resgateosaldo.site Open in urlscan Pro
174.138.109.200 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://resgateosaldo.site/etapa-1/?utm_creative=V%C3%8DDEO+RM&utm_campaign=F214%20|%20BM1%20|%20CONTA%202%20|%20CP%2010&ut...
Submission: On September 28 via manual (September 28th 2023, 4:55:34 pm UTC) — Scanned from DE

Summary HTTP 25 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 14 domains to perform 25 HTTP transactions. The main IP is 174.138.109.200, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is resgateosaldo.site.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on September 17th 2023. Valid for: 3 months.

This is the only time resgateosaldo.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	174.138.109.200 174.138.109.200	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2606:4700:e0:... 2606:4700:e0::ac40:6818	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
5	16.182.40.64 16.182.40.64	16509 (AMAZON-02) (AMAZON-02)
1	52.217.85.136 52.217.85.136	16509 (AMAZON-02) (AMAZON-02)
1	138.197.230.28 138.197.230.28	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	65.108.75.112 65.108.75.112	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700:20:... 2606:4700:20::ac43:470c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	15

1 174.138.109.200 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

resgateosaldo.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e0::ac40:6818 (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 16.182.40.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.85.136 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com

123pagebuilder.s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.197.230.28 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn1.123tp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.75.112 (Andover, United States)

ASN24940 (HETZNER-AS, DE)
PTR: static.112.75.108.65.clients.your-server.de

ipv4.wtfismyip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:470c (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.123tapronto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	amazonaws.com s3.amazonaws.com 123pagebuilder.s3.us-east-1.amazonaws.com	113 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	225 KB
3	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 15411	131 KB
2	123tapronto.com analytics.123tapronto.com	297 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	88 KB
1	wtfismyip.com ipv4.wtfismyip.com — Cisco Umbrella Rank: 500796	484 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	185 B
1	google.de www.google.de — Cisco Umbrella Rank: 3974	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 11	455 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1878	255 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	2 KB
1	123tp.net cdn1.123tp.net	19 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	28 KB
1	resgateosaldo.site resgateosaldo.site	5 KB
25	14

	Domain	Requested by
5	s3.amazonaws.com	resgateosaldo.site
3	www.googletagmanager.com	resgateosaldo.site www.googletagmanager.com
3	fonts.cdnfonts.com	resgateosaldo.site fonts.cdnfonts.com
2	analytics.123tapronto.com	cdn1.123tp.net
2	connect.facebook.net	resgateosaldo.site connect.facebook.net
1	ipv4.wtfismyip.com	cdn1.123tp.net
1	www.facebook.com	resgateosaldo.site
1	www.google.de	resgateosaldo.site
1	www.google.com	resgateosaldo.site
1	region1.google-analytics.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	cdn1.123tp.net	resgateosaldo.site
1	123pagebuilder.s3.us-east-1.amazonaws.com	resgateosaldo.site
1	cdnjs.cloudflare.com	resgateosaldo.site
1	resgateosaldo.site
25	15

This site contains links to these domains. Also see Links.

Domain
resgateosaldo.online

Subject Issuer	Validity	Valid
resgateosaldo.site ZeroSSL ECC Domain Secure Site CA	`2023-09-17` - `2023-12-16`	3 months	crt.sh
cdnfonts.com GTS CA 1P5	`2023-08-04` - `2023-11-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-06-21`	a year	crt.sh
cdn1.123tp.net R3	`2023-08-05` - `2023-11-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-08` - `2023-10-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
wtfismyip.com GTS CA 1P5	`2023-09-15` - `2023-12-14`	3 months	crt.sh
123tapronto.com GTS CA 1P5	`2023-09-19` - `2023-12-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://resgateosaldo.site/etapa-1/?utm_creative=V%C3%8DDEO+RM&utm_campaign=F214%20|%20BM1%20|%20CONTA%202%20|%20CP%2010&utm_source=fb&utm_placement=Facebook_Mobile_Feed&campaign_id=23861119688070179&adset_id=23861119687830179&ad_id=23861119688080179&adset_name=P%C3%BAblico+Padr%C3%A3o&utm_medium=V%C3%8DDEO%20RM&src=Facebook_Mobile_Feed
Frame ID: E5AB98859F627C916BFBAAC1A5132B8A
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Consulta - Etapa 1

