consultasaldoo2024.site Open in urlscan Pro
178.62.225.63  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response consultasaldoo2024.site/03/	63 KB 15 KB	69ms 15ms	Document text/html	178.62.225.63 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://consultasaldoo2024.site/03/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.62.225.63 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS ac30244.consulte01 Software nginx / Agius.Cloud 1.2.0 Resource Hash 89d37961beca0113ac732e39e9b9477fd2a32d57da45a399f1149d6d6ce417b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language nl-NL,nl;q=0.9 Response headers content-encoding gzip content-type text/html date Tue, 12 Mar 2024 21:24:40 GMT etag W/"65d8fe5c-fa9e" server nginx vary Accept-Encoding x-content-type-options nosniff x-powered-by Agius.Cloud 1.2.0 x-xss-protection 1; mode=block
GET H2	200	css2 fonts.bunny.net/	14 KB 1 KB	70ms 24ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://fonts.bunny.net/css2?family=Montserrat:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap%27);%27) Requested by Host: consultasaldoo2024.site URL: https://consultasaldoo2024.site/03/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 5017211977e75b25b826560915e6e9569d4b10d247ae6abb855b5cc69733c809 Request headers accept-language nl-NL,nl;q=0.9 Referer https://consultasaldoo2024.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 12 Mar 2024 21:24:40 GMT content-encoding br cdn-edgestorageid 1081 cdn-cachedat 03/06/2024 21:48:51 cdn-pullzone 781720 last-modified Wed, 06 Mar 2024 21:48:51 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 744d7660b3ffc6042e571652257da6a1 cdn-requestcountrycode NL access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	css2 fonts.googleapis.com/	4 KB 923 B	85ms 32ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap Requested by Host: consultasaldoo2024.site URL: https://consultasaldoo2024.site/03/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 29232bcae02c36eedc72fa27e6a41d126af97287d2e4523a0bbed695ee61a965 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://consultasaldoo2024.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Tue, 12 Mar 2024 21:24:40 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Tue, 12 Mar 2024 21:24:40 GMT
GET H2	200	css2 fonts.googleapis.com/	32 KB 1 KB	88ms 35ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Requested by Host: consultasaldoo2024.site URL: https://consultasaldoo2024.site/03/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 44949d44d91d5f40e59f727da4de310d569878b03cd5d538215f100a1514e8d0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://consultasaldoo2024.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Tue, 12 Mar 2024 21:24:40 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Tue, 12 Mar 2024 21:24:40 GMT
GET H2	200	751714986819620 Show response connect.facebook.net/signals/config/	136 KB 35 KB	115ms 71ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/751714986819620?v=2.9.142&r=stable&domain=127.0.0.1 Requested by Host: consultasaldoo2024.site URL: https://consultasaldoo2024.site/03/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 65b24aa8cf99efb0606328dfb59a0b69f3dc385b53d7d684e4f5c2bfffdadb67 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://consultasaldoo2024.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 12 Mar 2024 21:24:40 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 35759 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1294, tbw=62456, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug wc9TZC+k18ybVHRLD6xoS2tq7vk8c25mUY+3WJ4oQz9GGxsuCDe7UO1e/qej1NJyAPZQheu/yx5jGNsZspJdrw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	215 KB 58 KB	66ms 23ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: consultasaldoo2024.site URL: https://consultasaldoo2024.site/03/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://consultasaldoo2024.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 12 Mar 2024 21:24:40 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57348 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1294, tbw=2789, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug H1pGPkafgH8L1xt5oMMwGF9Hhf/ElT+x0MP1VD/UGbZ/JrWR9gaq40YNKRhY2cOqCWEbZsn9w2hcojG3QEvQTg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 x-fb-optimizer 0 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	11.png configuracaosites.tech/saque/img-serasa/	62 KB 62 KB	889ms 489ms	Image image/png	91.191.212.2 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://configuracaosites.tech/saque/img-serasa/11.png Requested by Host: consultasaldoo2024.site URL: https://consultasaldoo2024.site/03/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 91.191.212.2 Miami, United States, ASN29802 (HVC-AS, US), Reverse DNS 91-191-212-2.static.hvvc.us Software LiteSpeed / Resource Hash 30b35c47b0d25ae75f22fe4d6a4c9b87abdd83ea83cc6de7f2bff059c8e13dc3 Request headers accept-language nl-NL,nl;q=0.9 Referer https://consultasaldoo2024.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 12 Mar 2024 21:24:41 GMT last-modified Thu, 22 Feb 2024 23:39:07 GMT server LiteSpeed vary User-Agent content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 63212 expires Tue, 19 Mar 2024 21:24:41 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fbc2191c86289dc58ba977ead1d3fba278d36ae36ce3a601af798e41a8468d3b Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	285 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7fd0acaea29138796b0f990f987d47b4e547393bbd452a4afef27e37e8c1bbbf Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/svg+xml
