consultasegura.site Open in urlscan Pro
2a02:4780:13:1281:0:1c7d:dd84:4  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response consultasegura.site/oficial/	64 KB 12 KB	668ms 213ms	Document text/html	2a02:4780:13:1281:0:1c7d:dd84:4 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://consultasegura.site/oficial/?CPF=42728070300&utm_source=FB&utm_campaign=%255BSAQUE%255D%2B%255BESCALA%2BV%25C3%258DDEO%2B1-1-4%255D%2B%255B24%252F01%252F2024%255D%2B%255BCA%2B03%255D%2B%255BPF%2BMARA%255D%2B19%257C120204188904660391&utm_medium=Conjunto%2B03%2B%25E2%2580%2594%2Bvencedor%257C120204188906250391&utm_content=CTV%2B04%257C120204188905840391&fbclid=PAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:1281:0:1c7d:dd84:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 83f5552045c9e539b3f5ca9a0e96610ce9026abc50e688cccc1542b1cdad865f Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 11626 content-security-policy upgrade-insecure-requests content-type text/html date Fri, 26 Jan 2024 12:19:35 GMT etag "100d9-65b2ca25-3a1094f65a1a10dc;br" last-modified Thu, 25 Jan 2024 20:52:53 GMT platform hostinger server LiteSpeed vary Accept-Encoding
GET H2	200	css2 fonts.bunny.net/	14 KB 1 KB	85ms 20ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://fonts.bunny.net/css2?family=Montserrat:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap%27);%27) Requested by Host: consultasegura.site URL: https://consultasegura.site/oficial/?CPF=42728070300&utm_source=FB&utm_campaign=%255BSAQUE%255D%2B%255BESCALA%2BV%25C3%258DDEO%2B1-1-4%255D%2B%255B24%252F01%252F2024%255D%2B%255BCA%2B03%255D%2B%255BPF%2BMARA%255D%2B19%257C120204188904660391&utm_medium=Conjunto%2B03%2B%25E2%2580%2594%2Bvencedor%257C120204188906250391&utm_content=CTV%2B04%257C120204188905840391&fbclid=PAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 5017211977e75b25b826560915e6e9569d4b10d247ae6abb855b5cc69733c809 Request headers accept-language de-DE,de;q=0.9 Referer https://consultasegura.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 12:19:35 GMT content-encoding br cdn-edgestorageid 1081 cdn-cachedat 01/06/2024 20:01:27 cdn-pullzone 781720 last-modified Sat, 06 Jan 2024 20:01:27 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 88b66f3713f1e2a8920f396b82928453 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	css2 fonts.googleapis.com/	4 KB 1 KB	79ms 29ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap Requested by Host: consultasegura.site URL: https://consultasegura.site/oficial/?CPF=42728070300&utm_source=FB&utm_campaign=%255BSAQUE%255D%2B%255BESCALA%2BV%25C3%258DDEO%2B1-1-4%255D%2B%255B24%252F01%252F2024%255D%2B%255BCA%2B03%255D%2B%255BPF%2BMARA%255D%2B19%257C120204188904660391&utm_medium=Conjunto%2B03%2B%25E2%2580%2594%2Bvencedor%257C120204188906250391&utm_content=CTV%2B04%257C120204188905840391&fbclid=PAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5d42a79db8dabd4f59604e82faadb971c4252870d1afb31d7512f0ccbc518ce0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://consultasegura.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 26 Jan 2024 12:19:35 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 26 Jan 2024 11:15:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 26 Jan 2024 12:19:35 GMT
GET H2	200	css2 fonts.googleapis.com/	31 KB 1 KB	81ms 30ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Requested by Host: consultasegura.site URL: https://consultasegura.site/oficial/?CPF=42728070300&utm_source=FB&utm_campaign=%255BSAQUE%255D%2B%255BESCALA%2BV%25C3%258DDEO%2B1-1-4%255D%2B%255B24%252F01%252F2024%255D%2B%255BCA%2B03%255D%2B%255BPF%2BMARA%255D%2B19%257C120204188904660391&utm_medium=Conjunto%2B03%2B%25E2%2580%2594%2Bvencedor%257C120204188906250391&utm_content=CTV%2B04%257C120204188905840391&fbclid=PAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash dfd49386cddb9206efda2b55a47f35dbe47accd369244148cdd80a547ee925a3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://consultasegura.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 26 Jan 2024 12:19:35 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 26 Jan 2024 11:26:10 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 26 Jan 2024 12:19:35 GMT