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

15
Subdomains

15
IPs

3
Countries

612 kB
Transfer

1372 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://resgateosaldo.online/termos-de-uso/
Title: Termos de Uso

Search URL Search Domain Scan URL

URL: https://resgateosaldo.online/politicas-de-privacidade/
Title: Política de Privacidade

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
resgateosaldo.site/etapa-1/ 14 KB
5 KB 2377ms
107ms Document
text/html 174.138.109.200
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://resgateosaldo.site/etapa-1/?utm_creative=V%C3%8DDEO+RM&utm_campaign=F214%20|%20BM1%20|%20CONTA%202%20|%20CP%2010&utm_source=fb&utm_placement=Facebook_Mobile_Feed&campaign_id=23861119688070179&adset_id=23861119687830179&ad_id=23861119688080179&adset_name=P%C3%BAblico+Padr%C3%A3o&utm_medium=V%C3%8DDEO%20RM&src=Facebook_Mobile_Feed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.109.200 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c8eaca6d2b10fb740d634f7a755754b9213ba59e1be8cc1f0d4b0a45c817d55d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 28 Sep 2023 16:55:29 GMT
etag: W/"6500b43a-3700"
last-modified: Tue, 12 Sep 2023 18:55:54 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 poppins
fonts.cdnfonts.com/css/ 3 KB
800 B 102ms
31ms Stylesheet
text/css 2606:4700:e0::ac40:6818
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/poppins
Requested by: Host: resgateosaldo.site
URL: https://resgateosaldo.site/etapa-1/?utm_creative=V%C3%8DDEO+RM&utm_campaign=F214%20|%20BM1%20|%20CONTA%202%20|%20CP%2010&utm_source=fb&utm_placement=Facebook_Mobile_Feed&campaign_id=23861119688070179&adset_id=23861119687830179&ad_id=23861119688080179&adset_name=P%C3%BAblico+Padr%C3%A3o&utm_medium=V%C3%8DDEO%20RM&src=Facebook_Mobile_Feed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6818 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c3b60bbb30f3c5e61be0eb78076d480b8f82408d5fa9da55882eeda085c3e4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 16:55:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20690304
cf-polished: origSize=3549
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Feb 2023 05:37:05 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KX2BFKUCT9H%2B2doU7AQjfENZb55rMxIDOs92JYgdTkurIVDjq81mqfFK2eQcDQ01KCeeE5JKAP5%2BkJ9asmK91V2mWvepasQ8WMtYcGA2thuKLoH62TfSCPbn5C18uUcyBuHoKI4RkCmIDafoHkokBWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 80dd83a7be8f3681-FRA

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
28 KB 81ms
34ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: resgateosaldo.site
URL: https://resgateosaldo.site/etapa-1/?utm_creative=V%C3%8DDEO+RM&utm_campaign=F214%20|%20BM1%20|%20CONTA%202%20|%20CP%2010&utm_source=fb&utm_placement=Facebook_Mobile_Feed&campaign_id=23861119688070179&adset_id=23861119687830179&ad_id=23861119688080179&adset_name=P%C3%BAblico+Padr%C3%A3o&utm_medium=V%C3%8DDEO%20RM&src=Facebook_Mobile_Feed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 16:55:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1959650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27501
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6b6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2Bja8lTCm4AbId70tqQzbJYaUaiNBhtxKVidSxcZkNE5gk62XVcLJUGCRv5V%2BsDckzNwlTdXrHN9nFjDQy7oPsxWTzxQsbT4o3IEEgGf2JuNJaLuuycQ75CBrodr7dPAxsmNfgIkaGuomGmmHaNsvKyr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80dd83a7991835f1-FRA
expires: Tue, 17 Sep 2024 16:55:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
71 KB 86ms
36ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-GTM-TLXTNTV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2a6c791b79df458055f615699f4bbbbe294700cfc0d51ca677c17dffe908659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 16:55:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71981
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Sep 2023 16:55:29 GMT

