show response dev.queromaisbonus.com.br/js/refidelizacao/	42 KB 11 KB	245ms 113ms	Script application/javascript	104.208.158.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dev.queromaisbonus.com.br/js/refidelizacao/slick.min.js Requested by Host: dev.queromaisbonus.com.br URL: https://dev.queromaisbonus.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.208.158.252 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Request headers accept-language en-US,en;q=0.9 Referer https://dev.queromaisbonus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma public Date Fri, 17 Nov 2023 17:44:09 GMT Content-Encoding gzip Last-Modified Wed, 09 Mar 2022 12:48:02 GMT ETag W/"6228a202-a76f" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=31536000, public, must-revalidate, proxy-revalidate Connection keep-alive Expires Sat, 16 Nov 2024 17:44:09 GMT
GET H/1.1	200 OK	libPrivacy.js Show response mobi2buy.s3-sa-east-1.amazonaws.com/privacy/	30 KB 31 KB	581ms 187ms	Script application/javascript	3.5.234.1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mobi2buy.s3-sa-east-1.amazonaws.com/privacy/libPrivacy.js Requested by Host: dev.queromaisbonus.com.br URL: https://dev.queromaisbonus.com.br/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.5.234.1 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS s3-sa-east-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash 7528f174cf33c57675dec03f74f51378ac2c5cdd49b5cf008f3bae62a1cde56f Request headers accept-language en-US,en;q=0.9 Referer https://dev.queromaisbonus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 17:44:10 GMT Last-Modified Mon, 05 Oct 2020 13:47:19 GMT Server AmazonS3 x-amz-request-id Q1HHNTHCJANDRH5Y ETag "ab0e4463471aafd34ddd90f704baa8e8" Content-Type application/javascript Accept-Ranges bytes Content-Length 30854 x-amz-id-2 HPjxykWJz+T1xM/cqL2Uso4DjTkmiiZdx3pVN3dRGG7VQWmhwNm2+3S8DJhsHk3a96Q8MkrfiCJRd+7X8qNEzg==
GET H2	200	css2 fonts.googleapis.com/	2 KB 997 B	189ms 72ms	Stylesheet text/css	2607:f8b0:4006:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap Requested by Host: dev.queromaisbonus.com.br URL: https://dev.queromaisbonus.com.br/css/login.css?version=1700243048 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c2e32c476f8c66151541b113edf89560601e02f8b21d559bd1ee880e8337c57d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://dev.queromaisbonus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 17 Nov 2023 17:44:08 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 17 Nov 2023 16:36:56 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 17 Nov 2023 17:44:08 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/	465 KB 187 KB	180ms 52ms	Script text/javascript	2607:f8b0:4006:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LcD6TQcAAAAAB4kNC3W2-JytWKSVU5W4m-LOcsV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://dev.queromaisbonus.com.br/ Origin https://dev.queromaisbonus.com.br accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 17:40:57 GMT content-encoding gzip x-content-type-options nosniff age 192 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 190682 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 16 Nov 2024 17:40:57 GMT
GET H/1.1	200 OK	bg-login.png dev.queromaisbonus.com.br/images/	277 KB 277 KB	196ms 124ms	Image image/png	104.208.158.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://dev.queromaisbonus.com.br/images/bg-login.png Requested by Host: dev.queromaisbonus.com.br URL: https://dev.queromaisbonus.com.br/css/login.css?version=1700243048 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.208.158.252 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 886e6243e9a159a36b96f42e044cfaabd552477578aa21c8e4b319368192bc50 Request headers accept-language en-US,en;q=0.9 Referer https://dev.queromaisbonus.com.br/css/login.css?version=1700243048 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Pragma public Date Fri, 17 Nov 2023 17:44:09 GMT Last-Modified Thu, 29 Jun 2023 18:24:52 GMT ETag "649dcc74-4536b" Content-Type image/png Cache-Control max-age=31536000, public, must-revalidate, proxy-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 283499 Expires Sat, 16 Nov 2024 17:44:09 GMT
