realizesulnanceiras.pagedemo.co Open in urlscan Pro
2606:4700::6812:bb6  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response realizesulnanceiras.pagedemo.co/	103 KB 23 KB	239ms 150ms	Document text/html	2606:4700::6812:bb6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://realizesulnanceiras.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bb6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e05ca45cfe6631b84e8294b111c334c5461597dfb2cb077f5edab6966fbf2f4d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language fr-FR,fr;q=0.9 Response headers access-control-allow-origin * cf-cache-status DYNAMIC cf-ray 79bb4424bc483cc5-CDG content-encoding gzip content-type text/html; charset=utf-8 date Sun, 19 Feb 2023 01:35:30 GMT etag W/"19b58-LTD2Z0Ob/rClmjp4U+d7q8C/pbw" server cloudflare vary Accept-Encoding via 1.1 google
GET H2	200	utils.cd5b4894ab46ac49c25b.js Show response g.fastcdn.co/js/	48 KB 17 KB	91ms 21ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/utils.cd5b4894ab46ac49c25b.js Requested by Host: realizesulnanceiras.pagedemo.co URL: https://realizesulnanceiras.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash e75c0e70c08e4e0a7bffba6f38cf6ea271628025a000bd833d2756eba9641155 Request headers accept-language fr-FR,fr;q=0.9 Referer https://realizesulnanceiras.pagedemo.co/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 15 Feb 2023 09:15:56 GMT content-encoding gzip age 317974 x-guploader-uploadid ADPycdt5dCk-vmxyDG3v3_Hw2hPbdHB-7eUAyEj9bQvSPNsSZT2w-gVMIYD4LJipfUW8JJdhMLmjQx63cA9ieR9Tpa9O1A x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17098 last-modified Tue, 14 Feb 2023 11:33:01 GMT server UploadServer etag "cd15442cf5e42d22fa02ace9ca1d14e2" vary Accept-Encoding x-goog-generation 1676374381222490 x-goog-hash crc32c=eSmR5g==, md5=zRVELPXkLSL6Aqzpyh0U4g== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 17098 accept-ranges bytes expires Thu, 15 Feb 2024 09:15:56 GMT
GET H2	200	Cradle.c8a924beaefacc03f9bd.js Show response g.fastcdn.co/js/	69 KB 22 KB	94ms 25ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/Cradle.c8a924beaefacc03f9bd.js Requested by Host: realizesulnanceiras.pagedemo.co URL: https://realizesulnanceiras.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 29488b6f6eb7029352043262473dbf538ed8a3a3cf56366c7a28ad867201d6a9 Request headers accept-language fr-FR,fr;q=0.9 Referer https://realizesulnanceiras.pagedemo.co/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Wed, 15 Feb 2023 01:04:12 GMT content-encoding gzip age 347478 x-guploader-uploadid ADPycdtUVDpJRxWCB1o8QYltsF6ibCUYxj5veCjZjpKeNNt65lao-QIV9quyYxJ8zqcYGJN_tJrP1Jq2P-UTUo1oYyP3EQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22633 last-modified Tue, 14 Feb 2023 11:32:58 GMT server UploadServer etag "3652c7233d6cd62190c50535f6ea2b6a" vary Accept-Encoding x-goog-generation 1676374378454474 x-goog-hash crc32c=M7JJVQ==, md5=NlLHIz1s1iGQxQU19uorag== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 22633 accept-ranges bytes expires Thu, 15 Feb 2024 01:04:12 GMT
GET H2	200	LazyImage.90aa95d960c719e556c2.js Show response g.fastcdn.co/js/	52 KB 18 KB	114ms 46ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/LazyImage.90aa95d960c719e556c2.js Requested by Host: realizesulnanceiras.pagedemo.co URL: https://realizesulnanceiras.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 33d8530b93be01d17376edac4fba53707abdf445c0c4d14ee0e7a2675e85190b Request headers accept-language fr-FR,fr;q=0.9 Referer https://realizesulnanceiras.pagedemo.co/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 16 Feb 2023 19:03:21 GMT content-encoding gzip age 196329 x-guploader-uploadid ADPycduzpz4oB1ik-TufudXZlavkkPyWw3ZkZGAOhcmT_A3_-vlWhDF9nliOirLTtWFcjV5iJ40cpgI2zsi9cTNa5SGRRzmM-OpO x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18367 last-modified Tue, 14 Feb 2023 11:32:59 GMT server UploadServer etag "1c1dcf03f51d68d57a3f15a4484d2310" vary Accept-Encoding x-goog-generation 1676374379174566 x-goog-hash crc32c=jy3Uxg==, md5=HB3PA/UdaNV6PxWkSE0jEA== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 18367 accept-ranges bytes expires Fri, 16 Feb 2024 19:03:21 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	129 KB 50 KB	99ms 38ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-10895273649 Requested by Host: realizesulnanceiras.pagedemo.co URL: https://realizesulnanceiras.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8d873bc83e710249551098f6fcbbf6d0ad9b7c6ec040fd800524d8ef91c0aeff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://realizesulnanceiras.pagedemo.co/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sun, 19 Feb 2023 01:35:30 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50824 x-xss-protection 0 last-modified Sun, 19 Feb 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 19 Feb 2023 01:35:30 GMT