GET
H/1.1 200
OK 123tapronto1689814999665-Design-sem-nome-4-q6nli1mljhf7c6epw9e82ymbgyg6w60itqm7m3u7yc.png
s3.amazonaws.com/123pagebuilder/ 55 KB
55 KB 360ms
121ms Image
image/png 16.182.40.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/123pagebuilder/123tapronto1689814999665-Design-sem-nome-4-q6nli1mljhf7c6epw9e82ymbgyg6w60itqm7m3u7yc.png
Requested by: Host: resgateosaldo.site
URL: https://resgateosaldo.site/etapa-1/?utm_creative=V%C3%8DDEO+RM&utm_campaign=F214%20|%20BM1%20|%20CONTA%202%20|%20CP%2010&utm_source=fb&utm_placement=Facebook_Mobile_Feed&campaign_id=23861119688070179&adset_id=23861119687830179&ad_id=23861119688080179&adset_name=P%C3%BAblico+Padr%C3%A3o&utm_medium=V%C3%8DDEO%20RM&src=Facebook_Mobile_Feed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.40.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4eeb1f02153b560fb7623e0512b3649b9e4ce4d060e7a16cc28c3a88d186f9d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 16:55:30 GMT
Last-Modified: Thu, 20 Jul 2023 01:03:21 GMT
Server: AmazonS3
x-amz-request-id: 67H4HYB266PWAMSK
ETag: "59cc8e4af2e6f719fa4dfc51d163b264"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 55951
x-amz-id-2: Nndpon8CRgUQ5vVRAIlhR4KFU73JzHfrzErqRkRV7x0jtxYA8krFjhvpXbg2fmdnMmA3m9acoEU=

GET
H/1.1 200
OK 123tapronto1689815061677-1.png
s3.amazonaws.com/123pagebuilder/ 18 KB
18 KB 333ms
120ms Image
image/png 16.182.40.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/123pagebuilder/123tapronto1689815061677-1.png
Requested by: Host: resgateosaldo.site
URL: https://resgateosaldo.site/etapa-1/?utm_creative=V%C3%8DDEO+RM&utm_campaign=F214%20|%20BM1%20|%20CONTA%202%20|%20CP%2010&utm_source=fb&utm_placement=Facebook_Mobile_Feed&campaign_id=23861119688070179&adset_id=23861119687830179&ad_id=23861119688080179&adset_name=P%C3%BAblico+Padr%C3%A3o&utm_medium=V%C3%8DDEO%20RM&src=Facebook_Mobile_Feed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.40.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a4e9464ce3587351ca6c51cfe3efac8837e0f961b7c2dad7240e95146b5e2d61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 16:55:30 GMT
Last-Modified: Thu, 20 Jul 2023 01:04:23 GMT
Server: AmazonS3
x-amz-request-id: 67H96M03KBNCJKBZ
ETag: "22bb27f491c3eb6f2971f706f44052c0"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 18278
x-amz-id-2: lbBg4DjKjFQTGI6WP7a4scso/OiBfjVWIFlyUpgR2pFEE7t0XsF9X1oNJNk27ULWOPIP6TSUBS4=

GET
H/1.1 200
OK 123tapronto1689815064216-2.png
s3.amazonaws.com/123pagebuilder/ 15 KB
15 KB 332ms
119ms Image
image/png 16.182.40.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/123pagebuilder/123tapronto1689815064216-2.png
Requested by: Host: resgateosaldo.site
URL: https://resgateosaldo.site/etapa-1/?utm_creative=V%C3%8DDEO+RM&utm_campaign=F214%20|%20BM1%20|%20CONTA%202%20|%20CP%2010&utm_source=fb&utm_placement=Facebook_Mobile_Feed&campaign_id=23861119688070179&adset_id=23861119687830179&ad_id=23861119688080179&adset_name=P%C3%BAblico+Padr%C3%A3o&utm_medium=V%C3%8DDEO%20RM&src=Facebook_Mobile_Feed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.40.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 17730317e58a040d7fec411c27da84c7bab1ee6613a4a857796aef88e27163aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 16:55:30 GMT
Last-Modified: Thu, 20 Jul 2023 01:04:25 GMT
Server: AmazonS3
x-amz-request-id: 67H3G9GW4P17YQ4J
ETag: "c260f73586d7ddf9b29d65c81580f489"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 15122
x-amz-id-2: WazUDT+p1L56n8q3zy090KHAqR9YoHN3eUtJ416gDrPk3hzUZEy/lb99CLSHVPKW3kLf7zjKJ/M=

