pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev Open in urlscan Pro
2606:4700::6812:223 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://media4ventures.it/nu/AYXNpbHZhQGNpZW5jaWF2aXZhLnB0
Effective URL:
https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html
Submission: On November 09 via api (November 9th 2023, 8:23:45 pm UTC) from US — Scanned from US

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 44 HTTP transactions. The main IP is 2606:4700::6812:223, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev.
TLS certificate: Issued by E1 on October 11th 2023. Valid for: 3 months.

This is the only time pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	69.49.245.172 69.49.245.172	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1	2606:4700::68... 2606:4700::6812:223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c17::5f	15169 (GOOGLE) (GOOGLE)
1	103.153.183.146 103.153.183.146	140947 (SNTHOSTIN...) (SNTHOSTINGS-AS-AP SnTHostings)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	2607:f8b0:400... 2607:f8b0:4004:c1d::67	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::6a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	193.137.20.178 193.137.20.178	1930 (RCCN Fund...) (RCCN Fundacao para a Ciencia e a Tecnologia)
2	193.137.20.159 193.137.20.159	1930 (RCCN Fund...) (RCCN Fundacao para a Ciencia e a Tecnologia)
1	2607:f8b0:400... 2607:f8b0:4004:c19::5e	() ()
5	2607:f8b0:400... 2607:f8b0:4004:c07::5e	() ()
44	15

1 69.49.245.172 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 69-49-245-172.webhostbox.net

media4ventures.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:223 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.153.183.146 (Los Angeles, United States)

ASN140947 (SNTHOSTINGS-AS-AP SnTHostings, IN)
PTR: 103.153.183.146.static.snthostings.com

mytehranmusic.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c1d::67 (Washington, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::6a (Washington, United States)

ASN15169 (GOOGLE, US)

t1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 193.137.20.178 (Amadora, Portugal)

ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT)

cienciaviva.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.137.20.159 (Amadora, Portugal)

ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT)
PTR: webserver6.cienciaviva.pt

www.pavconhecimento.pt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::5e (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c07::5e (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	cienciaviva.pt cienciaviva.pt	2 MB
8	gstatic.com t1.gstatic.com t0.gstatic.com fonts.gstatic.com www.gstatic.com	473 KB
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	37 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 364	32 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2914	50 KB
2	pavconhecimento.pt www.pavconhecimento.pt	12 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	24 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	7 KB
1	mytehranmusic.ru mytehranmusic.ru
1	r2.dev pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev	180 KB
1	media4ventures.it 1 redirects media4ventures.it	293 B
44	11

	Domain	Requested by
19	cienciaviva.pt	pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev cienciaviva.pt
6	www.google.com	2 redirects cienciaviva.pt www.gstatic.com www.google.com
5	www.gstatic.com	www.google.com
3	fonts.googleapis.com	pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev cienciaviva.pt
2	www.pavconhecimento.pt	cienciaviva.pt
2	maxcdn.bootstrapcdn.com	pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
1	fonts.gstatic.com	fonts.googleapis.com
1	t0.gstatic.com	pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
1	stackpath.bootstrapcdn.com	pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
1	ajax.googleapis.com	pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
1	code.jquery.com	pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
1	t1.gstatic.com	pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
1	cdnjs.cloudflare.com	pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
1	mytehranmusic.ru	pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
1	pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
1	media4ventures.it	1 redirects
44	16

This site contains no links.

Subject Issuer	Validity	Valid
*.r2.dev E1	`2023-10-11` - `2024-01-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.mytehranmusic.ru R3	`2023-09-24` - `2023-12-23`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
my.cienciaviva.pt R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
www.pavconhecimento.pt R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html
Frame ID: 4B7B9E1220F372473ED6D7A94747CA3D
Requests: 12 HTTP requests in this frame

Frame: https://cienciaviva.pt/
Frame ID: 8EE054EECB544D53584943D79B1F7617
Requests: 26 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_xdEUAAAAAKLm_FVzJ37KK2fEz0nK6m22N3T3&co=aHR0cHM6Ly9jaWVuY2lhdml2YS5wdDo0NDM.&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&theme=light&size=normal&cb=axjj4w5u1hg
Frame ID: 44BE49230DF9031A9EB512D5DE3CF184
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Le_xdEUAAAAAKLm_FVzJ37KK2fEz0nK6m22N3T3
Frame ID: 065BCC689AF275F33480ED53A6ACA440
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mail