GET H2	200	751714986819620 Show response connect.facebook.net/signals/config/	136 KB 36 KB	141ms 99ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/751714986819620?v=2.9.142&r=stable&domain=127.0.0.1 Requested by Host: consultasegura.site URL: https://consultasegura.site/oficial/?CPF=42728070300&utm_source=FB&utm_campaign=%255BSAQUE%255D%2B%255BESCALA%2BV%25C3%258DDEO%2B1-1-4%255D%2B%255B24%252F01%252F2024%255D%2B%255BCA%2B03%255D%2B%255BPF%2BMARA%255D%2B19%257C120204188904660391&utm_medium=Conjunto%2B03%2B%25E2%2580%2594%2Bvencedor%257C120204188906250391&utm_content=CTV%2B04%257C120204188905840391&fbclid=PAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 94ac79fabee80722703003f6c3054c375c97744f3ce347c647c5e7c604a930e6 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://consultasegura.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 26 Jan 2024 12:19:36 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0" pragma public x-fb-debug /XafdO+9WnFVLASOGJuPUjcn2hshSnK4RgvxG3NYdeR2AGtP97Hq+CmqOikcLsOoVSJPQ/jfX8sB7dDycXoTSA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	213 KB 57 KB	63ms 21ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: consultasegura.site URL: https://consultasegura.site/oficial/?CPF=42728070300&utm_source=FB&utm_campaign=%255BSAQUE%255D%2B%255BESCALA%2BV%25C3%258DDEO%2B1-1-4%255D%2B%255B24%252F01%252F2024%255D%2B%255BCA%2B03%255D%2B%255BPF%2BMARA%255D%2B19%257C120204188904660391&utm_medium=Conjunto%2B03%2B%25E2%2580%2594%2Bvencedor%257C120204188906250391&utm_content=CTV%2B04%257C120204188905840391&fbclid=PAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4101e4fa9bdc7ecb354caf1649d251f838a10b437009900ecc30321fe472b154 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://consultasegura.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 26 Jan 2024 12:19:36 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57022 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0" pragma public x-fb-debug ZtThBzthaf3FnZB/oF15PGqO5K5SFbwDNcdureCxW8LfDa6KhcAqD6VcL7xuSpmx3Fdpg6xQ7ovhO/LSfPU3lw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 x-fb-optimizer 0 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET		logo-gov.webp chat2.ministeriodafazenda.org/restituicao-de-valores-a-receber/assets/	0 0
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fbc2191c86289dc58ba977ead1d3fba278d36ae36ce3a601af798e41a8468d3b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	285 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7fd0acaea29138796b0f990f987d47b4e547393bbd452a4afef27e37e8c1bbbf Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml
GET		background-texture.png chat2.ministeriodafazenda.org/restituicao-de-valores-a-receber/assets/	0 0
GET H2	404	Raleway-Bold.woff consultasegura.site/oficial/	0 0	213ms 213ms	Font text/html	2a02:4780:13:1281:0:1c7d:dd84:4 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://consultasegura.site/oficial/Raleway-Bold.woff Requested by Host: consultasegura.site URL: https://consultasegura.site/oficial/?CPF=42728070300&utm_source=FB&utm_campaign=%255BSAQUE%255D%2B%255BESCALA%2BV%25C3%258DDEO%2B1-1-4%255D%2B%255B24%252F01%252F2024%255D%2B%255BCA%2B03%255D%2B%255BPF%2BMARA%255D%2B19%257C120204188904660391&utm_medium=Conjunto%2B03%2B%25E2%2580%2594%2Bvencedor%257C120204188906250391&utm_content=CTV%2B04%257C120204188905840391&fbclid=PAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:13:1281:0:1c7d:dd84:4 São Paulo, Brazil, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash Request headers Referer