GET
H/1.1 200
OK 123tapronto1689815067617-3.png
s3.amazonaws.com/123pagebuilder/ 11 KB
12 KB 333ms
120ms Image
image/png 16.182.40.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/123pagebuilder/123tapronto1689815067617-3.png
Requested by: Host: resgateosaldo.site
URL: https://resgateosaldo.site/etapa-1/?utm_creative=V%C3%8DDEO+RM&utm_campaign=F214%20|%20BM1%20|%20CONTA%202%20|%20CP%2010&utm_source=fb&utm_placement=Facebook_Mobile_Feed&campaign_id=23861119688070179&adset_id=23861119687830179&ad_id=23861119688080179&adset_name=P%C3%BAblico+Padr%C3%A3o&utm_medium=V%C3%8DDEO%20RM&src=Facebook_Mobile_Feed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.40.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 13ade7362e3add6a7a6c3392ddb57058dec775c8df0b8bde78a61904880479d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 16:55:30 GMT
Last-Modified: Thu, 20 Jul 2023 01:04:28 GMT
Server: AmazonS3
x-amz-request-id: 67H2TP25K2136B4P
ETag: "161e25e379e8b34661d1cd54573ddecd"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11580
x-amz-id-2: +YiSS0Pg+XXSVtsxGkf5ZXY2qsfErD6ntL5XrSScR0sBxUaPqUWIFHtJRZG7+Io87xRHeGE50tc=

GET
H/1.1 200
OK 123tapronto1690939886092-772792.jpg
123pagebuilder.s3.us-east-1.amazonaws.com/ 2 KB
2 KB 367ms
120ms Image
image/jpeg 52.217.85.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://123pagebuilder.s3.us-east-1.amazonaws.com/123tapronto1690939886092-772792.jpg
Requested by: Host: resgateosaldo.site
URL: https://resgateosaldo.site/etapa-1/?utm_creative=V%C3%8DDEO+RM&utm_campaign=F214%20|%20BM1%20|%20CONTA%202%20|%20CP%2010&utm_source=fb&utm_placement=Facebook_Mobile_Feed&campaign_id=23861119688070179&adset_id=23861119687830179&ad_id=23861119688080179&adset_name=P%C3%BAblico+Padr%C3%A3o&utm_medium=V%C3%8DDEO%20RM&src=Facebook_Mobile_Feed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.85.136 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-east-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8b8f0ff83d4ea1b61d6fed7d3a83664882b296482c4aabf99b868796ae12bca5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 16:55:30 GMT
Last-Modified: Wed, 02 Aug 2023 01:31:27 GMT
Server: AmazonS3
x-amz-request-id: 67HBZR3JQGKTZCFW
ETag: "9a321ff77dd0767ecef32786511ee720"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 2084
x-amz-id-2: z1AwQ7SRrCln4Jr7tjR04PPseZ1yHpIaxUmr6Yz7JI1hpj9QM6Jir12QDe3XV+QO96CVj5msxIM=

GET
H2 200 123global.js Show response
cdn1.123tp.net/js/ 57 KB
19 KB 366ms
112ms Script
application/javascript 138.197.230.28
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.123tp.net/js/123global.js
Requested by: Host: resgateosaldo.site
URL: https://resgateosaldo.site/etapa-1/?utm_creative=V%C3%8DDEO+RM&utm_campaign=F214%20|%20BM1%20|%20CONTA%202%20|%20CP%2010&utm_source=fb&utm_placement=Facebook_Mobile_Feed&campaign_id=23861119688070179&adset_id=23861119687830179&ad_id=23861119688080179&adset_name=P%C3%BAblico+Padr%C3%A3o&utm_medium=V%C3%8DDEO%20RM&src=Facebook_Mobile_Feed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 138.197.230.28 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: aee7f4f3ccd8b922340828dac3c87a3e6ca4c672d624c0ed1944bd77123a4852