Page URL History Show full URLs

https://media4ventures.it/nu/AYXNpbHZhQGNpZW5jaWF2aXZhLnB0 HTTP 302
https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

44
Requests

52 %
HTTPS

73 %
IPv6

11
Domains

16
Subdomains

15
IPs

2
Countries

2988 kB
Transfer

5896 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://media4ventures.it/nu/AYXNpbHZhQGNpZW5jaWF2aXZhLnB0 HTTP 302
https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://www.google.com/s2/favicons?sz=64&domain_url=cpanel.com HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cpanel.com&size=64

Request Chain 11

https://www.google.com/s2/favicons?sz=64&domain_url=cienciaviva.pt HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cienciaviva.pt&size=64

44 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.html Show response
pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/
Redirect Chain

https://media4ventures.it/nu/AYXNpbHZhQGNpZW5jaWF2aXZhLnB0
https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html

1 MB
180 KB

297ms
176ms

Document
text/html

2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48a2d0e992570be3f7a2ed11a95d279d2d607e1e86329835daae45e8c0d6270a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-RAY: 8238c65319a24bc7-BUF
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 09 Nov 2023 20:23:38 GMT
ETag: W/"8dbd575bb8dd79b8879a0f5b63d31259"
Last-Modified: Tue, 07 Nov 2023 17:13:34 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Nov 2023 20:23:37 GMT
Keep-Alive: timeout=5, max=100
Location: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html#YXNpbHZhQGNpZW5jaWF2aXZhLnB0
Server: Apache

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
21 KB 157ms
49ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 517
age: 1253770
cdn-cachedat: 10/29/2021 09:04:47
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 1fe2af26056d45b3b9554c0dc68fd24d
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8238c656d8d44bd5-BUF
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 1 KB
903 B 141ms
55ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Archivo+Narrow&display=swap

Requested by

Host: pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad5f1ca3a94cebd89d45b7cf6a963a535bf28144862cffa3a41a31540f7a409f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 20:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 18:59:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 20:23:39 GMT

GET
H/1.1 404
Not Found css2.css
mytehranmusic.ru/.oce/ 0
0 712ms
88ms Stylesheet
text/html 103.153.183.146
SNTHOSTINGS-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://mytehranmusic.ru/.oce/css2.css
Requested by: Host: pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.153.183.146 Los Angeles, United States, ASN140947 (SNTHOSTINGS-AS-AP SnTHostings, IN),
Reverse DNS: 103.153.183.146.static.snthostings.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 117 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fe895ccd96f92fc9649a1a2ff7fd8b44dc9ec1f0d9464c0e43b823b892e6094

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 154ms
42ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 09 Nov 2023 20:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1265749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6157
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsA8iyPRYjaf4G7NgZDU9LIC%2BUlZ5nZptK4XsBI8nAJuYp3tEjsKOuVsKbvaN71oXP775%2FWITA2xuZW0ytfZ7kW13O0UA4ihGvvGCnDxOT8rITGauU%2FF%2B3VRmHjfM%2BI6YMZPBz7erAXQnAZYH0qSh88b"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8238c656e8d84bd5-BUF
expires: Tue, 29 Oct 2024 20:23:39 GMT

GET
H2

200

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?sz=64&domain_url=cpanel.com
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cpanel.com&size=64

534 B
1 KB

112ms
37ms

Image
image/png

2607:f8b0:4004:c06::6a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cpanel.com&size=64

Requested by

Host: pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html

Protocol

Server

2607:f8b0:4004:c06::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f1961d76b621894ec3261101300423548ce53681fb62c15a2a05a8ac8a5604f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:39 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 534
x-xss-protection: 0
last-modified: Fri, 08 Dec 2017 03:28:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://cpanel.net/wp-content/themes/cPbase/assets/img/apple-touch-icon.png
expires: Thu, 16 Nov 2023 20:23:39 GMT

Redirect headers

date: Thu, 09 Nov 2023 20:01:15 GMT
x-content-type-options: nosniff
server: sffe
age: 1344
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cpanel.com&size=64
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Thu, 09 Nov 2023 20:31:15 GMT