https://consultasegura.site/oficial/?CPF=42728070300&utm_source=FB&utm_campaign=%255BSAQUE%255D%2B%255BESCALA%2BV%25C3%258DDEO%2B1-1-4%255D%2B%255B24%252F01%252F2024%255D%2B%255BCA%2B03%255D%2B%255BPF%2BMARA%255D%2B19%257C120204188904660391&utm_medium=Conjunto%2B03%2B%25E2%2580%2594%2Bvencedor%257C120204188906250391&utm_content=CTV%2B04%257C120204188905840391&fbclid=PAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc Origin https://consultasegura.site accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 12:19:36 GMT content-encoding br last-modified Tue, 31 Oct 2023 20:05:55 GMT server LiteSpeed etag "999-65415e23-3d2632f75c6524f8;br" vary Accept-Encoding content-type text/html accept-ranges bytes platform hostinger content-length 912
GET H2	200	web.js Show response cdn.jsdelivr.net/npm/@typebot.io/js@0.2.31/dist/	219 KB 64 KB	82ms 37ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@typebot.io/js@0.2.31/dist/web.js Requested by Host: consultasegura.site URL: https://consultasegura.site/oficial/?CPF=42728070300&utm_source=FB&utm_campaign=%255BSAQUE%255D%2B%255BESCALA%2BV%25C3%258DDEO%2B1-1-4%255D%2B%255B24%252F01%252F2024%255D%2B%255BCA%2B03%255D%2B%255BPF%2BMARA%255D%2B19%257C120204188904660391&utm_medium=Conjunto%2B03%2B%25E2%2580%2594%2Bvencedor%257C120204188906250391&utm_content=CTV%2B04%257C120204188905840391&fbclid=PAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7a6e11aa8d9d558ac507f690c40b4cefa55e640027173effd6576a0cec635172 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://consultasegura.site/ Origin https://consultasegura.site accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 12:19:36 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 219160 x-jsd-version 0.2.31 content-encoding br x-cache MISS, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230047-FRA, cache-lga21927-LGA x-jsd-version-type version server cloudflare etag W/"36a2f-WpEVfFeZtpQUH5hzXI745/Ngbk8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5gDOMgpYFi9%2FdNWfFgkDVUGAEiIeNpgToubmGIGJtGK2rEQU7WDfMy5Fuu6Zp6rh5n2FsoFIWbjCq5%2BYX4N1OAoMu9fR28RnkvUhbIwa22rRHt9vPOm%2FeH%2B5txhIg8ZuAs1UBVN1UAbfY2sIMA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 84b8b486e87c1c24-FRA
GET H2	200	751714986819620 Show response connect.facebook.net/signals/config/	53 KB 11 KB	74ms 73ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/751714986819620?v=2.9.142&r=stable&domain=consultasegura.site&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 689d24f703f228763b751bd24c62238b2299692a8526c06c7f45446609e8d825 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://consultasegura.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 26 Jan 2024 12:19:36 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0" pragma public x-fb-debug kXN25T/BAR8+xlSwqk3yTODdpxoztYVkUtNY83D2ebnyAXEd2kj8tua7/Tr6DCpz/xU5pcUSXOWDnd6sIOcECA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	startChat Show response chat.chatsdogov.online/api/v1/typebots/saque-novo/	89 KB 14 KB	997ms 996ms	Fetch application/json	2606:4700:3032::ac43:c7c7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://chat.chatsdogov.online/api/v1/typebots/saque-novo/startChat Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/@typebot.io/js@0.2.31/dist/web.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72212b582a1d56bed2ad9874ff6487be01c3f63a10ed73b2f04dc6537a6a05f6 Request headers accept application/json Referer https://consultasegura.site/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 content-type application/json Response headers date Fri, 26 Jan 2024 12:19:37 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Snrzl0rUgI6TFGM1oZGA1cORtarxu5JVtSJe%2FWqoKDcrEuQD44EwJNPEaAwSMF5NejzHGxmGDQmowfLtpF5l5Lc50Il3gUrdoi9Xrrbc4w2jIk2y7lR%2FbUUihTdjMzBj9D9hzxcGUS8NO0pLBs1%2BPE2htGpf"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * cf-ray 84b8b489b94766c4-AMS alt-svc h3=":443"; ma=86400