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 16:55:29 GMT
content-encoding: gzip
last-modified: Wed, 15 Mar 2023 02:46:43 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "64113193-4b05"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
content-length: 19205
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 182 KB
65 KB 74ms
64ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLXTNTV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f44fbd5ca1c7ca9cd25f3cf4e010a5aea6c0076a13c64c3d74cb57020936db2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 16:55:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66684
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 16:10:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Sep 2023 16:55:29 GMT

GET
H/1.1 200
OK 123tapronto1689815635799-Design+sem+nome+%282%29.png
s3.amazonaws.com/123pagebuilder/ 10 KB
11 KB 330ms
118ms Image
image/png 16.182.40.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/123pagebuilder/123tapronto1689815635799-Design+sem+nome+%282%29.png
Requested by: Host: resgateosaldo.site
URL: https://resgateosaldo.site/etapa-1/?utm_creative=V%C3%8DDEO+RM&utm_campaign=F214%20|%20BM1%20|%20CONTA%202%20|%20CP%2010&utm_source=fb&utm_placement=Facebook_Mobile_Feed&campaign_id=23861119688070179&adset_id=23861119687830179&ad_id=23861119688080179&adset_name=P%C3%BAblico+Padr%C3%A3o&utm_medium=V%C3%8DDEO%20RM&src=Facebook_Mobile_Feed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.40.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c7efda4b5c6892998852e15823677c7b5c46ab7a5c85439b9f22d542b786ca11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date: Thu, 28 Sep 2023 16:55:30 GMT
Last-Modified: Thu, 20 Jul 2023 01:13:57 GMT
Server: AmazonS3
x-amz-request-id: 67HBQ3MKM6X9GNRK
ETag: "f7941bcd2e0a548085676d3d40ebbcaf"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10475
x-amz-id-2: 4+6ILLuGlubcGNASssOMPuCEWG3Uh1y3bIeGjY9pxHASOtprGeliZNM1knxVnlpcwkkK6VFhHnE=

GET
H2 200 Poppins-Regular.woff
fonts.cdnfonts.com/s/16009/ 65 KB
65 KB 103ms
59ms Font
font/woff 2606:4700:e0::ac40:6818
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/16009/Poppins-Regular.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/poppins
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6818 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b5ed244caeaa43c5e9c70566868cff1f8a9747b49cb7e28b155d14085136fb

Request headers

Referer: https://fonts.cdnfonts.com/css/poppins
Origin: https://resgateosaldo.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 16:55:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60469
alt-svc: h3=":443"; ma=86400
content-length: 66464
last-modified: Sat, 05 Feb 2022 02:00:38 GMT
server: cloudflare
etag: "103a0-5d73bbbdfa652"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rXCOS52XX3fP%2FAW5jsq9JSr4f%2B3ADhYIdsjD1QlERT1q2OTnf2ufCLPPmvrSSWTS8posUKEt3ozVELH1o1RkLmGEEma%2BpCwg1pDSQyuUMC5xkJ80NRY7vPJS%2F6zVUanqzVjZEntJL1T5cEFqqWW4a0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80dd83a86af390d4-FRA

GET
H2 200 Poppins-Bold.woff
fonts.cdnfonts.com/s/16009/ 64 KB
65 KB 73ms
36ms Font
font/woff 2606:4700:e0::ac40:6818
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/16009/Poppins-Bold.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/poppins
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6818 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a11b45f950168e9b74999a7fdb9d76f7eb2b08c045992ba1f9ae0b995be5cb9e