GET H2	200	63427118-0-mobil.jpg v.fastcdn.co/u/b264fbef/	35 KB 36 KB	339ms 281ms	Image image/jpeg	2606:4700::6812:8e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/b264fbef/63427118-0-mobil.jpg Requested by Host: realizesulnanceiras.pagedemo.co URL: https://realizesulnanceiras.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5da21454e8c17de9a5ba7d66e2dc4dfc5fd5f70b9cff6a2aebd1c9d805e191b6 Request headers accept-language fr-FR,fr;q=0.9 Referer https://realizesulnanceiras.pagedemo.co/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sun, 19 Feb 2023 01:35:30 GMT cf-cache-status MISS x-guploader-uploadid ADPycduBOf9wdTbWUC9Fwm5zXWi-lh2NBM-idz7MK_OAk36QuHSjmeg57rCI0Tr9cgL5rFHXFhwE4ePR8gnCzEfVWfbuySe1m8OW x-goog-meta-content-length 0 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Mon, 18 Mar 2024 04:05:28 GMT content-length 36026 last-modified Thu, 26 Jan 2023 12:05:28 GMT server cloudflare etag "9cdb1b31785a8210d21e2af43de4e3ae" vary Accept-Encoding x-goog-generation 1674734728205524 content-type image/jpeg x-goog-hash crc32c=MTqJ5w==, md5=nNsbMXhaghDSHir0PeTjrg== cache-control public, max-age=315360000 x-goog-stored-content-length 36026 accept-ranges bytes cf-ray 79bb44263b5422bd-CDG expires Wed, 16 Feb 2033 01:35:30 GMT
GET H2	200	5faecf7f1962aroboto.woff2 cdn.melhorplano.net/cms/2020/11/13/	15 KB 16 KB	1596ms 1537ms	Font font/woff2	2606:4700:10::6816:375b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.melhorplano.net/cms/2020/11/13/5faecf7f1962aroboto.woff2 Requested by Host: realizesulnanceiras.pagedemo.co URL: https://realizesulnanceiras.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:375b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3 Request headers Referer https://realizesulnanceiras.pagedemo.co/ Origin https://realizesulnanceiras.pagedemo.co accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sun, 19 Feb 2023 01:35:31 GMT via 1.1 69288c687b19fefbb271f533b15b6b92.cloudfront.net (CloudFront) cf-cache-status MISS x-amz-cf-pop BOM78-P5 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15736 last-modified Mon, 07 Nov 2022 19:59:18 GMT server cloudflare etag "479970ffb74f2117317f9d24d9e317fe" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type font/woff2 access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin cache-control max-age=31536000 vary Accept-Encoding accept-ranges bytes cf-ray 79bb442638843ce3-CDG x-amz-cf-id unnQKL7AsKMCT9AnMN7CVFl_uSE8u5FbUuwuwYSKksSH49s2wjNjBw==
GET H2	200	5fff2bc46c9d6roboto-medium.woff2 cdn.melhorplano.net/cms/2021/01/13/	16 KB 16 KB	85ms 26ms	Font application/octet-stream	2606:4700:10::6816:375b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.melhorplano.net/cms/2021/01/13/5fff2bc46c9d6roboto-medium.woff2 Requested by Host: realizesulnanceiras.pagedemo.co URL: https://realizesulnanceiras.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:375b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf Request headers Referer https://realizesulnanceiras.pagedemo.co/ Origin https://realizesulnanceiras.pagedemo.co accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sun, 19 Feb 2023 01:35:30 GMT via 1.1 fcad480c2a8351d8cd68e3adc43dff3e.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop CDG50-C2 age 278 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15872 last-modified Mon, 07 Nov 2022 19:59:44 GMT server cloudflare etag "020c97dc8e0463259c2f9df929bb0c69" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/octet-stream access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin cache-control max-age=31536000 vary Accept-Encoding accept-ranges bytes cf-ray 79bb442638853ce3-CDG x-amz-cf-id dpO3x9yo38KsthhPRkrPihRVLlkiapLd0VedhLaQi34N4fvM1cWSXg==