OPTIONS H2	204	startChat chat.chatsdogov.online/api/v1/typebots/saque-novo/	0 0	347ms 206ms	Preflight	2606:4700:3032::ac43:c7c7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://chat.chatsdogov.online/api/v1/typebots/saque-novo/startChat Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://consultasegura.site Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84b8b4886f6866c4-AMS date Fri, 26 Jan 2024 12:19:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obYx4rEjlsZOeUejwr286OBZzTxMpKBC8Hb9AfXouptjsalpUJrQQTU2DIfwtcry0KaRoJ7WEkw68o%2FwtE34fTT4Qj3Yc%2FyO1H3j4zHwpBV5j1I3qMPEJcA%2BAOAtebBIioHR4J4JSn%2FwAWAxk0IVB1ZNOnbP"}],"group":"cf-nel","max_age":604800} server cloudflare vary Access-Control-Request-Headers
GET H2	200	/ www.facebook.com/tr/	0 185 B	66ms 21ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=751714986819620&ev=PageView&dl=https%3A%2F%2Fconsultasegura.site%2Foficial%2F%3FCPF%3D42728070300%26utm_source%3DFB%26utm_campaign%3D%25255BSAQUE%25255D%252B%25255BESCALA%252BV%2525C3%25258DDEO%252B1-1-4%25255D%252B%25255B24%25252F01%25252F2024%25255D%252B%25255BCA%252B03%25255D%252B%25255BPF%252BMARA%25255D%252B19%25257C120204188904660391%26utm_medium%3DConjunto%252B03%252B%2525E2%252580%252594%252Bvencedor%25257C120204188906250391%26utm_content%3DCTV%252B04%25257C120204188905840391%26fbclid%3DPAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc&rl=&if=false&ts=1706271576241&sw=1600&sh=1200&v=2.9.142&r=stable&ec=0&o=4126&fbc=fb.1.1706271576240.PAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc&fbp=fb.1.1706271576241.1836715366&ler=empty&it=1706271576201&coo=false&exp=d3&rqm=GET Requested by Host: consultasegura.site URL: https://consultasegura.site/oficial/?CPF=42728070300&utm_source=FB&utm_campaign=%255BSAQUE%255D%2B%255BESCALA%2BV%25C3%258DDEO%2B1-1-4%255D%2B%255B24%252F01%252F2024%255D%2B%255BCA%2B03%255D%2B%255BPF%2BMARA%255D%2B19%257C120204188904660391&utm_medium=Conjunto%2B03%2B%25E2%2580%2594%2Bvencedor%257C120204188906250391&utm_content=CTV%2B04%257C120204188905840391&fbclid=PAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://consultasegura.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Fri, 26 Jan 2024 12:19:36 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	1Ptug8zYS_SKggPNyC0ITw.woff2 fonts.gstatic.com/s/raleway/v29/	47 KB 48 KB	106ms 52ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://consultasegura.site accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 23 Jan 2024 22:26:00 GMT x-content-type-options nosniff age 222816 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48208 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 Jan 2025 22:26:00 GMT
GET H2	200	avatar.webp chatdogov.online/audio2/assets/	10 KB 10 KB	836ms 132ms	Image image/webp	91.191.212.2 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://chatdogov.online/audio2/assets/avatar.webp Requested by Host: consultasegura.site URL: https://consultasegura.site/oficial/?CPF=42728070300&utm_source=FB&utm_campaign=%255BSAQUE%255D%2B%255BESCALA%2BV%25C3%258DDEO%2B1-1-4%255D%2B%255B24%252F01%252F2024%255D%2B%255BCA%2B03%255D%2B%255BPF%2BMARA%255D%2B19%257C120204188904660391&utm_medium=Conjunto%2B03%2B%25E2%2580%2594%2Bvencedor%257C120204188906250391&utm_content=CTV%2B04%257C120204188905840391&fbclid=PAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 91.191.212.2 Miami, United States, ASN29802 (HVC-AS, US), Reverse DNS 91-191-212-2.static.hvvc.us Software LiteSpeed / Resource Hash 7a196b7dc56bf465fe279e54855f88ac930c5f6313e312ee52a4a94b019841c7 Request headers accept-language de-DE,de;q=0.9 Referer https://consultasegura.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 12:19:38 GMT last-modified Tue, 23 Jan 2024 19:15:14 GMT server LiteSpeed vary User-Agent content-type image/webp cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 10292 expires Fri, 02 Feb 2024 12:19:38 GMT
GET H2	200	js_whatsapp_091023_v_001.js Show response igorlemoes.com.br/files/whatsapp/	6 KB 2 KB	1620ms 917ms	Script application/javascript	177.154.191.213 WDI SOLUCOES EM T...