GET H2	200	background.png configuracaosites.tech/saque/img/	70 KB 70 KB	573ms 244ms	Image image/png	91.191.212.2 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://configuracaosites.tech/saque/img/background.png Requested by Host: consultasaldoo2024.site URL: https://consultasaldoo2024.site/03/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 91.191.212.2 Miami, United States, ASN29802 (HVC-AS, US), Reverse DNS 91-191-212-2.static.hvvc.us Software LiteSpeed / Resource Hash d58597d1114fa4e7d486e0f6c53b1495778c410c9adbb2e2b9a32e40f01b2e31 Request headers accept-language nl-NL,nl;q=0.9 Referer https://consultasaldoo2024.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 12 Mar 2024 21:24:41 GMT last-modified Thu, 22 Feb 2024 23:50:06 GMT server LiteSpeed vary User-Agent content-type image/png cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 71598 expires Tue, 19 Mar 2024 21:24:41 GMT
GET H2	404	Raleway-Bold.woff consultasaldoo2024.site/03/	0 0	15ms 15ms	Font text/html	178.62.225.63 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://consultasaldoo2024.site/03/Raleway-Bold.woff Requested by Host: consultasaldoo2024.site URL: https://consultasaldoo2024.site/03/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.62.225.63 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS ac30244.consulte01 Software nginx / Resource Hash Request headers Referer https://consultasaldoo2024.site/03/ Origin https://consultasaldoo2024.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 12 Mar 2024 21:24:40 GMT content-encoding gzip server nginx vary Accept-Encoding content-type text/html
GET H2	200	web.js Show response cdn.jsdelivr.net/npm/@typebot.io/js@0.2.31/dist/	219 KB 64 KB	67ms 33ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@typebot.io/js@0.2.31/dist/web.js Requested by Host: consultasaldoo2024.site URL: https://consultasaldoo2024.site/03/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a6e11aa8d9d558ac507f690c40b4cefa55e640027173effd6576a0cec635172 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://consultasaldoo2024.site/ Origin https://consultasaldoo2024.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 12 Mar 2024 21:24:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 180883 x-jsd-version 0.2.31 content-encoding br x-cache MISS, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230047-FRA, cache-lga21927-LGA x-jsd-version-type version server cloudflare etag W/"36a2f-WpEVfFeZtpQUH5hzXI745/Ngbk8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0tQih5HRlUcDKDOzheGZSxwZoJfJoMped6yoef%2FDlzACsCp8LM9MMzMhVEoLxfWnu31oMa9NEd6Tkivat5W3N6ra3IkbryhRiTdZtMvkqHJBDKG%2BPMArP7C1y6D2PEKImMFDugkE7xHvA6ZpxDE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 8636da3a4fda7740-AMS
GET H2	200	1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2 fonts.gstatic.com/s/raleway/v29/	42 KB 43 KB	79ms 26ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash de87ef766937eaf5107ea3e9a2a378f39aa123abfc451de76e011f887be28b39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://consultasaldoo2024.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 11 Mar 2024 17:53:47 GMT x-content-type-options nosniff age 99053 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43448 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:53:11 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 11 Mar 2025 17:53:47 GMT
POST H2	200	startChat Show response chat.areadesuporte.site/api/v1/typebots/saque-up/	83 KB 21 KB	857ms 856ms	Fetch application/json	34.32.135.56 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://chat.areadesuporte.site/api/v1/typebots/saque-up/startChat Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/@typebot.io/js@0.2.31/dist/web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 56.135.32.34.bc.googleusercontent.com Software railway / Resource Hash d4857e99e90e48188edfac50d2a60aaa8a56dddf323340aa663b8caac0b2a9cf Request headers accept application/json Referer https://consultasaldoo2024.site/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 content-type application/json Response headers access-control-allow-origin * date Tue, 12 Mar 2024 21:24:41 GMT content-encoding gzip server railway vary Accept-Encoding content-type application/json
OPTIONS H2	204	startChat chat.areadesuporte.site/api/v1/typebots/saque-up/	0 0	382ms 155ms	Preflight	34.32.135.56 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://chat.areadesuporte.site/api/v1/typebots/saque-up/startChat Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.32.135.56 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 56.135.32.34.bc.googleusercontent.com Software railway / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://consultasaldoo2024.site Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * date Tue, 12 Mar 2024 21:24:41 GMT server railway vary Access-Control-Request-Headers