Request headers

Referer: https://fonts.cdnfonts.com/css/poppins
Origin: https://resgateosaldo.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 16:55:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60469
alt-svc: h3=":443"; ma=86400
content-length: 65572
last-modified: Sat, 05 Feb 2022 02:00:38 GMT
server: cloudflare
etag: "10024-5d73bbbdf9a9a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kE7dmeMogjs64%2FfzNdQLOyKJShYu1XUbKsBPJV9CvA9WQn7Ucl%2Bob7R2Wz8TjDA47%2Frxq%2F6GMgMrcJ%2FKgWkKVLMthjXQ1ZIG745veoJs7xI07S5xWeGGLB6EBkUjasDRfyBc2tyOeipBbqyg3RsV7ZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 80dd83a86af490d4-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/GTM-TLXTNTV/ 3 KB
2 KB 121ms
67ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/GTM-TLXTNTV/?random=1695920129399&cv=11&fst=1695920129399&bg=ffffff&guid=ON&async=1&gtm=45be39p0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresgateosaldo.site%2Fetapa-1%2F%3Futm_creative%3DV%25C3%258DDEO%2BRM%26utm_campaign%3DF214%2520%7C%2520BM1%2520%7C%2520CONTA%25202%2520%7C%2520CP%252010%26utm_source%3Dfb%26utm_placement%3DFacebook_Mobile_Feed%26campaign_id%3D23861119688070179%26adset_id%3D23861119687830179%26ad_id%3D23861119688080179%26adset_name%3DP%25C3%25BAblico%2BPadr%25C3%25A3o%26utm_medium%3DV%25C3%258DDEO%2520RM%26src%3DFacebook_Mobile_Feed&hn=www.googleadservices.com&frm=0&tiba=Consulta%20-%20Etapa%201&auid=1059236634.1695920129&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-GTM-TLXTNTV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e80377f02885dfae8a8bbdb6d83f5c8db9982d9bb9d07688d622e3edb2401700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 16:55:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1516
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 62ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c23f58e5c037e4b8b1efc40ff22d331b67606d8eaf34e6ed9203a3fba9a2641

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 28 Sep 2023 16:55:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53277
x-xss-protection: 0
pragma: public
x-fb-debug: FkWCSFlWbM7xktLCPYdG47v1SZ2Z7Xr9/EtshmcIWAb9g+sX/3lzP6nbRjZlw8iKGh/9vzQAswMXyaLlsFI++g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
89 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GBFTN4BJXY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLXTNTV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd58f7eda0d6cede162aa7f9f8304491ccc7556093c27d981b6ad84e30daa96b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 16:55:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91165
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Sep 2023 16:55:29 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 92ms
39ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GBFTN4BJXY&gtm=45je39p0&_p=312114172&cid=1722552270.1695920130&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1695920129&sct=1&seg=0&dl=https%3A%2F%2Fresgateosaldo.site%2Fetapa-1%2F%3Futm_creative%3DV%25C3%258DDEO%2BRM%26utm_campaign%3DF214%2520%7C%2520BM1%2520%7C%2520CONTA%25202%2520%7C%2520CP%252010%26utm_source%3Dfb%26utm_placement%3DFacebook_Mobile_Feed%26campaign_id%3D23861119688070179%26adset_id%3D23861119687830179%26ad_id%3D23861119688080179%26adset_name%3DP%25C3%25BAblico%2BPadr%25C3%25A3o%26utm_medium%3DV%25C3%258DDEO%2520RM%26src%3DFacebook_Mobile_Feed&dt=Consulta%20-%20Etapa%201&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GBFTN4BJXY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 16:55:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://resgateosaldo.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1478052356054809 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 130ms
129ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1478052356054809?v=2.9.131&r=stable&domain=resgateosaldo.site

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f072f611d849a71fccc38e5097ab602bf243033178423369a81439f0e9adafcf