GET H/1.1	200 OK	TIMSans-Bold.woff2 dev.queromaisbonus.com.br/fonts/	50 KB 50 KB	83ms 72ms	Font application/octet-stream	104.208.158.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dev.queromaisbonus.com.br/fonts/TIMSans-Bold.woff2 Requested by Host: dev.queromaisbonus.com.br URL: https://dev.queromaisbonus.com.br/css/login.css?version=1700243048 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.208.158.252 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5f14f2ae7c608847c7bfdaeff0420b81d9f6e1760d418ca54340b1f673c70458 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://dev.queromaisbonus.com.br/css/login.css?version=1700243048 Origin https://dev.queromaisbonus.com.br accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 17:44:09 GMT Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy frame-ancestors 'self'; Last-Modified Wed, 09 Mar 2022 12:48:02 GMT ETag "6228a202-c6c4" X-Frame-Options SAMEORIGIN Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 50884 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	TIMSans-Regular.woff2 dev.queromaisbonus.com.br/fonts/	48 KB 49 KB	80ms 74ms	Font application/octet-stream	104.208.158.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dev.queromaisbonus.com.br/fonts/TIMSans-Regular.woff2 Requested by Host: dev.queromaisbonus.com.br URL: https://dev.queromaisbonus.com.br/css/login.css?version=1700243048 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.208.158.252 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 3f1617ce15dbf7796850675017d8c7f21d8a010bf633aaf49805145a0d05a1bc Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://dev.queromaisbonus.com.br/css/login.css?version=1700243048 Origin https://dev.queromaisbonus.com.br accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 17:44:09 GMT Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy frame-ancestors 'self'; Last-Modified Wed, 09 Mar 2022 12:48:02 GMT ETag "6228a202-c140" X-Frame-Options SAMEORIGIN Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 49472 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	logo-tim.svg dev.queromaisbonus.com.br/images/	15 KB 16 KB	41ms 41ms	Image image/svg+xml	104.208.158.252 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://dev.queromaisbonus.com.br/images/logo-tim.svg Requested by Host: dev.queromaisbonus.com.br URL: https://dev.queromaisbonus.com.br/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.208.158.252 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c0d705d01e8d2e88212877a0257b68893471a5778ab7aa6eb6b139b2785c6c31 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://dev.queromaisbonus.com.br/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 17 Nov 2023 17:44:09 GMT Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Content-Security-Policy frame-ancestors 'self'; Last-Modified Wed, 09 Mar 2022 12:48:02 GMT ETag "6228a202-3c8e" X-Frame-Options SAMEORIGIN Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 15502 X-XSS-Protection 1; mode=block
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame AC74	7 KB 1 KB	62ms 60ms	Document text/html	2607:f8b0:4006:81d::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcD6TQcAAAAAB4kNC3W2-JytWKSVU5W4m-LOcsV&co=aHR0cHM6Ly9kZXYucXVlcm9tYWlzYm9udXMuY29tLmJyOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=utr7ztysz0g9 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 6676608005a59f0bcdd5846661ae43244c42814bb9cb9cbc0c57aa383ef94bcb Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-t-ZrtuxLmBQAKpW32iaAxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://dev.queromaisbonus.com.br/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-t-ZrtuxLmBQAKpW32iaAxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 17 Nov 2023 17:44:09 GMT expires Fri, 17 Nov 2023 17:44:09 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame AC74	55 KB 24 KB	118ms 36ms	Stylesheet text/css	2607:f8b0:4006:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcD6TQcAAAAAB4kNC3W2-JytWKSVU5W4m-LOcsV&co=aHR0cHM6Ly9kZXYucXVlcm9tYWlzYm9udXMuY29tLmJyOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=utr7ztysz0g9 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 17:41:06 GMT content-encoding gzip x-content-type-options nosniff age 183 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 16 Nov 2024 17:41:06 GMT