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 172ms
54ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 09 Nov 2023 20:23:39 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4657620
x-cache: HIT, HIT
content-length: 23856
x-served-by: cache-lga21963-LGA, cache-nyc-kteb1890036-NYC
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699561419.383175,VS0,VE0
etag: W/"28feccc0-10fdd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 4, 24320

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 133ms
48ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 09 Nov 2023 20:23:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1001
age: 1013924
cdn-cachedat: 10/01/2022 01:42:47
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f1b35a507a27ac9c79c5cd36b356838d
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8238c656d8d54bd5-BUF
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 128ms
41ms Script
text/javascript 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 08 Nov 2023 08:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Nov 2024 08:52:36 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
15 KB 151ms
41ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 09 Nov 2023 20:23:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 852
age: 1343034
cdn-cachedat: 11/06/2022 20:25:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"67176c242e1bdc20603c878dee836df3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 9a5433488a7ff8494ccd27f0421ec1e9
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8238c656ff8d6aee-BUF
cdn-requestpullsuccess: True

GET
H2 200 / Show response
cienciaviva.pt/ Frame 8EE0 19 KB
19 KB 860ms
249ms Document
text/html 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/
Requested by: Host: pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: 08596c1586365fd773ba00dda3dc6a798b2bddc75e886f0ec33f9365bd341090

Request headers

Referer: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Thu, 09 Nov 2023 20:23:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7

GET
H2

200

faviconV2
t0.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?sz=64&domain_url=cienciaviva.pt
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cienciaviva.pt&size=64

700 B
1 KB

125ms
39ms

Image
image/png

2607:f8b0:4004:c1d::67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cienciaviva.pt&size=64

Requested by

Host: pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html

Protocol

Server

2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1104862e775a47cc754ff7970c42116cb56edb5a29d35e622d6c22d27f1b559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:40 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 700
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.pavconhecimento.pt/favicon.png
expires: Thu, 16 Nov 2023 20:23:40 GMT

Redirect headers

date: Thu, 09 Nov 2023 20:23:39 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://cienciaviva.pt&size=64
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Thu, 09 Nov 2023 20:53:39 GMT

GET
H2 200 style.css
cienciaviva.pt/css/ Frame 8EE0 380 KB
383 KB 608ms
606ms Stylesheet
text/css 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/css/style.css
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: 2eaba82c190976a4ebbee3f7b06981588a3a84a7345b69c4be8b1f2ca9aeced5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:40 GMT
last-modified: Thu, 02 Nov 2023 06:37:04 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "5f05c-609259dacbcee"
content-length: 389212
content-type: text/css

GET
H2 200 style.css
cienciaviva.pt/ Frame 8EE0 8 KB
8 KB 206ms
205ms Stylesheet
text/css 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/style.css
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: 51bc8c6c8875cf8bd8083ce2f87ea4e7d6f7bd2261d2e1bd571189760f66ae46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:40 GMT
last-modified: Thu, 02 Nov 2023 06:37:04 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "1e6b-609259daf4948"
content-length: 7787
content-type: text/css

GET
H2 200 jquery-3.4.1.min.js Show response
cienciaviva.pt/js/ Frame 8EE0 86 KB
87 KB 600ms
599ms Script
application/javascript 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/js/jquery-3.4.1.min.js
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:40 GMT
last-modified: Thu, 02 Nov 2023 06:37:04 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "15851-609259daed800"
content-length: 88145
content-type: application/javascript

GET
H2 200 jquery.validate.min.js Show response
cienciaviva.pt/js/ Frame 8EE0 21 KB
21 KB 206ms
205ms Script
application/javascript 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/js/jquery.validate.min.js
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: 8f837d63b76db1ba961b2c2136da4233dfb80d6db32644468a32d40241ebf92b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:40 GMT
last-modified: Thu, 02 Nov 2023 07:13:35 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "524c-60926204ab7c0"
content-length: 21068
content-type: application/javascript

GET
H2 200 logo3.png
cienciaviva.pt/images/ Frame 8EE0 65 KB
65 KB 206ms
206ms Image
image/png 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cienciaviva.pt/images/logo3.png
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: 945dc807acf24da11cb36dc88c70c769ca28d808787fe18674cfe9eac45a3a3b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:40 GMT
last-modified: Thu, 02 Nov 2023 06:37:04 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "1029f-609259dae9d67"
content-length: 66207
content-type: image/png