GET H2	200	5faecf7f46468roboto-bold.woff2 cdn.melhorplano.net/cms/2020/11/13/	15 KB 16 KB	544ms 485ms	Font font/woff2	2606:4700:10::6816:375b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.melhorplano.net/cms/2020/11/13/5faecf7f46468roboto-bold.woff2 Requested by Host: realizesulnanceiras.pagedemo.co URL: https://realizesulnanceiras.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:375b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae Request headers Referer https://realizesulnanceiras.pagedemo.co/ Origin https://realizesulnanceiras.pagedemo.co accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sun, 19 Feb 2023 01:35:30 GMT via 1.1 d04998a67c7a3fb6819bd5fdd0bbe124.cloudfront.net (CloudFront) cf-cache-status MISS x-amz-cf-pop BRU50-C1 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15816 last-modified Mon, 07 Nov 2022 19:59:18 GMT server cloudflare etag "2735a3a69b509faf3577afd25bdf552e" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type font/woff2 access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin cache-control max-age=31536000 vary Accept-Encoding accept-ranges bytes cf-ray 79bb442638863ce3-CDG x-amz-cf-id fkMe1GUiC0DCMyWDd5s6G3s2aWIhvkClmexboQZoroZtu0a9v7pyJA==
GET H2	200	it.js Show response cdn.instapagemetrics.com/t/js/3/	54 KB 19 KB	76ms 19ms	Script application/javascript	34.120.27.38 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cdn.instapagemetrics.com/t/js/3/it.js Requested by Host: realizesulnanceiras.pagedemo.co URL: https://realizesulnanceiras.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.27.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 38.27.120.34.bc.googleusercontent.com Software UploadServer / Resource Hash 853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29 Request headers accept-language fr-FR,fr;q=0.9 Referer https://realizesulnanceiras.pagedemo.co/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 13 Feb 2023 11:26:49 GMT content-encoding gzip age 482921 x-guploader-uploadid ADPycduqmQqpVd1eDpC3YeABSDZ8Idd0LIkC9-s6QDsAxBsRmOBh8Am8xvvL0XiQpR-d_Be5Iglpx0plK2x1tpEsQqUtTkTB1I-I x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip x-goog-meta-tracker-version 3 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18709 last-modified Tue, 28 Sep 2021 11:50:58 GMT server UploadServer etag "84d2ba50a82d2c43fac196cf9ce05f68" x-goog-generation 1632829858360680 x-goog-hash crc32c=9jCvxw==, md5=hNK6UKgtLEP6wZbPnOBfaA== content-type application/javascript cache-control no-transform x-goog-stored-content-length 18709 accept-ranges bytes expires Tue, 13 Feb 2024 11:26:49 GMT
GET H2	200	sptw.e0d3d3700fa08797ac40.js Show response g.fastcdn.co/js/	61 KB 20 KB	124ms 59ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/sptw.e0d3d3700fa08797ac40.js Requested by Host: realizesulnanceiras.pagedemo.co URL: https://realizesulnanceiras.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 5423ae379066f5f2fc49615503ebf44976ffbea83e26c907f77dc34ffd193f5b Request headers accept-language fr-FR,fr;q=0.9 Referer https://realizesulnanceiras.pagedemo.co/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Tue, 07 Feb 2023 11:10:52 GMT content-encoding gzip age 1002278 x-guploader-uploadid ADPycdsaaO9IdFhZ32fy0BvBhwI-DMRU_f_rcVDVs1rieyj_DhGG5aJ8KGO5Hir--BF1gfxFjhAe3s4JQTlAtcS3auV8fw x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20466 last-modified Tue, 07 Feb 2023 09:33:59 GMT server UploadServer etag "cc583c4bb5191b6069ae4c99c5839f23" vary Accept-Encoding x-goog-generation 1675762439385999 x-goog-hash crc32c=op73fg==, md5=zFg8S7UZG2BprkyZxYOfIw== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 20466 accept-ranges bytes expires Wed, 07 Feb 2024 11:10:52 GMT
GET H2	200	cm.js Show response g.fastcdn.co/js/	51 KB 18 KB	116ms 52ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/cm.js Requested by Host: realizesulnanceiras.pagedemo.co URL: https://realizesulnanceiras.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb Request headers accept-language fr-FR,fr;q=0.9 Referer https://realizesulnanceiras.pagedemo.co/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 16 Feb 2023 18:38:29 GMT content-encoding gzip age 197821 x-guploader-uploadid ADPycduBgAnAi2zy6oriT3aUs8Kj2mVxcbzmkyRAewrYuWhZKYkgfC7Y64fB4CdDlljg2xmTUhSGPi7tz6bVOuoikPoyww x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17906 last-modified Thu, 30 Jun 2022 02:12:17 GMT server UploadServer etag "8e466d98fa1f746c74b1b409d20a0cf3" vary Accept-Encoding x-goog-generation 1656555137097208 x-goog-hash crc32c=ZpZBfw==, md5=jkZtmPofdGx0sbQJ0goM8w== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 17906 accept-ranges bytes expires Fri, 16 Feb 2024 18:38:29 GMT