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 28 Sep 2023 16:55:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: DWqmAzAGRKPmMyXVWauKZ4aUCz4EUc8Ya4vIha397ppi1QSDD33NhBqpkJrVuYeMF8IE7kuPqRILfag2Oo+lBQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/GTM-TLXTNTV/ 42 B
455 B 109ms
46ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/GTM-TLXTNTV/?random=1695920129399&cv=11&fst=1695916800000&bg=ffffff&guid=ON&async=1&gtm=45be39p0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresgateosaldo.site%2Fetapa-1%2F%3Futm_creative%3DV%25C3%258DDEO%2BRM%26utm_campaign%3DF214%2520%7C%2520BM1%2520%7C%2520CONTA%25202%2520%7C%2520CP%252010%26utm_source%3Dfb%26utm_placement%3DFacebook_Mobile_Feed%26campaign_id%3D23861119688070179%26adset_id%3D23861119687830179%26ad_id%3D23861119688080179%26adset_name%3DP%25C3%25BAblico%2BPadr%25C3%25A3o%26utm_medium%3DV%25C3%258DDEO%2520RM%26src%3DFacebook_Mobile_Feed&frm=0&tiba=Consulta%20-%20Etapa%201&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=281079588&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 16:55:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/GTM-TLXTNTV/ 42 B
455 B 107ms
45ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/GTM-TLXTNTV/?random=1695920129399&cv=11&fst=1695916800000&bg=ffffff&guid=ON&async=1&gtm=45be39p0&u_w=1600&u_h=1200&url=https%3A%2F%2Fresgateosaldo.site%2Fetapa-1%2F%3Futm_creative%3DV%25C3%258DDEO%2BRM%26utm_campaign%3DF214%2520%7C%2520BM1%2520%7C%2520CONTA%25202%2520%7C%2520CP%252010%26utm_source%3Dfb%26utm_placement%3DFacebook_Mobile_Feed%26campaign_id%3D23861119688070179%26adset_id%3D23861119687830179%26ad_id%3D23861119688080179%26adset_name%3DP%25C3%25BAblico%2BPadr%25C3%25A3o%26utm_medium%3DV%25C3%258DDEO%2520RM%26src%3DFacebook_Mobile_Feed&frm=0&tiba=Consulta%20-%20Etapa%201&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=281079588&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 16:55:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 93ms
41ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1478052356054809&ev=PageView&dl=https%3A%2F%2Fresgateosaldo.site%2Fetapa-1%2F%3Futm_creative%3DV%25C3%258DDEO%2BRM%26utm_campaign%3DF214%2520%7C%2520BM1%2520%7C%2520CONTA%25202%2520%7C%2520CP%252010%26utm_source%3Dfb%26utm_placement%3DFacebook_Mobile_Feed%26campaign_id%3D23861119688070179%26adset_id%3D23861119687830179%26ad_id%3D23861119688080179%26adset_name%3DP%25C3%25BAblico%2BPadr%25C3%25A3o%26utm_medium%3DV%25C3%258DDEO%2520RM%26src%3DFacebook_Mobile_Feed&rl=&if=false&ts=1695920129750&sw=1600&sh=1200&v=2.9.131&r=stable&ec=0&o=30&fbp=fb.1.1695920129743.2095513604&cs_est=true&it=1695920129590&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 28 Sep 2023 16:55:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 json Show response
ipv4.wtfismyip.com/ 341 B
484 B 285ms
124ms XHR
application/json 65.108.75.112
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv4.wtfismyip.com/json
Requested by: Host: cdn1.123tp.net
URL: https://cdn1.123tp.net/js/123global.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.108.75.112 Andover, United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.112.75.108.65.clients.your-server.de
Software: /
Resource Hash: 93bb152e8845b1475e4da7cae782e0968148b9837a2b1bea1684f7076b9b77d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://resgateosaldo.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 28 Sep 2023 16:55:30 GMT
x-fortune: It's going to be a fucking glorious day
content-length: 341
access-control-allow-methods: GET
content-type: application/json; charset=utf-8

OPTIONS
H2 204 access
analytics.123tapronto.com/ 0
0 288ms
194ms Preflight 2606:4700:20::ac43:470c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.123tapronto.com/access

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:470c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resgateosaldo.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 80dd83aded2835f9-FRA
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Thu, 28 Sep 2023 16:55:30 GMT
expect-ct: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSSnf4IqsZYovdqLksCTMWs%2B6zDJjPGY29AALbpHO%2FamhABpu0ccGflChp15vNMGt%2B6W2sQTnL8Km2U7rzDu%2F16n0NIPIYtC7Bz1iUlF%2B90a%2FPi9GQA9IpNeWBDAFAJMVxnkQHSR03khZK5pD6rKcMROvL6gXKI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

POST
H2 201 access Show response
analytics.123tapronto.com/ 0
297 B 128ms
127ms XHR
text/plain 2606:4700:20::ac43:470c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.123tapronto.com/access