GET
H2 200 world.svg
www.pavconhecimento.pt/img/ Frame 8EE0 6 KB
6 KB 542ms
146ms Image
image/svg+xml 193.137.20.159
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pavconhecimento.pt/img/world.svg
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.159 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS: webserver6.cienciaviva.pt
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1c mod_fcgid/2.3.9 /
Resource Hash: dddc758853b1bc11be81e6ef37071b1c5ea4ee620f7726631e17cfa7c0b15ffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:40 GMT
last-modified: Thu, 10 May 2018 10:09:54 GMT
server: Apache/2.4.37 (centos) OpenSSL/1.1.1c mod_fcgid/2.3.9
etag: "17fb-56bd73894f998"
content-type: image/svg+xml
access-control-allow-origin: http://www.encontrociencia.pt
accept-ranges: bytes
content-length: 6139

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 8EE0 1 KB
856 B 59ms
58ms Script
text/javascript 2607:f8b0:4004:c1d::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: cienciaviva.pt
URL: https://cienciaviva.pt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e42ff12ff7d3e1dd17052f38f42b2b90abbf317e7ebbdd8d2dc253d7798ab2e4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 09 Nov 2023 20:23:43 GMT

GET
H2 200 mmenu.min.js Show response
cienciaviva.pt/scripts/ Frame 8EE0 24 KB
24 KB 473ms
473ms Script
application/javascript 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/scripts/mmenu.min.js
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: e4b3f2745603de64e9d68f3b3049db44eb0c9b842d0d7e4dd7d2280e5414aef5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:41 GMT
last-modified: Thu, 02 Nov 2023 07:26:14 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "5ffa-609264d89e9bc"
content-length: 24570
content-type: application/javascript

GET
H2 200 chosen.min.js Show response
cienciaviva.pt/scripts/ Frame 8EE0 27 KB
27 KB 420ms
419ms Script
application/javascript 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/scripts/chosen.min.js
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: d6379f5ebcf39d1d86a6c142653f098e28eac695ccae7a6919434f616f27a177

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:41 GMT
last-modified: Thu, 02 Nov 2023 07:26:14 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "6afd-609264d89e5d4"
content-length: 27389
content-type: application/javascript

GET
H2 200 slick.min.js Show response
cienciaviva.pt/scripts/ Frame 8EE0 41 KB
41 KB 1715ms
1715ms Script
application/javascript 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/scripts/slick.min.js
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:41 GMT
last-modified: Thu, 02 Nov 2023 07:26:14 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "a3e1-609264d89e9bc"
content-length: 41953
content-type: application/javascript

GET
H2 200 magnific-popup.min.js Show response
cienciaviva.pt/scripts/ Frame 8EE0 21 KB
21 KB 1709ms
1708ms Script
application/javascript 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/scripts/magnific-popup.min.js
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: 74cd5cfea9b65cb0532f326ab66d272c37c20175437fed537d26ae0176942182

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:41 GMT
last-modified: Thu, 02 Nov 2023 07:26:14 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "5293-609264d89e9bc"
content-length: 21139
content-type: application/javascript

GET
H2 200 counterup.min.js Show response
cienciaviva.pt/scripts/ Frame 8EE0 14 KB
14 KB 387ms
386ms Script
application/javascript 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/scripts/counterup.min.js
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: 2d63eaf54029369b0d07841c114f8d787a6c51db598589ea7fe9be5bbad6184b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:43 GMT
last-modified: Thu, 02 Nov 2023 07:26:14 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "3842-609264d89e5d4"
content-length: 14402
content-type: application/javascript

GET
H2 200 custom.js Show response
cienciaviva.pt/scripts/ Frame 8EE0 45 KB
46 KB 199ms
198ms Script
application/javascript 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/scripts/custom.js
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: 541206a55e17b3870a85aa400c891da20fe65386016f3fbad8f83fadabad0caf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:43 GMT
last-modified: Thu, 02 Nov 2023 07:26:14 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "b577-609264d89e5d4"
content-length: 46455
content-type: application/javascript