GET H2	200	63445779-0-meio1---Copia.jpg v.fastcdn.co/u/b264fbef/	44 KB 45 KB	390ms 333ms	Image image/jpeg	2606:4700::6812:8e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/b264fbef/63445779-0-meio1---Copia.jpg Requested by Host: realizesulnanceiras.pagedemo.co URL: https://realizesulnanceiras.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a53a3747d8f13f22d60dad7fca923ff55fa8ce4fa2ff72b85cfa40ea20a5b083 Request headers accept-language fr-FR,fr;q=0.9 Referer https://realizesulnanceiras.pagedemo.co/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sun, 19 Feb 2023 01:35:30 GMT cf-cache-status MISS x-guploader-uploadid ADPycdu-UWBj-bpkebNw-EhLg1GZIgORvcN_pE3SiE2p7qEXQuiRYTVBZgL_rBebgCaU9_yAiUlX4is78noU8ZHKEQFdvQ x-goog-meta-content-length 0 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Fri, 22 Mar 2024 04:32:13 GMT content-length 45277 last-modified Mon, 30 Jan 2023 12:32:13 GMT server cloudflare etag "6b4fcd09753bed3d060975cf269262b3" vary Accept-Encoding x-goog-generation 1675081933756437 content-type image/jpeg x-goog-hash crc32c=nwji7Q==, md5=a0/NCXU77T0GCXXPJpJisw== cache-control public, max-age=315360000 x-goog-stored-content-length 45277 accept-ranges bytes cf-ray 79bb44263b5722bd-CDG expires Wed, 16 Feb 2033 01:35:30 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/10895273649/	2 KB 1 KB	132ms 71ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10895273649/?random=1676770530372&cv=11&fst=1676770530372&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frealizesulnanceiras.pagedemo.co%2F&tiba=Meu%20Cart%C3%A3o%20Rener&auid=1072660069.1676770530&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10895273649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 534e185dda44a58e3c97f6c26ae6a069255bf3b436e50e5e3f4631d105d2e43e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://realizesulnanceiras.pagedemo.co/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Sun, 19 Feb 2023 01:35:30 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 894 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/10895273649/	42 B 455 B	109ms 38ms	Image image/gif	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/10895273649/?random=1676770530372&cv=11&fst=1676768400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Frealizesulnanceiras.pagedemo.co%2F&tiba=Meu%20Cart%C3%A3o%20Rener&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2840712357&rmt_tld=0&ipr=y Requested by Host: realizesulnanceiras.pagedemo.co URL: https://realizesulnanceiras.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://realizesulnanceiras.pagedemo.co/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Sun, 19 Feb 2023 01:35:30 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.fr/pagead/1p-user-list/10895273649/	42 B 455 B	424ms 64ms	Image image/gif	2a00:1450:400d:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.fr/pagead/1p-user-list/10895273649/?random=1676770530372&cv=11&fst=1676768400000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Frealizesulnanceiras.pagedemo.co%2F&tiba=Meu%20Cart%C3%A3o%20Rener&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2840712357&rmt_tld=1&ipr=y Requested by Host: realizesulnanceiras.pagedemo.co URL: https://realizesulnanceiras.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fr-FR,fr;q=0.9 Referer https://realizesulnanceiras.pagedemo.co/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers pragma no-cache date Sun, 19 Feb 2023 01:35:30 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	two ec.instapagemetrics.com/t/	0 0	431ms 123ms	Preflight	34.71.95.65 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ec.instapagemetrics.com/t/two Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.71.95.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 65.95.71.34.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://realizesulnanceiras.pagedemo.co Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, SP-Anonymous access-control-allow-origin https://realizesulnanceiras.pagedemo.co access-control-max-age 5 content-length 0 date Sun, 19 Feb 2023 01:35:32 GMT referrer-policy same-origin strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff x-frame-options sameorigin