General Check archive.org Show headers Download Go to Full URL https://igorlemoes.com.br/files/whatsapp/js_whatsapp_091023_v_001.js Requested by Host: consultasegura.site URL: https://consultasegura.site/oficial/?CPF=42728070300&utm_source=FB&utm_campaign=%255BSAQUE%255D%2B%255BESCALA%2BV%25C3%258DDEO%2B1-1-4%255D%2B%255B24%252F01%252F2024%255D%2B%255BCA%2B03%255D%2B%255BPF%2BMARA%255D%2B19%257C120204188904660391&utm_medium=Conjunto%2B03%2B%25E2%2580%2594%2Bvencedor%257C120204188906250391&utm_content=CTV%2B04%257C120204188905840391&fbclid=PAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 177.154.191.213 , Brazil, ASN53038 (IDC19 - WDI SOLUCOES EM TEC INFORMACAO LTDA, BR), Reverse DNS br.mirial4090.com.br Software / Resource Hash bb39ca9e0da4c0ea85313d0dd40f6f2500249d88715a317bfa994e21e24092b1 Request headers accept-language de-DE,de;q=0.9 Referer https://consultasegura.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 12:19:38 GMT content-encoding br last-modified Mon, 09 Oct 2023 17:22:04 GMT servidor Núcleo Brasil Servidores vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 2064 localizacao Mirial - Ascenty - SP Brasil expires Fri, 02 Feb 2024 12:19:38 GMT
GET H2	200	montserrat-latin-400-normal.woff2 fonts.bunny.net/montserrat/files/	12 KB 13 KB	69ms 26ms	Font font/woff2	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://fonts.bunny.net/montserrat/files/montserrat-latin-400-normal.woff2 Requested by Host: fonts.bunny.net URL: https://fonts.bunny.net/css2?family=Montserrat:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap%27);%27) Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394 Request headers Referer https://fonts.bunny.net/css2?family=Montserrat:ital,wght@0,300;0,400;0,600;1,300;1,400;1,600&display=swap%27);%27) Origin https://consultasegura.site accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 12:19:37 GMT cdn-edgestorageid 1081 cdn-storageserver DE-51 cdn-cachedat 11/01/2023 17:49:52 cdn-pullzone 781720 content-length 12708 last-modified Thu, 06 Jul 2023 07:36:59 GMT server BunnyCDN-DE1-1080 cdn-fileserver 660 cdn-requestpullcode 200 cdn-proxyver 1.04 etag "64a66f1b-31a4" content-type font/woff2 access-control-allow-origin * cdn-cache HIT cdn-uid 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid bc9f2a5208565fa0533efe86417adb52 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 32 KB	25ms 24ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://consultasegura.site accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 23 Jan 2024 23:30:27 GMT x-content-type-options nosniff age 218950 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 22 Jan 2025 23:30:27 GMT
GET H2	206	audio_whatsapp.mp3 igorlemoes.com.br/files/whatsapp/	80 KB 0	1147ms 462ms	Media audio/mpeg	177.154.191.213 WDI SOLUCOES EM T...