GET
H2 200 bootstrap-grid.css
cienciaviva.pt/css/ Frame 8EE0 36 KB
36 KB 203ms
201ms Stylesheet
text/css 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/css/bootstrap-grid.css
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: 32e5db520e3f79e585115fd0d11e62ae32056cbe9a02c9c156f3b9a8b2b568f4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:41 GMT
last-modified: Thu, 02 Nov 2023 06:37:04 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "8e29-609259dac9dae"
content-length: 36393
content-type: text/css

GET
H2 200 icons.css
cienciaviva.pt/css/ Frame 8EE0 155 KB
156 KB 202ms
200ms Stylesheet
text/css 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/css/icons.css
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: 4085f2a94d23287288ca3ab1b8f6f90d5c4421175b91d2240b092bba909e5eb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:41 GMT
last-modified: Thu, 02 Nov 2023 06:37:04 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "26c71-609259daca966"
content-length: 158833
content-type: text/css

GET
H2 200 revolutionslider.css
cienciaviva.pt/css/plugins/ Frame 8EE0 36 KB
37 KB 203ms
201ms Stylesheet
text/css 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/css/plugins/revolutionslider.css
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: 395f7fef2cba2cabdb599b8e28a4e8683d32d585a1089804155c835d74157014

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:41 GMT
last-modified: Thu, 02 Nov 2023 06:37:04 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "9124-609259daca966"
content-length: 37156
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ Frame 8EE0 8 KB
750 B 43ms
42ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:300,400,500,600,700

Requested by

Host: cienciaviva.pt
URL: https://cienciaviva.pt/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc6fb52e9e93dce55fae9ed4a5eeeb5cda0a2ddd01aa6f50e524b7fc0123c0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 20:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 19:31:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 20:23:41 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8EE0 8 KB
818 B 46ms
45ms Stylesheet
text/css 2607:f8b0:4004:c17::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:500,600,700

Requested by

Host: cienciaviva.pt
URL: https://cienciaviva.pt/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

261424187844ab865e59dc368cc85e33af6a1fbb9d8773b4008918094641ad9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 20:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 20:23:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 20:23:41 GMT

GET
H2 200 world.svg
www.pavconhecimento.pt/img/ Frame 8EE0 6 KB
6 KB 155ms
155ms Image
image/svg+xml 193.137.20.159
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pavconhecimento.pt/img/world.svg
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.159 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS: webserver6.cienciaviva.pt
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1c mod_fcgid/2.3.9 /
Resource Hash: dddc758853b1bc11be81e6ef37071b1c5ea4ee620f7726631e17cfa7c0b15ffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:43 GMT
last-modified: Thu, 10 May 2018 10:09:54 GMT
server: Apache/2.4.37 (centos) OpenSSL/1.1.1c mod_fcgid/2.3.9
etag: "17fb-56bd73894f998"
content-type: image/svg+xml
access-control-allow-origin: http://www.encontrociencia.pt
accept-ranges: bytes
content-length: 6139

GET
H2 200 logo3.png
cienciaviva.pt/images/ Frame 8EE0 65 KB
65 KB 386ms
386ms Image
image/png 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cienciaviva.pt/images/logo3.png
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: 945dc807acf24da11cb36dc88c70c769ca28d808787fe18674cfe9eac45a3a3b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:43 GMT
last-modified: Thu, 02 Nov 2023 06:37:04 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "1029f-609259dae9d67"
content-length: 66207
content-type: image/png

GET
H2 200 fundo14-b.jpg
cienciaviva.pt/images/ Frame 8EE0 1 MB
1 MB 562ms
561ms Image
image/jpeg 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cienciaviva.pt/images/fundo14-b.jpg
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: 9ebfbc666a76a4e881bca072f9b7e36533512dd9bc8c7d65c7ad873473b4ea51

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cienciaviva.pt/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:43 GMT
last-modified: Thu, 02 Nov 2023 06:37:04 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "108e9e-609259dae0127"
content-length: 1085086
content-type: image/jpeg

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ Frame 8EE0 47 KB
48 KB 1022ms
35ms Font
font/woff2 2607:f8b0:4004:c19::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cienciaviva.pt
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:52:05 GMT
x-content-type-options: nosniff
age: 16299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 15:52:05 GMT