POST H2	200	two Show response ec.instapagemetrics.com/t/	2 B 334 B	365ms 122ms	XHR text/plain	34.71.95.65 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ec.instapagemetrics.com/t/two Requested by Host: cdn.instapagemetrics.com URL: https://cdn.instapagemetrics.com/t/js/3/it.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.71.95.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 65.95.71.34.bc.googleusercontent.com Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Referer https://realizesulnanceiras.pagedemo.co/ accept-language fr-FR,fr;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Content-Type application/json; charset=UTF-8 Response headers date Sun, 19 Feb 2023 01:35:32 GMT strict-transport-security max-age=15724800; includeSubDomains referrer-policy same-origin x-content-type-options nosniff x-frame-options sameorigin content-type text/plain; charset=UTF-8 access-control-allow-origin https://realizesulnanceiras.pagedemo.co p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" access-control-allow-credentials true content-length 2

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| __variantsData number| __page_id number| __customer_id number| __default_experience_id number| __version string| __variant number| __variant_id string| __variant_custom_name boolean| __preview number| __page_type string| __variant_hash string| __page_domain boolean| __page_generator object| __experiment_id object| _Translate object| trackingData object| GlobalSnowplowNamespace function| instapageSp function| _instapageSnowplow function| _instapageConsentManagement function| gtag object| dataLayer function| createAdScriptaadac231 function| assignUtil function| removeNullOrUndefinedPropertiesUtil function| lazyScriptBrowser function| createAdScript object| __eventBus number| timeout object| __config number| __workspaceWidth object| __session boolean| __cradleReady object| __featuresReady object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| _snowplowTrackerWrapper

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pagedemo.co/	1970-01-20 11:55:46	Name: _gcl_au Value: 1.1.1072660069.1676770530
			.doubleclick.net/	1970-01-20 09:46:11	Name: test_cookie Value: CheckForPermission
			realizesulnanceiras.pagedemo.co/	1970-01-20 09:46:12	Name: instap-spses.a67a Value: *
			realizesulnanceiras.pagedemo.co/	1970-01-20 19:22:10	Name: instap-spid.a67a Value: 1d350b31-fded-44ee-9780-6ac27b55b23b.1676770532.1.1676770532.1676770532.046112ca-b824-45b7-9e77-ec8bf557ce00

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.instapagemetrics.com
cdn.melhorplano.net
ec.instapagemetrics.com
g.fastcdn.co
googleads.g.doubleclick.net
realizesulnanceiras.pagedemo.co
v.fastcdn.co
www.google.com
www.google.fr
www.googletagmanager.com
2606:4700:10::6816:375b
2606:4700::6812:8e3
2606:4700::6812:bb6
2a00:1450:4001:801::2004
2a00:1450:4001:810::2008
2a00:1450:4001:827::2002
2a00:1450:400d:80e::2003
34.120.27.38
34.71.95.65
35.244.137.202
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29488b6f6eb7029352043262473dbf538ed8a3a3cf56366c7a28ad867201d6a9
33d8530b93be01d17376edac4fba53707abdf445c0c4d14ee0e7a2675e85190b
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
534e185dda44a58e3c97f6c26ae6a069255bf3b436e50e5e3f4631d105d2e43e
5423ae379066f5f2fc49615503ebf44976ffbea83e26c907f77dc34ffd193f5b
5da21454e8c17de9a5ba7d66e2dc4dfc5fd5f70b9cff6a2aebd1c9d805e191b6
853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29
8d873bc83e710249551098f6fcbbf6d0ad9b7c6ec040fd800524d8ef91c0aeff
a53a3747d8f13f22d60dad7fca923ff55fa8ce4fa2ff72b85cfa40ea20a5b083
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb
e05ca45cfe6631b84e8294b111c334c5461597dfb2cb077f5edab6966fbf2f4d
e75c0e70c08e4e0a7bffba6f38cf6ea271628025a000bd833d2756eba9641155
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629