GET H2	200	751714986819620 Show response connect.facebook.net/signals/config/	53 KB 11 KB	24ms 23ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/751714986819620?v=2.9.148&r=stable&domain=consultasaldoo2024.site&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 5cebba0e381dc7ba05092b6f379d2565202d5f7e4d179fb5d3d73431383309f8 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://consultasaldoo2024.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 12 Mar 2024 21:24:40 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 11063 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=21, rtx=0, c=86, mss=1294, tbw=98625, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug HczxW/PTIF7/bRCuSGy0+XrxBf/knmQSa+r3M+S8icYI6lDFfGkBp3jW18GppMnowg7ISw+3GEzo0JAmRco1aQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	70ms 23ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=751714986819620&ev=PageView&dl=https%3A%2F%2Fconsultasaldoo2024.site%2F03%2F&rl=&if=false&ts=1710278680770&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1710278680770.508092851&ler=empty&it=1710278680756&coo=false&rqm=GET Requested by Host: consultasaldoo2024.site URL: https://consultasaldoo2024.site/03/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language nl-NL,nl;q=0.9 Referer https://consultasaldoo2024.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1294, tbw=2767, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Tue, 12 Mar 2024 21:24:40 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	css2 fonts.googleapis.com/	4 KB 711 B	32ms 32ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 29232bcae02c36eedc72fa27e6a41d126af97287d2e4523a0bbed695ee61a965 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://consultasaldoo2024.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Tue, 12 Mar 2024 21:24:42 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Tue, 12 Mar 2024 21:24:42 GMT
GET H2	200	css2 fonts.googleapis.com/	32 KB 1 KB	33ms 33ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 44949d44d91d5f40e59f727da4de310d569878b03cd5d538215f100a1514e8d0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://consultasaldoo2024.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers strict-transport-security max-age=31536000 date Tue, 12 Mar 2024 21:24:42 GMT content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Tue, 12 Mar 2024 21:24:42 GMT
GET H2	200	o7WhI0g.png i.imgur.com/	178 KB 179 KB	108ms 23ms	Image image/png	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/o7WhI0g.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash be1900434cb3e2a92adec6f3a957285e6480d49cd53efbf7b26207098e5113d7 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://consultasaldoo2024.site/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 12 Mar 2024 21:24:42 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 1810224 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT, HIT content-length 182421 x-served-by cache-iad-kjyo7100145-IAD, cache-fra-etou8220047-FRA last-modified Tue, 20 Feb 2024 22:34:18 GMT server cat factory 1.0 x-timer S1710278682.220157,VS0,VE2 etag "b42d36836ff3d760954e7cf264763488" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id Z_Qlcwk8DxN8Q5thTHuiS9nneU0bNu_Js06GX7DLC7usQyiwyCfewA== x-cache-hits 11, 1
GET H2	200	JTUQjIg1_i6t8kCHKm459WxRyS7m0dR9pA.woff2 fonts.gstatic.com/s/montserrat/v26/	33 KB 34 KB	23ms 23ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m0dR9pA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f493bc8eacfa4d5dac70996bf00a6a4c55e508bc0555ead3951b32524c06f08 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://consultasaldoo2024.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 11 Mar 2024 19:17:01 GMT x-content-type-options nosniff age 94061 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34300 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:44:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 11 Mar 2025 19:17:01 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 33 KB	33ms 33ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://consultasaldoo2024.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 06 Mar 2024 06:51:04 GMT x-content-type-options nosniff age 570818 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33148 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:39:50 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Mar 2025 06:51:04 GMT

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq object| Typebot

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.consultasaldoo2024.site/	1970-01-20 21:14:14	Name: _fbp Value: fb.1.1710278680770.508092851

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://consultasaldoo2024.site/03/Raleway-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://connect.facebook.net/signals/config/751714986819620?v=2.9.142&r=stable&domain=127.0.0.1(Line 127) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
chat.areadesuporte.site
configuracaosites.tech
connect.facebook.net
consultasaldoo2024.site
fonts.bunny.net
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
www.facebook.com
146.75.120.193
178.62.225.63
2400:52e0:1e00::1080:1
2606:4700::6810:5914
2a00:1450:4001:80b::2003
2a00:1450:4001:813::200a
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.32.135.56
91.191.212.2
29232bcae02c36eedc72fa27e6a41d126af97287d2e4523a0bbed695ee61a965
30b35c47b0d25ae75f22fe4d6a4c9b87abdd83ea83cc6de7f2bff059c8e13dc3
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82
44949d44d91d5f40e59f727da4de310d569878b03cd5d538215f100a1514e8d0
5017211977e75b25b826560915e6e9569d4b10d247ae6abb855b5cc69733c809
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5cebba0e381dc7ba05092b6f379d2565202d5f7e4d179fb5d3d73431383309f8
65b24aa8cf99efb0606328dfb59a0b69f3dc385b53d7d684e4f5c2bfffdadb67
7a6e11aa8d9d558ac507f690c40b4cefa55e640027173effd6576a0cec635172
7fd0acaea29138796b0f990f987d47b4e547393bbd452a4afef27e37e8c1bbbf
89d37961beca0113ac732e39e9b9477fd2a32d57da45a399f1149d6d6ce417b7
8f493bc8eacfa4d5dac70996bf00a6a4c55e508bc0555ead3951b32524c06f08
be1900434cb3e2a92adec6f3a957285e6480d49cd53efbf7b26207098e5113d7
d4857e99e90e48188edfac50d2a60aaa8a56dddf323340aa663b8caac0b2a9cf
d58597d1114fa4e7d486e0f6c53b1495778c410c9adbb2e2b9a32e40f01b2e31
de87ef766937eaf5107ea3e9a2a378f39aa123abfc451de76e011f887be28b39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fbc2191c86289dc58ba977ead1d3fba278d36ae36ce3a601af798e41a8468d3b