GET
H2 200 fontawesome-webfont.woff2
cienciaviva.pt/fonts/ Frame 8EE0 65 KB
65 KB 765ms
764ms Font
font/woff2 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/css/icons.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://cienciaviva.pt/css/icons.css
Origin: https://cienciaviva.pt
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:43 GMT
last-modified: Thu, 02 Nov 2023 06:37:04 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "10440-609259dacd45e"
content-length: 66624
content-type: font/woff2

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 8EE0 466 KB
188 KB 970ms
34ms Script
text/javascript 2607:f8b0:4004:c07::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cienciaviva.pt/
Origin: https://cienciaviva.pt
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191412
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 20:08:51 GMT

GET
H2 200 iconsmind.woff
cienciaviva.pt/fonts/ Frame 8EE0 927 KB
0 971ms
971ms Font
font/woff 193.137.20.178
RCCN Fundacao par...

General

Check archive.org

Show headers Download Go to

Full URL: https://cienciaviva.pt/fonts/iconsmind.woff?-rdmvgc
Requested by: Host: cienciaviva.pt
URL: https://cienciaviva.pt/css/icons.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 193.137.20.178 Amadora, Portugal, ASN1930 (RCCN Fundacao para a Ciencia e a Tecnologia, I.P., PT),
Reverse DNS
Software: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7 /
Resource Hash

Request headers

Referer: https://cienciaviva.pt/css/icons.css
Origin: https://cienciaviva.pt
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:44 GMT
last-modified: Thu, 02 Nov 2023 06:37:04 GMT
server: Apache/2.4.53 (Rocky Linux) OpenSSL/3.0.7
accept-ranges: bytes
etag: "11f78c-609259dadb6ef"
content-length: 1177484
content-type: font/woff

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 44BE 60 KB
34 KB 68ms
68ms Document
text/html 2607:f8b0:4004:c1d::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_xdEUAAAAAKLm_FVzJ37KK2fEz0nK6m22N3T3&co=aHR0cHM6Ly9jaWVuY2lhdml2YS5wdDo0NDM.&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&theme=light&size=normal&cb=axjj4w5u1hg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fe57e1b906490af6416ebaa9f79ad2e2a9f7707503261c954a4c81f4a8a5e20c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y_25LAZRmM5IxktFssTGQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cienciaviva.pt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Y_25LAZRmM5IxktFssTGQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 20:23:44 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 44BE 55 KB
24 KB 105ms
37ms Stylesheet
text/css 2607:f8b0:4004:c07::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_xdEUAAAAAKLm_FVzJ37KK2fEz0nK6m22N3T3&co=aHR0cHM6Ly9jaWVuY2lhdml2YS5wdDo0NDM.&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&theme=light&size=normal&cb=axjj4w5u1hg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 20:08:50 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 44BE 466 KB
187 KB 102ms
35ms Script
text/javascript 2607:f8b0:4004:c07::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191412
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 20:08:51 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 44BE 102 B
135 B 53ms
53ms Other
text/javascript 2607:f8b0:4004:c1d::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5f6707358cdb63bdc85124260711d17242baf09cdbae1395b8cb461bebe7793c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le_xdEUAAAAAKLm_FVzJ37KK2fEz0nK6m22N3T3&co=aHR0cHM6Ly9jaWVuY2lhdml2YS5wdDo0NDM.&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&theme=light&size=normal&cb=axjj4w5u1hg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 09 Nov 2023 20:23:45 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 065B 7 KB
1 KB 57ms
56ms Document
text/html 2607:f8b0:4004:c1d::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Le_xdEUAAAAAKLm_FVzJ37KK2fEz0nK6m22N3T3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

51064888272ba5a795dab01ef114c68b6e8ca65eb88004e6d64dab76c234501e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xqpJFdtOdZ4WG-3dUnNC0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cienciaviva.pt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xqpJFdtOdZ4WG-3dUnNC0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 20:23:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 065B 55 KB
24 KB 36ms
35ms Stylesheet
text/css 2607:f8b0:4004:c07::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Le_xdEUAAAAAKLm_FVzJ37KK2fEz0nK6m22N3T3

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 20:08:50 GMT

GET
H3 200 recaptcha__en.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 065B 35 KB
0 36ms
36ms Script
text/javascript 2607:f8b0:4004:c07::5e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Le_xdEUAAAAAKLm_FVzJ37KK2fEz0nK6m22N3T3