Requested by

Host: cdn1.123tp.net
URL: https://cdn1.123tp.net/js/123global.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:470c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://resgateosaldo.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 28 Sep 2023 16:55:30 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iLRPIpjeIa9BU8NJ0RLSCsM6Zi6%2F4qPM0SuDmIRR6T51ccmFQ%2BSQ%2B4zNPAay2IwnTc%2FNC%2FM0ZvzupbSr7OwTg9MvynwjroKTTRQYuzl0%2BSzBFMaTkbXCol8xLxN0yCj5%2FEQOrZYBJ3IsI57MiTGkMcEi92QGm8%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
cf-ray: 80dd83af1ef835f9-FRA

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.resgateosaldo.site/	1970-01-20 17:14:56	Name: _gcl_au Value: 1.1.1059236634.1695920129
.doubleclick.net/	1970-01-20 15:05:21	Name: test_cookie Value: CheckForPermission
.resgateosaldo.site/	1970-01-21 00:41:20	Name: _ga Value: GA1.1.1722552270.1695920130
.resgateosaldo.site/	1970-01-21 00:41:20	Name: _ga_GBFTN4BJXY Value: GS1.1.1695920129.1.0.1695920129.0.0.0
.resgateosaldo.site/	1970-01-20 17:14:56	Name: _fbp Value: fb.1.1695920129743.2095513604

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

123pagebuilder.s3.us-east-1.amazonaws.com
analytics.123tapronto.com
cdn1.123tp.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.cdnfonts.com
googleads.g.doubleclick.net
ipv4.wtfismyip.com
region1.google-analytics.com
resgateosaldo.site
s3.amazonaws.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
138.197.230.28
16.182.40.64
174.138.109.200
2001:4860:4802:32::36
2606:4700:20::ac43:470c
2606:4700::6811:190e
2606:4700:e0::ac40:6818
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2004
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
52.217.85.136
65.108.75.112
13ade7362e3add6a7a6c3392ddb57058dec775c8df0b8bde78a61904880479d3
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16b5ed244caeaa43c5e9c70566868cff1f8a9747b49cb7e28b155d14085136fb
17730317e58a040d7fec411c27da84c7bab1ee6613a4a857796aef88e27163aa
3c23f58e5c037e4b8b1efc40ff22d331b67606d8eaf34e6ed9203a3fba9a2641
4c3b60bbb30f3c5e61be0eb78076d480b8f82408d5fa9da55882eeda085c3e4a
4eeb1f02153b560fb7623e0512b3649b9e4ce4d060e7a16cc28c3a88d186f9d7
7f44fbd5ca1c7ca9cd25f3cf4e010a5aea6c0076a13c64c3d74cb57020936db2
8b8f0ff83d4ea1b61d6fed7d3a83664882b296482c4aabf99b868796ae12bca5
93bb152e8845b1475e4da7cae782e0968148b9837a2b1bea1684f7076b9b77d9
a11b45f950168e9b74999a7fdb9d76f7eb2b08c045992ba1f9ae0b995be5cb9e
a4e9464ce3587351ca6c51cfe3efac8837e0f961b7c2dad7240e95146b5e2d61
aee7f4f3ccd8b922340828dac3c87a3e6ca4c672d624c0ed1944bd77123a4852
c7efda4b5c6892998852e15823677c7b5c46ab7a5c85439b9f22d542b786ca11
c8eaca6d2b10fb740d634f7a755754b9213ba59e1be8cc1f0d4b0a45c817d55d
cd58f7eda0d6cede162aa7f9f8304491ccc7556093c27d981b6ad84e30daa96b
d2a6c791b79df458055f615699f4bbbbe294700cfc0d51ca677c17dffe908659
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80377f02885dfae8a8bbdb6d83f5c8db9982d9bb9d07688d622e3edb2401700
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f072f611d849a71fccc38e5097ab602bf243033178423369a81439f0e9adafcf

resgateosaldo.site Open in urlscan Pro 174.138.109.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

67 %IPv6

14 Domains

15 Subdomains

15 IPs

3 Countries

612 kBTransfer

1372 kBSize

5 Cookies

2 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

5 Cookies

Indicators

resgateosaldo.site Open in urlscan Pro
174.138.109.200 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

15
Subdomains

15
IPs

3
Countries

612 kB
Transfer

1372 kB
Size

5
Cookies

25 HTTP transactions
0 data transactions