GET H3	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame AC74	465 KB 186 KB	115ms 35ms	Script text/javascript	2607:f8b0:4006:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcD6TQcAAAAAB4kNC3W2-JytWKSVU5W4m-LOcsV&co=aHR0cHM6Ly9kZXYucXVlcm9tYWlzYm9udXMuY29tLmJyOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=utr7ztysz0g9 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 17:40:57 GMT content-encoding gzip x-content-type-options nosniff age 192 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 190682 x-xss-protection 0 last-modified Tue, 14 Nov 2023 05:42:11 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 16 Nov 2024 17:40:57 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame AC74	2 KB 2 KB	27ms 26ms	Image image/png	2607:f8b0:4006:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 14 Nov 2023 22:57:05 GMT x-content-type-options nosniff age 240425 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 21 Nov 2023 22:57:05 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame AC74	15 KB 16 KB	95ms 25ms	Font font/woff2	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcD6TQcAAAAAB4kNC3W2-JytWKSVU5W4m-LOcsV&co=aHR0cHM6Ly9kZXYucXVlcm9tYWlzYm9udXMuY29tLmJyOjQ0Mw..&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=utr7ztysz0g9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 17 Nov 2023 07:41:31 GMT x-content-type-options nosniff age 36159 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 16 Nov 2024 07:41:31 GMT

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery function| hasElement function| initModal object| recaptcha function| createCookie function| readCookie function| eraseCookie function| openCookieInformation function| privacyPolicy function| closePopup function| closeCookiePadrao function| addToHead function| addToBody function| ready object| closure_lm_723251

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dev.queromaisbonus.com.br/	1970-01-20 16:17:30	Name: XSRF-TOKEN Value: eyJpdiI6IkJaSFFUeFNnTU5BeXQrSldmMk5rWnc9PSIsInZhbHVlIjoiOUFYYTNCXC96VUFFUGwydm9xbVNORURFNHhTckY3UmN0aXFOcnJFcTJwekNaQUJaUm16eGlJUDkwME9yQkZlMlUiLCJtYWMiOiJmNmU5ZDAwZDUzYWQ2ZmU4MGFiOTBiMmNiMTMzODY5Y2VkYTdhMmNjMDYxNGU1YTNmODFhMTA0NjhmY2ViNGViIn0%3D
			dev.queromaisbonus.com.br/	1970-01-20 16:17:30	Name: fiquenatim_session Value: eyJpdiI6IlMycWxkTkJcLzVcL1doVFd4VUhPRXJPUT09IiwidmFsdWUiOiJ4eXdmQnRvckhiZnRpbVplSk1cL3FMam5McFZMdDVacTJhVlA3cUtkRkdHRHFGNlBcL2ozZFdGTWwwdmNQcUI5d3p3WHRLNFNOcjVWTEdVODdjVkd3UVAxeUZ1eWZlZ1lQZGVFeGpKV2ZtN0tuWE5RN2RwUzFwV3p2YmdkYnZTMU9YIiwibWFjIjoiZTAyZGE0Yzc4ZTg5ZjNlZTA0MjUwOTRkYzA4OThmYTEzMWQxYjMzNTdiOTRhZGYxMWIzMDIxMWE5YjIzODgyOSJ9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dev.queromaisbonus.com.br
fonts.googleapis.com
fonts.gstatic.com
mobi2buy.s3-sa-east-1.amazonaws.com
www.google.com
www.gstatic.com
104.208.158.252
2607:f8b0:4006:809::2003
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:822::2003
3.5.234.1
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2306fafb98cdbad4766bd7857d8ec98a382fd61ddf1f6c919d78875b8aed759c
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f1617ce15dbf7796850675017d8c7f21d8a010bf633aaf49805145a0d05a1bc
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
4a29c49e82d2e0916ef0aa17b44e9fdf24dd563dfcabd4156fe841d8a0019135
53204067e4480cd48452851810064e68acb7c7c1027c0d43bed74d6f291849e0
5f14f2ae7c608847c7bfdaeff0420b81d9f6e1760d418ca54340b1f673c70458
6676608005a59f0bcdd5846661ae43244c42814bb9cb9cbc0c57aa383ef94bcb
70b13f33b21af4245edb1c5c1669dce0837a874ddfe31f17bae314fc2a3c73c4
7528f174cf33c57675dec03f74f51378ac2c5cdd49b5cf008f3bae62a1cde56f
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
886e6243e9a159a36b96f42e044cfaabd552477578aa21c8e4b319368192bc50
b054f441a0fa5b55cdaaac75f6da693a604faabc52a6df0499b78fecd44cab0a
c0d705d01e8d2e88212877a0257b68893471a5778ab7aa6eb6b139b2785c6c31
c2e32c476f8c66151541b113edf89560601e02f8b21d559bd1ee880e8337c57d
e9c052aeeaf48c589a1df07a3eaf2c524fdafbb05082dd34053c7435f664e46c
fdc89a869f6d68700cd52ef35ee81f3b2fece6850f8b8195d896e9984b463299