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::5e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 20:08:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191412
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Nov 2024 20:08:51 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript	warning	URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.2.1.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev/index.html Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://mytehranmusic.ru/.oce/css2.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
cienciaviva.pt
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
media4ventures.it
mytehranmusic.ru
pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev
stackpath.bootstrapcdn.com
t0.gstatic.com
t1.gstatic.com
www.google.com
www.gstatic.com
www.pavconhecimento.pt
103.153.183.146
193.137.20.159
193.137.20.178
2606:4700::6811:190e
2606:4700::6812:223
2606:4700::6812:acf
2606:4700::6812:bcf
2607:f8b0:4004:c06::6a
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c19::5e
2607:f8b0:4004:c1b::5f
2607:f8b0:4004:c1d::67
2a04:4e42::649
69.49.245.172
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
08596c1586365fd773ba00dda3dc6a798b2bddc75e886f0ec33f9365bd341090
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55
1f1961d76b621894ec3261101300423548ce53681fb62c15a2a05a8ac8a5604f
261424187844ab865e59dc368cc85e33af6a1fbb9d8773b4008918094641ad9f
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2d63eaf54029369b0d07841c114f8d787a6c51db598589ea7fe9be5bbad6184b
2eaba82c190976a4ebbee3f7b06981588a3a84a7345b69c4be8b1f2ca9aeced5
2fe895ccd96f92fc9649a1a2ff7fd8b44dc9ec1f0d9464c0e43b823b892e6094
32e5db520e3f79e585115fd0d11e62ae32056cbe9a02c9c156f3b9a8b2b568f4
395f7fef2cba2cabdb599b8e28a4e8683d32d585a1089804155c835d74157014
4085f2a94d23287288ca3ab1b8f6f90d5c4421175b91d2240b092bba909e5eb8
48a2d0e992570be3f7a2ed11a95d279d2d607e1e86329835daae45e8c0d6270a
51064888272ba5a795dab01ef114c68b6e8ca65eb88004e6d64dab76c234501e
51bc8c6c8875cf8bd8083ce2f87ea4e7d6f7bd2261d2e1bd571189760f66ae46
541206a55e17b3870a85aa400c891da20fe65386016f3fbad8f83fadabad0caf
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5f6707358cdb63bdc85124260711d17242baf09cdbae1395b8cb461bebe7793c
74cd5cfea9b65cb0532f326ab66d272c37c20175437fed537d26ae0176942182
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8f837d63b76db1ba961b2c2136da4233dfb80d6db32644468a32d40241ebf92b
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
945dc807acf24da11cb36dc88c70c769ca28d808787fe18674cfe9eac45a3a3b
9ebfbc666a76a4e881bca072f9b7e36533512dd9bc8c7d65c7ad873473b4ea51
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
ad5f1ca3a94cebd89d45b7cf6a963a535bf28144862cffa3a41a31540f7a409f
b1104862e775a47cc754ff7970c42116cb56edb5a29d35e622d6c22d27f1b559
d6379f5ebcf39d1d86a6c142653f098e28eac695ccae7a6919434f616f27a177
dddc758853b1bc11be81e6ef37071b1c5ea4ee620f7726631e17cfa7c0b15ffd
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e42ff12ff7d3e1dd17052f38f42b2b90abbf317e7ebbdd8d2dc253d7798ab2e4
e4b3f2745603de64e9d68f3b3049db44eb0c9b842d0d7e4dd7d2280e5414aef5
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
fc6fb52e9e93dce55fae9ed4a5eeeb5cda0a2ddd01aa6f50e524b7fc0123c0de
fe57e1b906490af6416ebaa9f79ad2e2a9f7707503261c954a4c81f4a8a5e20c
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev Open in urlscan Pro 2606:4700::6812:223 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

52 %HTTPS

73 %IPv6

11 Domains

16 Subdomains

15 IPs

2 Countries

2988 kBTransfer

5896 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pub-e5efc1be21724f20b7f14b954e9f69b5.r2.dev Open in urlscan Pro
2606:4700::6812:223 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

52 %
HTTPS

73 %
IPv6

11
Domains

16
Subdomains

15
IPs

2
Countries

2988 kB
Transfer

5896 kB
Size

0
Cookies

44 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!