General Check archive.org Show headers Download Go to Full URL https://igorlemoes.com.br/files/whatsapp/audio_whatsapp.mp3 Requested by Host: consultasegura.site URL: https://consultasegura.site/oficial/?CPF=42728070300&utm_source=FB&utm_campaign=%255BSAQUE%255D%2B%255BESCALA%2BV%25C3%258DDEO%2B1-1-4%255D%2B%255B24%252F01%252F2024%255D%2B%255BCA%2B03%255D%2B%255BPF%2BMARA%255D%2B19%257C120204188904660391&utm_medium=Conjunto%2B03%2B%25E2%2580%2594%2Bvencedor%257C120204188906250391&utm_content=CTV%2B04%257C120204188905840391&fbclid=PAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 177.154.191.213 , Brazil, ASN53038 (IDC19 - WDI SOLUCOES EM TEC INFORMACAO LTDA, BR), Reverse DNS br.mirial4090.com.br Software / Resource Hash Request headers Referer https://consultasegura.site/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Range bytes=0- Response headers date Fri, 26 Jan 2024 12:19:37 GMT last-modified Fri, 06 Oct 2023 15:08:38 GMT servidor Núcleo Brasil Servidores content-type audio/mpeg Content-Range bytes 0-135140/135141 alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" Content-Length 135141 localizacao Mirial - Ascenty - SP Brasil
GET H3	200	JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 fonts.gstatic.com/s/montserrat/v26/	33 KB 34 KB	21ms 21ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://consultasegura.site accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Mon, 22 Jan 2024 21:22:30 GMT x-content-type-options nosniff age 313031 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34288 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:52:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 21 Jan 2025 21:22:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

chat2.ministeriodafazenda.org

URL

https://chat2.ministeriodafazenda.org/restituicao-de-valores-a-receber/assets/logo-gov.webp

Domain

chat2.ministeriodafazenda.org

URL

https://chat2.ministeriodafazenda.org/restituicao-de-valores-a-receber/assets/background-texture.png

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq object| Typebot function| criarBarra

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.consultasegura.site/	1970-01-20 20:07:27	Name: _fbc Value: fb.1.1706271576240.PAAaaxdQxOt8P1nG5hfMLfqzkJ-WCQ_lndG58b1i86_YGg7lkz8yUUAPtEmno_aem_AZzTgB-tqlaQHBzDJ0qrO4OYGBa3te4VTqTuXSdF8XIZ_KUV2L4VLW2zKWfrVmH5qTtzExugthXoy89SKuhI1usc
			.consultasegura.site/	1970-01-20 20:07:27	Name: _fbp Value: fb.1.1706271576241.1836715366

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/751714986819620?v=2.9.142&r=stable&domain=127.0.0.1(Line 127) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://consultasegura.site/oficial/Raleway-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
chat.chatsdogov.online
chat2.ministeriodafazenda.org
chatdogov.online
connect.facebook.net
consultasegura.site
fonts.bunny.net
fonts.googleapis.com
fonts.gstatic.com
igorlemoes.com.br
www.facebook.com
chat2.ministeriodafazenda.org
177.154.191.213
2400:52e0:1e00::1080:1
2606:4700:3032::ac43:c7c7
2606:4700::6810:5914
2a00:1450:4001:828::200a
2a00:1450:4001:830::2003
2a02:4780:13:1281:0:1c7d:dd84:4
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
91.191.212.2
4101e4fa9bdc7ecb354caf1649d251f838a10b437009900ecc30321fe472b154
5017211977e75b25b826560915e6e9569d4b10d247ae6abb855b5cc69733c809
5d42a79db8dabd4f59604e82faadb971c4252870d1afb31d7512f0ccbc518ce0
689d24f703f228763b751bd24c62238b2299692a8526c06c7f45446609e8d825
72212b582a1d56bed2ad9874ff6487be01c3f63a10ed73b2f04dc6537a6a05f6
7a196b7dc56bf465fe279e54855f88ac930c5f6313e312ee52a4a94b019841c7
7a6e11aa8d9d558ac507f690c40b4cefa55e640027173effd6576a0cec635172
7fd0acaea29138796b0f990f987d47b4e547393bbd452a4afef27e37e8c1bbbf
83f5552045c9e539b3f5ca9a0e96610ce9026abc50e688cccc1542b1cdad865f
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
94ac79fabee80722703003f6c3054c375c97744f3ce347c647c5e7c604a930e6
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb39ca9e0da4c0ea85313d0dd40f6f2500249d88715a317bfa994e21e24092b1
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
dfd49386cddb9206efda2b55a47f35dbe47accd369244148cdd80a547ee925a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fbc2191c86289dc58ba977ead1d3fba278d36ae36ce3a601af798e41a8468d3b